Scenario no. 2: Multiple ports on the LAN/in interface were used on the SN210(W) firewall

Option 1: Connect a network switch to the SN-S-Series firewall

This option does not require any changes to be made to the configuration. It consists of connecting a network switch (not provided by Stormshield) to port 2 (LAN/in interface) on the SN-S-Series firewall and then connecting users to this switch:

Option 2: Adapt the configuration of the SN-S-Series firewall

If you choose not to connect a switch to port 2 (LAN/in interface) on the SN-S-Series firewall, you will need to change the configuration on the firewall by creating a bridge that groups all necessary ports on the SN-S-Series firewall, and by transferring the cable connections of ports on the SN210(W) firewall to ports on the new SN-S-Series firewall bridge.

IMPORTANT
If ports 2 to 7 (LAN/in interface) were used on the SN210(W) firewall, and you wish to include ports 2 to 7 on the SN-S-Series firewall in this new bridge, the configuration on port 3 (DMZ/dmz1) of the SN210(W) firewall has to be transferred to port 8 (dmz6) on the SN-S-Series firewall before this bridge is created.

EXAMPLE

Cable for port 2 (LAN/in interface) on the SN210(W) firewall to port 2 (LAN/in interface) on the SN-S-Series firewall,
Cable for port 3 (LAN/in interface) on the SN210(W) firewall to port 3 (dmz1 interface) on the SN-S-Series firewall,
Cable for port 4 (LAN/in interface) on the SN210(W) firewall to port 4 (dmz2 interface) on the SN-S-Series firewall.

For more information on creating bridges, refer to the section Bridge interface in the SNS v4 user guide.

NOTE
The firewall behavior with this bridge will be similar to the configuration on the SN210(W) firewall, but not identical. Even with a pass all policy, traffic that passes through the bridge will be filtered and inspected. Traffic from a host placed on a port on the bridge to another host on another port on the bridge will be inspected by the intrusion prevention engine in this case.

If a Wi-Fi interface was configured on the SN210(W) firewall

Configure a Wi-Fi access point (not provided by Stormshield) in the same way that the Wi-Fi interface was configured on the SN210(W) firewall and connect it to:

The network switch that was connected to port 2 (LAN/in interface) if Option 1: Connect a network switch to the SN-S-Series firewall is chosen.
Example:

One of the free ports on the SN-S-Series firewall (port 3/dmz1, port 4/dmz2, port 5/dmz3, port 6/dmz4, port 7/dmz5 or port 8/dmz6) if Option 2: Adapt the configuration of the SN-S-Series firewall is chosen.
Example:

One of the free ports on the SN-S-Series firewall (port 3/dmz1, port 4/dmz2, port 5/dmz3, port 6/dmz4, port 7/dmz5 or port 8/dmz6) if Option 2: Adapt the configuration of the SN-S-Series firewall is chosen.
Example:

NOTE
Regardless of the option chosen, on the SN-S-Series firewall, you need to check/adapt the filter policy relating to traffic from the access point that passes through the firewall, in order to apply the address range of the access point and the interface to which the access point is connected.