1 Reply Latest reply: Jan 14, 2013 10:21 AM by mtuma RSS

    Trunk - transparent mode

    mcoy

      Hi,

       

      I’m trying to set up MFE in transparent mode on trunk.

       

      VLANS - > switch -> (TRUNK) -> McAfee Firewall Enterprise (bridge0) ->(TRUNK) Router - > Internet

       

      Trunk:

      VLAN 10

      VLAN 20

      VLAN 30

       

      VLAN 10 networks:10.0.10.0/24 and 10.0.11.0/24

      VLAN 20 networks:10.0.20.0/24 and 10.0.21.0/24

      VLAN 30 networks:10.0.30.0/24 and 10.0.31.0/24

       

      I created one bride interface: bridge0 on interfaces eth 0-2, eth 0-3.

      I created 7 zones:

      zone_10_in –zone_10_out

      zone_20_in –zone_20_out

      zone_30_in –zone_30_out

      mgmt – zone

       

      I create 7 interfaces:

      Mgmt-int (in zone mgmt)

      Int-10-in (in zone_10_in) – VLAN 10

      Int-10-out (in zone_10_out) – VLAN10

      .

      .

      Int-30-out(inzone_30_out) – VLAN30

       

      Default Gateway is setup for interface mgmt.

       

      On the bridge interfaceI added IP Address from each VLAN.

       

      I prepared policybased on networks and zones:

       

      From 10.0.10.0/24 inzone_10_in to ANY in zone_10_out ……

       

      Unfortunately in doesn’tnot work, as it should. What I’m doing wrong???

       

      Best Regards,

      mcoy

        • 1. Re: Trunk - transparent mode
          mtuma

          Hello,

           

          Unfortunately I don't think what you are trying to accomplish is going to work.

           

          Unfortunately the bridge interface only allow you to protect one subnet. If you want to add more than one then you would need to use hybrid mode. The 8.3.0 Product Guide has some good information and diagrams to explain the options/modes.

           

          -Matt