We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

Erroneous encryption of VPN packets with enabled VIA PadLock Security Engine

  • Type: Knowledgebase
  • Date changed: 5 months ago
Solution #00005320 
 

Scope:
This solution replies to:
- netfence firmware versions 4.2.7, 4.2.8, 4.2.9, 4.2.10,

 
Symptoms:
phion netfence gateways or phion management centers are not able to terminate/decrypt TINA VPN tunnels of peer partners with enabled VIA Padlock encryption acceleration.

 

VPN tunnels with an erroneous encryption are usually recognizable by the following entries within the VPN Access Cache:
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  

 

Solution:
Some phion legacy appliances, equipped with VIA x86 CPUs, generate erroneous encrypted VPN packets which therefore can not be decrypted by its peer partner.

 

Disable the usage of  VIA PadLock Security Engine by disabling Padlock encryption-acceleration at the affected gateway.

Browse to in the configuration to "Config" > "Box > "Infrastructure Services" > "General Firewall Configuration" > "Operational" and set the option"Disable VIA PadLock" acceleration to "Yes"



Link to This Page:
https://campus.barracuda.com/solution/50160000000IKbpAAG