It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure an Access Rule for a Client-to-Site VPN

  • Last updated on

To connect your routed client-to-site VPN to your network, you must add a forwarding access rule to direct traffic between the tunnel, the remote network, and the home network.

Before You Begin

Before creating your forwarding access rules, you need the following information:

  • The published VPN network(s)
  • The VPN client network(s)

Step 1. Create a Network Object for the Published VPN Networks

Create a custom network object for the published VPN networks. If more networks are added to published VPN networks, update the network object to reflect these changes.

  • Include Entries – For each published VPN network, enter the IP address and click + to add it to the list.

For more information, see Network Objects.

Step 2. Create a Redirect to Service Access Rule

Create a Redirect to Service access rule to redirect incoming VPN connections on the dynamic interface to the VPN server listening on the local IP address.

  1. Go to FIREWALL > Access Rules.
  2. Click Add Access Rule. The Add Access Rule window opens.
  3. Enter a Name for the rule. E.g., DynamicIP-2-VPN
  4. Specify the following settings:
    • Action – Select Redirect to Service.
    • Source – The source addresses of the traffic. E.g., Any.
    • Redirect to Service Details – Select the VPN network object.
    • Destination – Select the network object corresponding to your Internet connection type (DHCP, 3G, or DSL).
      c2sIPsec04_67.png
  5. Click Save.
  6. Move the access rule above the BLOCKALL rule so it is the first access rule to match incoming VPN traffic.
  7. Click Save.