The Barracuda SecureEdge Connector establishes a secure VPN connection between the service and a resource that cannot be reached via routing. Registration of the SecureEdge Connector is token based. Barracuda SecureEdge Manager allows you to generate a registration token for the Connector. With this registration token, you can configure the Connector service on a Linux client.
Step 1. Create a SecureEdge Connector
Go to https://se.barracudanetworks.com and log in with your existing Barracuda Cloud Control account.
- Select the workspace your Connector should be assigned to.
- In the left menu, click the Infrastructure icon, and select Connectors.
- The Connector page opens. All enrolled Connectors deployed in the selected workspace are displayed. Click Add.
- The Add Connector window opens. Specify values for the following:
- Name – Enter a unique name for your Connector.
- Description – Enter a brief description.
- Edge Service – Select the edge service you wish to connect to from the drop-down list.
- Click Next, and specify values for the following:
- Servers – Enter the names of the servers. To add a server, click +. To remove a server, click on the trash can icon .
- Hostname – Enter your unique hostname.
- Internal IP – Enter the internal IP address.
- Click Next.
- The Summary page opens. Review your settings and click Save.
The Connector status is now displayed. - Verify the status of the Connector and follow the instructions in the configuration window.
- You can download and install the required connector for Windows and Linux. Click Finish.
- After the configuration is completed, your Connector is created. On the Connector page, you will see a new Connector has been enrolled.
- On the Connector page, click the icon with the three vertical dots.
- You have three options:
- Generate Registration token – To generate new registration token for the Connector, select Generate Registration token.
- Download the Windows agent – To download the Windows agent, select Download the Windows agent.
- Download the Linux agent – To download the Linux agent, select Download the Linux agent.
- You have three options:
- Click Generate Registration Token. The Generate Registration Token window opens. Copy the Connector token.
Paste the token into a text file.
- Click OK.
Step 2. Configure the Connector on the Linux Client
In Linux-based operating systems, the default storage location is /etc/barracuda. The user should have administrative permissions or will otherwise need to log in as root user.
To start the Connector in Linux :
- Log in as root user.
- To start the Connector, open the terminal.
- To run the Connector, enter the token retrieved in Step 1.
# ./sdwanconnector -t <Enter your token>
- Press Enter.
This will start the Connector, and all your resources will get exposed to the SecureEdge environment.
For more detailed information on using your Connector (for example, logfilepath, loglevel, verbosity, logsyslog, and configfile), enter the following command in your terminal:
# ./sdwanconnector -h
Step 3. (Optional) Auto-Start Connector Settings
There are multiple methods for implementing the auto-start feature for the Connector. One common method is using the systemd service. You can configure the Connector service to start automatically after rebooting the server or closing the SSH terminal. In other words, the connection to the Connector is preserved.
- Log in as root user.
- To start the Connector, open the terminal.
- To run the Connector, enter the token retrieved in Step 1.
# ./sdwanconnector -t <Enter your token>
After configuration is complete, move your Connector config to the directory /bin/sdwanconnector.
Create a service file in the directory /etc/systemd/system/sdwanconnector.service.
The basic structure of a service file:
The [Unit] section defines general information about the service. The Description describes the unit.
- The [Service] section defines the service. Note that you can create your service as per your requirement.
ExecStart specifies the full path of a command that will be executed to start a service.
- To send the program's standard output and error, StandardOutput and StandardError are defined. For example, in this case, console output is sent to syslog.
The SyslogIdentifier is used to identify the service in syslog files. This will be used later to direct output to a separate file for the service. For example, in this case, sdwanconnector.log.
- The RestartSec specifies the amount of time to wait before attempting to restart the service if automatically restarting the service is enabled.
- The Restart is set to on-failure. This will trigger a restart of a service on-failure.
The [Install] section is optional and is used to define the behavior of a unit if it is enabled or disabled.
Type the following content and Save the file:[Unit] Description=Barracuda SDWAN Connector [Service] User=root ExecStart=/bin/sdwanconnector -m TCP -p /var/log/sdwanlog.log WorkingDirectory=/var/log/ AmbientCapabilities=CAP_NET_ADMIN KillMode=process Restart=on-failure RestartSec=5 StandardOutput=syslog StandardError=syslog SyslogIdentifier=%n [Install] WantedBy=multi-user.target After=network.target
To reload the service, enter the following command in your terminal:
# sudo systemctl daemon-reload
- To start a service at boot, enter the following command in your terminal:
# sudo systemctl enable sdwanconnector.service
- To start the sdwanconnector service, enter the following command in your terminal:
# sudo systemctl start sdwanconnector.service
- To query the sdwanconnector status, enter the following command in your terminal:
# sudo systemctl status sdwanconnector.service.
The console output of a service, i.e., StandardOutput or StandardError, is connected to system log and debug log. To view detailed information on logs, you can see the sdwanlog.log
file in the direcorty /var/log.