We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure Direct Attached Routes

  • Last updated on

Direct attached routes are routing entries for network that can be reached from an interface of the Barracuda NextGen Firewall F-Series without having to use a next hop gateway. 

Direct attached routes can also be introduced via Additional IP addresses on the box level. These IP addresses are not synced to the HA partner and remain active when a failover occurs. Use Additional IP addresses for remote access and direct attaches routes in all other cases.

Routing_Basic_direct_attached-01.png

Before You Begin

Connect the network to a port of the Barracuda NextGen Firewall F-Series. Do not use the management port.

Step 1. Configure a Direct Route

Add a route for the direct attached network.

  1. Go to CONFIGURATION > Configuration Tree > Box > Network.
  2. In the left menu, click Routing.
  3. Click Lock.
  4. In the IPv4 Routing Table section, click + to add a route:
    • Name –  Enter a Name.
    • Target Network Address – Enter the network in CIDR format. E.g., 62.99.0.0/24
    • Route Type – Select direct attached network.
    • Interface Name – Select the interface used to connect to the network. E..g, eth1
    • Trust Level –  Select the trust level. Your network will automatically be connected to the corresponding network objects. Use Untrusted for WAN connections, Trusted for LAN connections.
    • (optional) Advertise Route – To propagate this network route via the OSPF/RIP/BGP service, select Yes. For more information, see Dynamic Routing Protocols (OSPF/RIP/BGP)
  5. Click OK.
  6. Click Send Changes and Activate.

Step 2. Activate the Network Configuration

After you have configured the network route, you must activate your new network configuration.

  1. Go to CONTROL > Box.
  2. In the left menu, expand Network and click Activate new network configuration.
  3. Select Failsafe The Network Activation Succeeded message is displayed after your new network configurations have been successfully activated.

The direct attached route is now displayed as pending on the CONTROL > Network page. To make the route active, you must use one of the IP addresses in the network as a virtual server IP address (default) or as an additional IP address (remote units).

Next Steps

You must use at least one IP address from the network as a virtual server IP address. If you are using a high availability setup, these virtual server IP addresses will be transferred to the secondary NextGen Firewall F-Series in case of a failure.

Last updated on