Two internal interfaces bridge with same dhcp and subnet

In interfaces Edit "Internal Network".
Under "Type" Dropdown to Ethernet Bridge. Than "Bridge selected NICs" check the desired NIC's. And you should get a picture like the attachment.
No further configuration is needed 

Hi

Thank for the reply, but i have done this already, but i do not get any network connection from the third nic.

To form a bridge, both NICs need to be unused.   To deal with the loss of connectivity during the transition, I also needed to create a management access port, for a total of three new ports.  Do you really have a BR0 or BR1 interface created, one that looks like the picture?   You never mentioned creating any unused interfaces, so I wonder if it ever happened.   

After the bridge is created, it defaults to only forwarding IPv4 packets.  You need to use the "Advanced Bridge" section of the interface properties window to specify the Etherypes that are forwarded.   Do a Google search for "Ethertype List" and follow the links for IANA.ORG.  You probably want to add at least ARP and Reverse ARP.   This is the second possible explanation for your symptoms.   You did not specify the exact traffic that was failing.

I don't know that UTM implements Spanning Tree Protocol.   I would not recommend using a wiring configuration that makes STP necessary.

There may be an issue with UTM providing DHCP services for both sides of a bridge.   This is based on my recollection of an earlier discussion in this forum, not based on experience.  Search the forum to investigate.

I think it is a HyperV  misconfiguration. What I see he is trying to do the bridge in Wan designed interface (if im not wrong)

Consider implementing VLAN

I tried to add additionl entries to Ethertype List, but it didnt help.

To form a bridge, both NICs need to be unused.   To deal with the loss of connectivity during the transition, I also needed to create a management access port, for a total of three new ports.  Do you really have a BR0 or BR1 interface created, one that looks like the picture?   You never mentioned creating any unused interfaces, so I wonder if it ever happened.  

Could You point me to any guide for this, as previous post by a user told, that there should not be any other configuration needed.

I think it is a HyperV  misconfiguration. What I see he is trying to do the bridge in Wan designed interface (if im not wrong)

Consider implementing VLAN

And how is this a misconfiguration? I am trying to bridge two lan interfaces, one is virtual switch for VM´s, but the second one would be physical network connection to a switch, to extend the same lan.

I even tried for the third nic (LAN2) to change Hyper-V virtual switch setting from External to Private and added it to a virtual machine on the same Hyper-V host.

Same problem, no network connection for the VM.

Now lets get things right. How you reach the UTM from PC with physical Lan or virtual switch. Can you write a schema topology?

I have three virtual switches on the Hyper-V host:

1) WAN - External network Hyper-V virtual switch, using dedicated physical nic and not sharing with the management op.system

2) LAN - Internal netowrk Hyper-V virtual switch

3) LAN2 - External Hyper-V virtual switch, dedicated physical nic - right now testing as a private switch setting with another vm, using the same switch.

I can reach UTM from the Hyper-V host, because it has the same lan connection from Internal virtual switch. Also i can access UTM from some VM on the same virtual switch - the second LAN.

LAN and LAN2 are bridged in UTM.

I am not sure, that if this is possible, but i would like the same virtual Sophos UTM to provide internet connection and DHCP for some physical devices, like PC, printer and so.

I thought maybe adding third lan interface as External network hyper-v swithc, with a additonal nic provide the connection to other physical devices.

Maybe by mistake you configured IP on virtual interfaces? I am newbie to virtual switches. As you can see from my picture I can extend network with USB Ethernet, so it is not the fault of UTM

There are only two good places to position UTM:

1. As your network firewall
2. Immediately behind an existing firewall

If you use option 2, bridge mode can be a good solution.   UTM is not optimized to be a switch and you don't want it in the middle of internal traffic.   Its role is to filter traffic heading for the internet.

The VMWare configuration is mostly irrelevant.  UTMs interfaces are already virtualized.

If you built UTM on a VM with three NICs, it will boot up in this configuration:

• Hardware device ETH0 configured as UTM interface A0.  I will assume it is your internet connection.
• Hardware device ETH1 configured as UTM interface A1.  I will assume it is your internal connection, address 192.168.1.100/24, router 192.168.1.1
• Hardware device ETH2 configured as UTM interface A2.  I will assume it is not working.

To create bridge BR0 using ETH1 and ETH2, you need to delete objects A1 and A2.   This will probably render your UTM inaccessible, so another approach is needed. 

Instead:

Before starting, make sure that none of your objects are locked on an interface.   Also, ensure that your routing rules are based on target IP addresses, not target interfaces.   This insures that when the interface changes, the device behavior is still what you need..

Add a hardware device ETH3, configure it as A3 with an address such as 10.*.*.* or 172.16.*.*.   

In VMWare, connect ETH3 to a virtual switch shared with at least one other machine, so that you can browse to UTM using the new address.   One option would be to use an address on your ISCSI network, if your manager and company policy allows.   Other options are of course possible.   This new interface is what  you will use to configure the bridge, so that you do not lose connectivity in the middle of the process.

Shut down UTM.  Create hardware NICS, which should appear in UTM as ETH4 and ETH5.   They don' t have to be connected to anything useful at first.

Boot UTM.  Create bridge interface BR0 using ETH4 and ETH5.

Remove the IP address from A1 and assign it to BR0 instead.  If you have additional interface addresses configured on A1 or A2, move them to BR0 as well.

Shutdown UTM.   Reconfigure VMWare so that ETH4 and ETH5 connect to the appropriate VMWare resources.   Change ETH1, ETH2, and ETH3 to be inactive.   I don't think you want to delete any NICs because the ETHn device numbering might change.

Reboot and you have a working bridge.

Adjust the allowed Ethertypes, as I discussed previously.

Is this what you did?