After configuring a VPN tunnel between two Barracuda NG Firewalls, you must create a Pass access rule on both systems to allow traffic between them.
Create an Access Rules allowing traffic in to and out of the VPN tunnels
- CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules .
- Click Lock.
- From the Edit Rule menu in the left menu, click New.
- In the New Rule window, configure the settings to allow traffic between both systems:
- Select Pass as the action.
- In the Name field, enter a name for the rule.
- In the Source section, specify the local network address.
- From the Service list, select All.
- In the Destination section, specify the network address for the VPN partner.
- From the Connection Method list, select No Src NAT (Client).
- Select the Bi-Directional check box to apply the rule to both locations.
- Click OK.
- Reorder the access rule by dragging it to the correct position in the forward firewalls rule set. Make sure no access rule placed above it will match the traffic for the site-to-site access rule.
- Click Send Changes and Activate.
Make sure that you also create the access rule on the VPN partner system to allow traffic from both networks through the VPN tunnel.