Routing and Bridge Interfaces

Security Gateways with a Bridge interface can support Layer 3 routing over non-bridged interfaces.

If you configure a Bridge interface with an IP address on a Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. (not on ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. Members), the Bridge interface functions as a regular Layer 3 interface.

The Bridge interface participates in IP routing decisions on the Security Gateway and supports Layer 3 routing.

  • Cluster deployments do not support this configuration.

  • You cannot configure the Bridge interface to be the nexthop gateway for a route.

  • A Security Gateway can support multiple Bridge interfaces, but only one Bridge interface can have an IP address.

  • A Security Gateway cannot filter or transmit packets that it inspected before on a Bridge interface (to avoid double-inspection).