Routing and Bridge Interfaces

Security Gateways with a Bridge interface can support Layer 3 routing over non-bridged interfaces. If you configure a Bridge interface with an IP address on a Security Gateway (not on Cluster Members), the Bridge interface functions as a regular Layer 3 interface. It participates in IP routing decisions on the Security Gateway and supports Layer 3 routing.

• Cluster deployments do not support this configuration.
• You cannot configure the Bridge interface to be the nexthop gateway for a route.
• A Security Gateway can support multiple Bridge interfaces, but only one Bridge interface can have an IP address.
• A Security Gateway cannot filter or transmit packets that it inspected before on a Bridge interface (to avoid double-inspection).