I've tried to enable L2 site-to-site bridging with Astaro Gateway products using the (un)documented hint given in https://community.sophos.com/products/unified-threat-management/astaroorg/f/51/t/20969, and at least from the look of things that seems to be fine (until it comes to functionality, but about that later).
Basically, what I'm getting is a reds1-device on the server-side of things, which I can connect to a bridge with the internal interface of the server; the corresponding configuration of the server (looking at the commandline with brctl show or ip link show) seems to be fine and up).
On the client side of things (which I'm setting up using the red-file that's delivered by the server for the ASG-location), the configuration frontend sets up a new device called redc1, which I can also bridge using the frontend to the internal network of the client site, but here is where the fun starts: the frontend seems to have "created" the corresponding device as a tunnel endpoint using the specified red-configuration, but the device is logically never created in the system itself. Looking at "ip link show" or "brctl show" does not show any evidence of the redc1-device existing, and when grepping through the debugging logs of the administrative system, I can see that the frontend is giving commands for binding/setting up redc1, but all those commands error out due to the device missing from the system.
Is there anything you need to do to have the client software available on the "client"-end of the RED bridge, so that the device can be created (and be used)? Or, is this setup simply not supported _at all_, and the hint by Tom Kistner misleading? Missing L2-bridging completely from the security-gateway interface would be a big hit for the project I'm currently trying to build with this (which requires transparent ethernet-bridging due to Windows broadcast-discovery settings).
The firmware revision I'm currently deploying on both ends is 8.002. Thanks for any hint!
This thread was automatically locked due to age.