I’m trying to set up MFE in transparent mode on trunk.
VLANS - > switch -> (TRUNK) -> McAfee Firewall Enterprise (bridge0) ->(TRUNK) Router - > Internet
VLAN 10 networks:10.0.10.0/24 and 10.0.11.0/24
VLAN 20 networks:10.0.20.0/24 and 10.0.21.0/24
VLAN 30 networks:10.0.30.0/24 and 10.0.31.0/24
I created one bride interface: bridge0 on interfaces eth 0-2, eth 0-3.
I created 7 zones:
mgmt – zone
I create 7 interfaces:
Mgmt-int (in zone mgmt)
Int-10-in (in zone_10_in) – VLAN 10
Int-10-out (in zone_10_out) – VLAN10
Int-30-out(inzone_30_out) – VLAN30
Default Gateway is setup for interface mgmt.
On the bridge interfaceI added IP Address from each VLAN.
I prepared policybased on networks and zones:
From 10.0.10.0/24 inzone_10_in to ANY in zone_10_out ……
Unfortunately in doesn’tnot work, as it should. What I’m doing wrong???
Unfortunately I don't think what you are trying to accomplish is going to work.
Unfortunately the bridge interface only allow you to protect one subnet. If you want to add more than one then you would need to use hybrid mode. The 8.3.0 Product Guide has some good information and diagrams to explain the options/modes.