It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda CloudGen Firewall
Overview Documentation Training Certification Materials

Barracuda Campus is getting an upgrade!

We are excited to announce that Barracuda Campus will migrate to a new platform around mid-January 2026. Please see the announcement on the Campus Dashboard to find out more.

IPsec Settings

  • Last updated on

Navigate to the following window on path CONFIGURATION > Configuration Tree > your box > Assigned Services > VPN Service > VPN Settings > IPsec.

vpn_settings_ipsec.png

SettingValue(s)
*= default		Description
Use IPsec dynamic IPs

Selected

Unselected*

Select the checkbox if the service is connected to the Internet via a dynamic link (dynamic IP address). The server IP address is not yet known at configuration time and IKE then listens to all local IP addresses.
IKEv1
SettingValue(s)
*=default		Description
Timeout30The maximum period to wait until the request for IPsec tunnel connection establishment must be approved by the remote peer.
Tunnel check interval [s]30The interval between queries for a valid exchange that is assignable to an IPsec tunnel.
Dead Peer Detection Interval [s]5

Tunnels can be configured to be Active or Passive. An active tunnel is capable of establishing a connection while a passive tunnel is waiting for a connection request.

This parameter sets the interval between keep-alive checks on the remote peer.

IKEv1 Log ClassALL*The debug log class of IKEv2. Do not select a log class different than ALL if the log is not required for solving issues.
IKEv1 Log Level0*The debug log level of IKE. The debug log may be very “noisy.” Do not select a log level greater than 0 if the log is not required for solving an issue.
Pre-shared key (PSK)-Holds the pre-shared IKE key.
IKEv2
SettingValue(s)
*=default		Description
Start IKEv2

Selected*

Deselected

If selected, IKEv2 will be used.

If deselected, IKEv2 will be disabled and some additional memory will be saved.

IKEv2 Make Before Break

Selected

Deselected

Selecting this option creates a duplicate of the IKE and all IPsec SAs, and the deletes the old ones. This setting requires that both peers can handle overlapping SAs.
IKEv2 Log ClassAll*The debug log class of IKEv2. Do not select a log class different than ALL if the log is not required for solving issues.
IKEv2 Log Level0The debug log level of IKEv2. Do not select a log level greater than 0 if the log is not required for solving an issue.
IKEv2 Suppress Network Change Events

Selected

Deselected*

This is an advanced setting. If selected, network interface/address/route changes which may cause an automatic reconnect of the VPN tunnel will be ignored. This parameter becomes active after a restart of the IKEv2 daemon. Restart the VPN service or execute ipsec restart in a shell.