You want to enable transparent mode.
Move two interfaces into a Layer 2 (L2) zone, and all other interfaces into the
unset interface e0/0 ip set interface e0/0 zone v1-trust unset interface e0/1 ip set interface e0/1 zone v1-untrust
Configure a management address on the virtual
set interface vlan1 ip 192.168.1.100/24 set route 0.0.0.0/0 interface vlan1 gateway 192.168.1.254
Then, configure a policy:
set policy from v1-untrust to v1-trust any any http permit
You enable transparent mode by putting interfaces into L2 zones. There are two pre-defined L2 zones:
V1-Untrust. Do not confuse those with the L3 (Layer 3) zones
Untrust when you create policies in the WebUI or CLI. Note that the NetScreen Security Manager (NSM) does not differentiate between L2 zones and L3 zones, so policy bases can be shared between devices in transparent and route modes.
Both zones will be in the same VLAN, with the firewall acting like a bridge. To enable transparent mode, attach L2 zones to interfaces. Do not forget to unset any IP addressing. Move all other interfaces into the
null zone. Before you move the interfaces to the L2 zones, the firewall is in Network Address Translation (NAT) or route mode (by factory default, some firewall models are already in transparent mode):
get system | include ^SystemSystem in NAT/route mode. FIREWALL->
unset interface e0/0 ipFIREWALL-> ...