We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Email Security Gateway

Why is my Barracuda Firewall having connectivity issues to Amazon AWS through site-to-site VPN?

  • Type: Knowledgebase
  • Date changed: 2 years ago
Solution #00007307

Scope: 
All Barracuda Firewalls running site-to-site VPN to Amazon AWS

Answer: 
You may find that your site-to-site VPN tunnel to Amazon AWS is passing traffic slowly or dropping packets even if the tunnel itself is up and stable. If this is the case, there are a few things you may want to check on the Barracuda and on the AWS side:

If you have multiple networks behind the Barracuda using the same VPN tunnel, it is recommended to separate those into individual tunnels to AWS as it sometimes causes multiple phase 2 attempts, resulting in severe latency. For example, lets say you have two internal networks behind your Barracuda (192.168.1.0/24 and 172.16.1.0/24). Instead of creating one VPN tunnel with both of those networks in the "local networks" field, make two different tunnels for each network. If you want to have multiple networks on one tunnel, you will need to add those networks on the static routes table under the AWS VPN connections page (VPC Management Console>VPN Connections->Static Routes).

Check the firewall rule on the Barracuda side to see how many networks are referenced in the source column. If you have multiple networks behind the Barracuda using the same VPN tunnel, it is recommended to create a separate rule for each network.

Link To This Page: