Sophos Firewall, when deployed in Bridge Mode, can work as a layer 2 (transparent bridge) or layer 3 bridge.
The Sophos Firewall as a Layer 2 Bridge, allows features like deep-packet inspection, the Intrusion Prevention System, Malware Scanning, and Email Content Scanning without changing any configuration or IP Schema of the network. When you want to add security without changing any configurations, Sophos Firewall can be deployed in Bridge Mode. Sophos Firewall, when configured as a Layer 3 Bridge, allows you to harness all its security features while also routing.
In Bridge Mode, the LAN and WAN interfaces are joined together, so that all traffic passes transparently to the upstream router. To deploy Sophos Firewall in Bridge Mode, refer to Sophos Firewall: How to deploy in bridge mode.
In Mixed Mode, Sophos Firewall acts as a gateway for one network segment, and can be simultaneously bridged to an existing firewall/router for other network segments.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Firewall
Enable routing on this bridge pair allows the Sophos Firewall to route traffic going across the bridge based on its routing table.
Note: HA is supported in Bridge interface when you configure Bridge from GUI interface page. However, if you run the wizard on Bridge mode after configuring HA, HA will be disabled.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.