Chapter 6 Network

IP addresses, respectively. The LAN security zone is in one broadcast domain while the DMZ and WAN zones are in another.

Figure 6–2: X Family Transparent DMZ - NAT/Routed LAN Deployment Mode

Bridge — In this mode, the device acts as a bridge to transparently connect security zones assigned to the same virtual interface. You do not have to configure IP routes to bridge traffic. When in bridge mode, the device learns MAC addresses on ports, and forwards traffic within the transparent virtual interface by destination MAC address to the appropriate port. If the address is unknown, the device forwards the packet to all ports. The device does not forward spanning tree packets. It still operates normally as a router and VPN terminator

Full routed/NAT — In this mode, all security zones have unique IP addresses and addresses going to the WAN zone may be NAT’ed. Each security zone is in a separate broadcast domain.

Figure 6–3: X Family Full Routed/NAT Deployment Mode

For more detailed information and examples of deployment modes, refer to the Concepts Guide.

Network Port Configuration

Use the Network Port Configuration page to configure and manage the ports on the device. From this page you can complete the following tasks:

Edit port configuration

Restart a port

Disable a port

TIP You can view the current status and port configuration from the Port Health page (Events > Health > Port Health).

132 X Family LSM User’s Guide V 2.5.1