It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Cloud-to-Cloud Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

Site Security Scanner

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Barracuda NextGen Firewall X

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Cloud-to-Cloud Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

Site Security Scanner

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Login Sign Up Contact & Support

United States – English (GMT-5)

Back to Knowledgebase

Why is my dynamically assigned local ISP not working for the IPsec site to site VPN tunnel?

Type: Knowledgebase
Date changed: 3 years ago

Solution #00006954

Scope:

NG Firewall, Firmware 5.4.X

Answer:

If you configure a Site to Site IPsec tunnel, using a local dynamic interface (DSL, DHCP), the service will not bind to those IPs, unless you do the following.

Tech library suggest the following:

?Local IKE Gateway

The IP address of the local IKE gateway. If you are using dynamic IP addresses, enter 0.0.0.0/0.?

0.0.0.0/0 is incorrect since NG-admin will not allow you to enter ?/0? ? the entry should just be ?0.0.0.0?

Also, in order to get this to work, you need to enable the ?Use IPSec dynamic IPs? options located in the ?VPN Server Settings?:

Open the VPN Settings page (Config > Full Config > Box > Virtual Servers > your virtual server > Assigned Services > VPN-Service > VPN Settings).
Click the ?Click here for Server Settings?? blue hyper link.
Click the Advanced tab
In the ?IKE Parameters?, change the ?Use IPSec dynamic IPs? option to ?Yes?
Click ?OK? Send changes and Activate.

Additional Information:

After making the change you should be able to confirm the change by running the following command:

# netstat -tulpen grep ike

Also, in the firewall Live or History tab, you will see connection on port 500

Link To This Page:

https://www.barracudanetworks.com/kb?id=5016000000146w6

Additional Resources

More

Print Share Page