If your virtual appliance is running on a VMware hypervisor, you must place the virtual network adapter for the Barracuda SSL VPN Vx in promiscuous mode so that Barracuda Network Connector can detect all frames that are passed on the virtual switch. If you have more than one physical NIC connected to the vSwitch attached to the Barracuda SSL VPN Vx, you must also reconfigure the vSwitch to use only 1 NIC.
Promiscuous mode on a vSwitch
Place the virtual network adapter for the Barracuda SSL VPN Vx in promiscuous mode so that it can detect all frames that are passed on the virtual switch.
If you have already set up a Barracuda SSL VPN Vx system but did not enable promiscuous mode, you may encounter issues in which the network connectivity seems intermittent. Experience suggests that the virtual interface does not receive all of the packets that it should. As a result, Barracuda Networks recommends that you configure a port group to allow promiscuous mode.
- Log into the vSphere client, and select the ESX host.
- Click the Configuration tab.
- From the Hardware menu in the left pane, select Networking.
- On the summary page for the virtual switch, click the Properties link.
In the properties window that opens, you can modify the vSwitch configuration by port group. Virtual port groups are listed under the Ports tab. Physical network interface cards in the server are listed under the Network Adapters tab. To see a summary of a port group's settings, click its name. In the figure below, you can see that Promiscuous Mode is set to Reject (off). - Add a port group.
- Under the Ports tab, click Add.
- Select Virtual Machine, and click Next.
- Enter a Network Label.
- Click Finish.
- Set the port group to promiscuous mode.
- Select your new port group, and click Edit.
- Click the Security tab.
- From the Promiscuous Mode list, select Accept.
- Click OK, and then click Close.
- Select your new port group, and click Edit.
- Set your VM client to the new port group.
- Right-click the Barracuda SSL VPN virtual machine, and select Edit Settings.
- In the left pane, click Network Adapter 1.
- In the Network Connection section, select the port group that you just created and click OK.
VMware ESXi NIC teaming
To avoid network connectivity issues when using Network Connector, you must have only a single physical NIC configured in the VMware vSwitch for the SSL VPN. If you have more than one physical NIC attached to the vSwitch, you must remove them, even if they are in standby mode or load balanced. Once you have reconfigured the vSwitch to use only 1 NIC, you will be able to reconnect using Network Connector and ping your internal devices.