Bypass mode operation | FortiBridge operating principles |
Bypass mode operation
When the FortiBridge unit operates in bypass mode, the FortiBridge INT 1 and EXT 1 interfaces are directly connected. All traffic between the internal and external network segments flows, whether or not the FortiGate unit is operating normally.
Because the INT 1 and EXT 1 interfaces are directly connected, you cannot use Telnet or SSH to connect to the FortiBridge CLI. Instead you must use a console connection.
The FortiBridge unit remains in bypass mode even if the FortiGate unit recovers. To restore the FortiGate unit, you must manually switch the FortiBridge unit back to normal mode. You can switch the FortiBridge unit to normal mode by pressing the mode switch on the FortiBridge front panel or by using a console connection to the CLI and entering the command execute
Figure 6: FortiBridge unit operating in bypass mode
(Bypass mode)
Internal network |
|
|
INT 1 | EXT 1 | Internet |
INT 2 | EXT 2 | Router |
Internal | External |
|
(Transparent mode)
When the FortiBridge unit is operating in bypass mode you can still connect to the FortiBridge CLI and manage the FortiBridge unit (for example to switch the FortiBridge unit to normal mode). When the FortiBridge unit operates in bypass mode, you cannot connect to the FortiGate interfaces that are connected to the FortiBridge unit.
FortiBridge power failure
If a power failure occurs and the FortiBridge unit loses power, zero power fail open technology causes FortiBridge unit to fail open. The FortiBridge unit bypasses the FortiGate unit and all traffic passes between the FortiBridge INT 1 and EXT 1 interfaces. If power is restored to the FortiBridge unit, it starts up in bypass mode and then switches to normal mode when its start up sequence is complete, reconnecting the FortiGate unit to the network.
Note: The
14 | FortiBridge Version 3.0 Administration Guide |
