We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SSL VPN

Attention

This Firmware Version Is Going End-Of-Support
As of 1st March 2019, all new sales for the Barracuda SSL VPN product will cease. Only renewals of software and hardware subscriptions for a maximum of one year are available for a limited time. 1st March 2020: All Barracuda SSL VPN sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires.

How to Create a Static Route

  • Last updated on

If the Barracuda SSL VPN is installed in a DMZ, you must create a static route on the client systems so that they can reach the main LAN. To introduce the static route, complete the following steps:

Step 1. Configure the client

Configure the client as described in Advanced Network Connector Client ConfigurationAt this point the client will only be able to route through to other systems within the DMZ. Before creating a static route on the client systems, determine the default gateway address that the Barracuda SSL VPN uses. This gateway should be able to route to the main LAN from the DMZ. To create a route to the clients to tell them how to get to the main LAN, there are two alternatives:

  • Publish a route that will apply to all clients using this Network Connector server interface.
  • Use an Up Command in the client configuration that configures the route on the client when the network connector is launched.

Step 2. Configure the static route

Option 1: Publish the static route

To publish a static route for all users of a server interface:

  1. Go to the RESOURCES > Network Connector page.
  2. Click Edit next to the relevant server interface. 
  3. On the Edit Server Interface page, in the Routing Section, specify the network to be published. This network will always use the default gateway. All clients will use this route, so if you have multiple client configurations with different networks, you may need to use the Up Command instead.
Option 2: Configure an Up Command for the static route

To configure an Up Command to create a static route on the client system when the configuration file is launched, proceed as follows:

  1. From the Barracuda SSL VPN web interface, log in as ssladmin and verify that you are in the Manage System mode.
  2. Go to the RESOURCES > Network Connector page. 
  3. Verify that you have selected the correct user database on the top right of the page.

  4. In the Edit Client Configuration section, add the Up Command.
    Example:  
    • DMZ network address of 192.168.1.0/24
    • Barracuda SSL VPN on IP address 192.168.1.100 and default gateway of 192.168.1.1
    • Main LAN network address of 192.168.50.0/24
    The Up Command to publish for such a route would be:
    • For Windows clients:
      route add 192.168.50.0 mask 255.255.255.0 192.168.1.1
    • For Linux/Mac clients:
      route add -net 192.168.50.0 netmask 255.255.255.0 gw 192.168.1.1 
  5. Save the configuration. 

When launched, this configuration should automatically publish this new route 10-15 seconds after the Network Connector client is launched.

Last updated on