We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Attention

Barracuda CloudGen Firewall version 8.0 is a cloud-only version. It is currently not available for on-premises deployments and can only be deployed in Microsoft Azure, Amazon Web Services, or Google Cloud Platform public clouds.

Fully Transparent Tunnel Setup

  • Last updated on

The simplest site-to-site TINA VPN tunnel setup is a transparent connection of two networks with different address ranges. This setup should not be noticeable by the connected networksThe following figure illustrates a fully transparent VPN tunnel. This article provides example settings for creating a site-to-site TINA VPN tunnel for this environment. The article does not cover the routing configuration between both VPN servers. Unless overlapping addresses are used, the VPN tunnels do not interfere with the routing configuration.

  trans_tn.png

VPN Server 1 Settings

Tab Setting Value Comment
Basic Transport

UDP&TCP (or whatever is needed)

-

Encryption

AES (or whatever is needed)

May be unencrypted for intranet connections only aiming at routing assistance.

Advanced Tunnel Timeout 
  • For intranet: 10
  • For Internet-like connections: 30
-
Local Networks Call Direction Active or Passive 

Converse to the partner’s configuration.

Network Address

10.0.20.0/24

-
Local IP Address or Interface Used for Tunnel Address Dynamic (via routing)

Only one IP address is assumed on the outside interface.

Remote Networks

Remote Network

10.0.21.0/24 -
Remote Remote Peer IP Addresses

192.168.3.101

-

VPN Server 2 Settings

Tab Setting Value Comment
Basic Transport

UDP&TCP (or whatever is needed)

-

Encryption

Same value as on the local side

May be unencrypted for intranet connections only aiming at routing assistance.

Advanced Tunnel Timeout 
  • For intranet: 10
  • For Internet-like connections: 30
-
Local Networks Call Direction Active or Passive

Converse to the partner’s configuration.

Network Address

10.0.21.0/24

-
Local IP Address or Interface Used for Tunnel Address Dynamic (via routing)

Only one IP address is assumed on the outside interface.

Remote Networks

Remote Network

10.0.20.0/24 -
Remote Remote Peer IP Addresses

192.168.3.1

-

Access Rules

You must create Pass access rules on both systems to allow traffic between the local and partner networks.

Last updated on