It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see for further information on our EoS policy.

How to Add a Direct Attached Route

  • Last updated on
Direct attached routes are routing entries for network that can be reached from an interface of the Barracuda NG Firewall without having to use a next hop gateway. 


In this article:

Before you Begin

Connect the network to a port of the Barracuda NG Firewall. Do not use the management port.

Step 1. Configure a Direct Route

Add a route for the direct attached network.

  1. Open the Network page (Config Full Config > Box).
  2. In the left menu, click Routing.
  3. Click Lock.
  4. In the Routes table, click + to add a route:
    • Name –  Enter a name.
    • Target Network Address – Enter the network in CIDR format. E.g.,
    • Route Type – Select direct attached network.
    • Interface Name – Select the interface you used to connect to the network. E..g, eth1
    • Trust Level –  Select the trust level. Your network will automatically be connected to the corresponding network objects. Use Untrusted for WAN connections, Trusted for LAN connections.
    • (optional) Advertise Route – To propagate this network route via the OSPF/RIP/BGP service, select Yes. For more information, see Dynamic Routing Protocols (OSPF/RIP/BGP)
  5. Click OK.
  6. Click Send Changes and Activate.

Step 2. Activate the Network Configuration

After you have configured the network route, you must activate your new network configuration.

  1. Go to the Control > Box page.
  2. In the left menu, expand Network and click Activate new network configuration.
  3. Select Soft. The Soft Activation Succeeded message is displayed after your new network configurations have been successfully activated.

The direct attached route is now displayed as pending on the CONTROL > Network page. To make the route active, you must use one of the IP addresses in the network as a virtual server IP address (default) or as an additional IP address (remote units).

Next Steps

  • Default: You must use at least one IP address from the network as a virtual server IP address. If you are using a high availability setup, these virtual server IP addresses will be transferred to the secondary NG Firewall in case of a failure.
  • In case of remote access: If you are using the Barracuda NG Firewall via remote management tunnel, add the IP address to the Additional IP addresses (Config > Full Config > Network). IP addresses assigned on box level are not synced to the HA partner. When using the IP address on box level, the route will remain active even if the virtual server is running on the other NG Firewall in the HA cluster.
Last updated on