We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Create a Custom Connection Object

  • Last updated on

Connection objects are used to rewrite the source IP address of a connection. You can select the policy by which the translated source IP address is determined. Depending on the selected policy you can enable port address translation, and/or create proxyARPs for the translated IP address.

Create a Custom Connection Object without Failover or Load Balancing

The source IP address of the packet is determined by the Translated Source IP policy. Depending on the policy, you can also configure Proxy ARPs for source IP address that are not on your local network, and disable port rewriting.

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules  
  2. In the left menu, click Connections.
  3. Right-click the table and select New Connection. The Edit/Create a Connection Object window opens.  
  4. Enter a Name.  
  5. (optional) Enter a Description and select a Color Label 
  6. (optional) Enter the connection Timeout in seconds. Increase this value for slow connections, decrease it for faster failover times. Default: 30 seconds
  7. From the Translated Source IP list, select how the source address should be determined for your connection:
    • Original Source IP
    • Dynamic NAT
    • First Virtual Server IP
    • Second Virtual Server IP
    • Network Interface
      • Interface Name – Enter the dynamic network interface. For static interface, use Explicit IP instead.
      • Use Same Port – Select the check box to leave the port unchanged.
    • Single IP Network Object 
      • Network Object – Select the network object from the Network Object list.
      • Create Proxy ARP – Select Create Proxy ARP for the firewall to answer ARP requests for the translated IP address.
      • Use Same Port – Select the check box to leave the port unchanged.
    • Explicit IP

      • Explicit IP – Enter the IP address. All source IP addresses are translated to this IP address.
      • Create Proxy ARP – Select Create Proxy ARP for the firewall to answer ARP requests for the translated IP address.
      • Use Same Port – Select the check box to leave the port unchanged.
    • Explicit Network Mapping

      • Map to Network – Enter the network the source IP address will be mapped to. The source and translated networks must be the same size. Otherwise, the larger source network will be wrapped into the smaller translated network.
      • Netmask – Select the netmask from the list.
      • Create Proxy ARP – Select Create Proxy ARP for the firewall to answer ARP requests for the translated IP address.
    conn_obj_01.png
  8. Click OK.
  9. (optional) To edit the VPN Traffic Intelligence and Dynamic Mesh settings, click Edit/Show. For more information, see Traffic Intelligence and Dynamic Mesh VPN Networks.
    conn_obj_02.png
  10. Click OK. 
  11. Click Send Changes and Activate.

Next Steps

Use this custom connection object as the Connection Method in your Pass, Dst NAT or Broad Multicast access rules. For more information, see Access Rules.

Last updated on