We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information

It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

United States – English (GMT-5)

Email Security Gateway

Forensics & Incident Response

Sentinel

Message Archiver

Cloud Archiving Service

ArchiveOne

PST Enterprise

Total Email Protection

Essentials

PhishLine

CloudGen Firewall

Firewall Insights

NextGen Firewall X

SSL VPN

Network Access Client

Web Security Gateway

Web Security Agent

Web Application Firewall

WAF Control Center

WAF-as-a-Service

Vulnerability Manager

Vulnerability Remediation Service

Active DDoS Prevention

Load Balancer ADC

Load Balancer

Cloud Security Guardian

Reporting Server

Content Shield

Backup

Cloud-to-Cloud Backup

Server Backup

Managed Workplace

ECHOplatform

Intronis Backup

Link Balancer

Phone System

Cloud Control

Control Server

Reference / FAQ

TechSummit 2018

TechSummit 2019

Barracuda Reference / FAQ

Overview Documentation

Email Security Gateway

Forensics & Incident Response

Sentinel

Message Archiver

Cloud Archiving Service

ArchiveOne

PST Enterprise

Total Email Protection

Essentials

PhishLine

CloudGen Firewall

Firewall Insights

NextGen Firewall X

SSL VPN

Network Access Client

Web Security Gateway

Web Security Agent

Web Application Firewall

WAF Control Center

WAF-as-a-Service

Vulnerability Manager

Vulnerability Remediation Service

Active DDoS Prevention

Load Balancer ADC

Load Balancer

Cloud Security Guardian

Reporting Server

Content Shield

Backup

Cloud-to-Cloud Backup

Server Backup

Managed Workplace

ECHOplatform

Intronis Backup

Link Balancer

Phone System

Cloud Control

Control Server

Reference / FAQ

TechSummit 2018

TechSummit 2019

United States – English (GMT-5)

Back to Knowledgebase

What rule does a customer need to place on their firewall to have a PC connected via SITE TO SITE VPN and to enable the ability to use the MGMT VIP to connect my boxes?

Type: Knowledgebase
Date changed: one year ago

Solution #00007230

Scope:

Answer:

The entry point into the VIP network is the Control Center server IP. So if your ng admin client is on the other side of a site-to-site tunnel, then you must advertise the VIP network in the site-to-site tunnel configuration, and then the firewall that is in the same location as the control center needs to have a static route that says the VIP network is reachable by using the CC server ip address as the gateway. Then you also most likely need a firewall rule on the CC box that source NAT the traffic to its own IP

Link To This Page:

https://www.barracuda.com/kb?id=50160000000uJiy