SonicOS 7.1 System
- SonicOS 7.1
- About SonicOS
- Interfaces
- About Interfaces
- Interface Settings IPv4
- Adding Virtual Interfaces
- Configuring Routed Mode
- Enabling Bandwidth Management on an Interface
- Configuring Interfaces in Transparent IP Mode (Splice L3 Subnet)
- Configuring Wireless Interfaces
- Configuring WAN Interfaces
- Configuring Tunnel Interfaces
- Configuring VPN Tunnel Interfaces
- Configuring Link Aggregation and Port Redundancy
- Configuring One Arm Mode
- Configuring an IPS Sniffer Mode Appliance
- Configuring Security Services (Unified Threat Management)
- Configuring Wire and Tap Mode
- Layer 2 Bridged Mode
- Key Features of SonicOS Layer 2 Bridged Mode
- Key Concepts to Configuring L2 Bridged Mode and Transparent Mode
- Comparing L2 Bridged Mode to Transparent Mode
- Comparison of L2 Bridged Mode to Transparent Mode
- Benefits of Transparent Mode over L2 Bridged Mode
- ARP in Transparent Mode
- VLAN Support in Transparent Mode
- Multiple Subnets in Transparent Mode
- Non-IPv4 Traffic in Transparent Mode
- ARP in L2 Bridged Mode
- VLAN Support in L2 Bridged Mode
- L2 Bridge IP Packet Path
- Multiple Subnets in L2 Bridged Mode
- Non-IPv4 Traffic in L2 Bridged Mode
- L2 Bridge Path Determination
- L2 Bridge Interface Zone Selection
- Sample Topologies
- Configuring Network Interfaces and Activating L2B Mode
- Configuring Layer 2 Bridged Mode
- Asymmetric Routing
- Configuring Interfaces for IPv6
- 31-Bit Network Settings
- PPPoE Unnumbered Interface Support
- Failover & LB
- Neighbor Discovery
- ARP
- MAC IP Anti-Spoof
- Web Proxy
- PortShield Groups
- SonicOS Support of X-Series Switches
- About the X-Series Solution
- Performance Requirements
- Key Features Supported with X-Series Switches
- PortShield Functionality and X-Series Switches
- PoE/PoE+ and SFP/SFP+ Support
- X-Series Solution and SonicPoints
- Managing Extended Switches using GMS
- Extended Switch Global Parameters
- About Links
- Logging and Syslog Support
- Supported Topologies
- Port Graphics
- Port Configuration
- External Switch Configuration
- External Switch Diagnostics
- Configuring PortShield Groups
- SonicOS Support of X-Series Switches
- PoE Settings
- VLAN Translation
- IP Helper
- Dynamic Routing
- DHCP Server
- Configuring a DHCP Server
- Configuring Advanced Options
- Configuring DHCP Option Objects
- Configuring DHCP Option Groups
- Configuring a Trusted DHCP Relay Agent Address Group (IPv4 Only)
- Enabling Trusted DHCP Relay Agents
- Configuring IPv4 DHCP Servers for Dynamic Ranges
- Configuring IPv6 DHCP Servers for Dynamic Ranges
- Configuring IPv4 DHCP Static Ranges
- Configuring IPv6 DHCP Static Ranges
- Configuring DHCP Generic Options for DHCP Lease Scopes
- DHCP and IPv6
- Multicast
- Network Monitor
- AWS Configuration
- SonicWall Support
Perimeter Security
Perimeter Security is a network scenario where the appliance is added to the perimeter to provide security services (the network might or might not have an existing appliance between the appliance and the router). In this scenario, everything below the appliance (the Primary Bridge Interface segment) is generally considered as having a lower level of trust than everything to the left of the appliance (the Secondary Bridge Interface segment). For that reason, it would be appropriate to use X1 (Primary WAN) as the Primary Bridge Interface.
Traffic from hosts connected to the Secondary Bridge Interface (LAN) would be permitted outbound through the firewall to their gateways (VLAN interfaces on the L3 switch and then through the router), while traffic from the Primary Bridge Interface (WAN) would, by default, not be permitted inbound.
If there are public servers, for example, a mail and Web server, on the Secondary Bridge Interface (LAN) segment, an Access Rule allowing WAN > LAN traffic for the appropriate IP addresses and services could be added to allow inbound traffic to those servers.
Was This Article Helpful?
Help us to improve our support portal