We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X


This Product is Going End-of-Life and End-Of-Support

End-Of-Sales: As of December 1st, 2018, all new sales for Barracuda NextGen Firewall X Series products have ceased. Only renewals of software and hardware subscriptions for a maximum of one year are available for a limited time up to an expiration date of 30th November 2020.

End-Of-Life and End-Of-Support on December 1st 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires, or until Dec 1st, 2020, whichever occurs first. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

Troubleshooting Site-to-Site VPNs

  • Last updated on

If your site-to-site VPN is not working correctly, try the solutions that are listed in this article.

  • Ensure that the Internet connection for both systems is active. 
  • To verify that the VPN tunnel was initiated successfully and traffic is flowing, go to the VPN > Site-to-Site VPN page. Verify that green check marks are displayed in the Status column of the VPN tunnel.
  • Double-check the VPN configuration for both systems (Lifetime, Enycrption, Hash-Method, DH-Group, Local and Remote Networks, Local and Remote Address, and Passphrase). Go to the VPN > Site-to-Site VPN page and verify the tunnel settings. The configurations of the peers must match or the tunnel cannot be established. 
  • Go to the LOGS > VPN Log page. Search the log for any failures and errors. Often, the problem is caused by Phase 1 and Phase 2 issues. 
  • From a client in the local network, ping a host in the remote network. If no host is available, try to ping the management IP address of the remote NextGen X-Series Firewall. If that does not succeed, go to the NETWORK > IP Configuration page on the remote X-Series Firewall and ensure that Services to Allow: Ping is enabled for the management IP address.
  • View the the BASIC > Recent Connections page to verify that the correct firewall rule matches the traffic.
  • Using the tracert and traceroute command-line utilities, determine where traffic is being sent. You can begin a traceroute from the Network Connectivity Tests section on the ADVANCED > Troubleshooting page. If traffic is being sent to the remote network but you are not getting a reply, verify that the gateway of the remote network is the IP address of the remote X-Series Firewall.
Last updated on