USG firewall work in transparent mode cannot do network management

Publication Date:  2012-11-09 Views:  387 Downloads:  0
Issue Description
USG firewall use transparent mode access network, set up two VLAN, one is used for business; the other is used for network management.
Phenomenon:
USG firewall can't do network management, firewall’s network management interface can’t ping pass.
Alarm Information
None.
Handling Process
Modify the firewall work mode to hybrid mode, set the management port to the third layer port, so that can avoid the redundant second link in network causes the situation that the business port or management port was blocked.
Root Cause
Network cable, link and configuration all have no problem, because the redundant second link in the network is more, suspect may be spanning tree blocked the network interface which is used for management.
After input “display STP bri”, found the spanning tree state of the VLAN port which is used for management is BLOCKING.
Suggestions
When implement the USG firewall, if use the transparent mode access network, it needs to bring the network management. Can consider to use hybrid mode, so that avoid the spanning tree causes the situation that the business port or management in port was blocked.

END