Using Bridge Mode With the VPN Device
Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450 Installation Guide
3-11
IP Bridge Mode
IP Bridge Mode
IP Bridge Mode
IP Bridge Mode
Address
Address
Address
Address
Assignment
Assignment
Assignment
Assignment
In IP bridge mode, all physical interfaces on the VPN device are
assigned the same IP address. Use the
bridge
command when
you assign an address to a VPN device that operates in bridge
mode. To assign IP address 10.1.1.1 mask 255.255.255.0 from the
command line, use the following format:
hostname: NORMAL# config
hostname [config]: NORMAL# bridge 10.1.1.1
255.255.255.0
hostname [config]: NORMAL# end
hostname: NORMAL# write
Configuring IP
Configuring IP
Configuring IP
Configuring IP
Bridge Mode
Bridge Mode
Bridge Mode
Bridge Mode
To configure IP bridge mode from VPN Manager, in the
Configure Device window for the VPN device, on the Interfaces
tab, select Bridge Mode in the Interface drop-down menu, and
select the Enable Bridging Mode check box. Bridge mode
command overrides the
interface
command.
To disable bridge mode from VPN Manager, in the Configure
Devices window for the VPN device, on the Interfaces tab, clear
the Enable Bridging Mode check box. The VPN device reverts to
router mode, using the IP addresses assigned in the interface
commands.
Note:
Note:
Note:
Note: Using the
interface
command to assign the same
address to more than one physical interface on a VPN device
causes severe network congestion on your network.
ARP Request
ARP Request
ARP Request
ARP Request
Handling
Handling
Handling
Handling
When a VPN device picks up an ARP request packet on one of its
interfaces, it handles the request in one of several ways,
depending on the mode of operation.
As a router, the VPN device ARP responds under the following
conditions:
1.
The ARP request is for an address that has been assigned to
an interface on the VPN device.
2.
The ARP request is for an address that has been assigned to
a remote user tunnel as a client IP.
In router mode, the VPN device does not retransmit broadcast
traffic from one interface to another interface.