Bridge - Quantum CHECK POINT SPARK 1500 Series Administration Manual

n Unassigned - The physical interface is not part of any network and cannot be used.
One of the existing configured
n
Separate network
n
IP address
l
Subnet mask
l
DHCP Server settings
l
Select one of the options:
Enabled - Enter the IP address range and if necessary the IP address exclude range. The
appliance's own IP address is automatically excluded from this range. You can also exclude or
reserve specific IP addresses by defining network objects in the
Objects page. Reserving specific IP addresses requires the MAC address of the device.
Relay - Enter the DHCP server IP address.
Disabled
Note - When you create a switch, you cannot remove the first interface inside unless you delete the switch.
The 'Advanced' tab
The options that are shown vary based on interface type and status. Configure the options that are
applicable:
Description - Enter an optional description. The description is shown in the local network table next to
n
the name.
MTU size - Configure the Maximum Transmission Unit size for an interface. Note that in the Quantum
n
Spark Appliance, the value is global for all physical LAN and DMZ ports.
Disable auto negotiation
n
Override default MAC address
n
wireless networks. Use this option to override the default MAC address of the network's interface:
When the device has two separate local networks connected to the same external switch.
l
If the ISP is searching for the gateway MAC address to accept the connection. If you upgrade
l
your new gateway, the ISP may block it because the new gateway has a different MAC
address. In this case, you can override the gateway MAC address with the old one.
Best Practice - This is a rare configuration. Do not select this option unless you are sure you need it.
Exclude from DNS proxy
n
internal domains. In guest VAPs (wireless network for guests), this is selected by default.
The 'Access Policy' tab (only for DMZ)
These options create automatic rules that are shown in the
Allow access from this network to local networks
n
Log traffic from this network to local networks
n

Bridge

To create/edit a bridge, configure the fields in the tabs:
Quantum Spark 1500, 1600 and 1800 Appliance Series R80.20.40 Locally Managed Administration Guide | 81
switches or
- When selecting a separate network configure this information:
- Select this option to configure manually the link speed of the interface.
– This option is for local networks except those on VLANs and
– Select this checkbox for any network that you do not want exposed to
bridges
Access Policy
Configuring the Local Network
Users & Objects > Network
> Firewall Policy page.