This solution applies to Barracuda SSL VPNs, all firmware versions.
Network Connector provides a full network connection from a
client machine into the private network via the Barracuda SSL VPN, giving a
connection similar to that of an IPSec VPN. This option requires a virtual
ethernet adapter to be installed (the installer for this can be downloaded from
the SSL VPN interface) and uses a native client to create a full network
connection tunneled via SSL. This enables all ethernet traffic to be tunneled
through the Barracuda SSL VPN over port 443.
To configure Network Connector, log on to your Barracuda SSL VPN with the user ssladmin. Navigate to the Resources > Network Connector page. Click the Configure Network button.
Once the edit page opens, it will attempt to automatically detect network settings, which will be displayed at the top. Connecting clients will need to be assigned an IP address; it is therefore important that you configure and IP range that does not overlap with ranges of other DHCP servers on your network. Once you have determined the appropriate range, enter the IP Address Range Start and IP Address Range End. Verify that the Domain name and Primary DNS server fields are accurate.
Select the appropriate policies to which you would like to add the Network Connector resource by highlighting them and clicking Add. Once the Selected Policies box on the right hand side contains the desired policies, save the changes. For more information on creating policies, please refer to Solution #0003721.
There will now be both a Server Interface and a Client Configuration. You may then download the Network Connector install program to the machines with which you wish to use the Network Connector resource.
If you have your SSL VPN unit on a DMZ and you need your clients to be able to access a LAN IP range that is outside the DMZ range, then you will also need to publish a route to this other network. You will need to know the default gateway IP address that the SSL VPN uses and this gateway must be able to route to the other network.
To publish the route, edit the Client Configuration (LAN1 Client by default) and in the up commands, enter a route command appropriate for the OS that will be running this configuration.
e.g. For windows clients, you may have the route command look something like so:
route add 10.0.0.0 mask 255.255.255.0 192.168.0.1
Where 10.0.0.0 is the network you want your clients to access and 192.168.0.1 is the IP address of the default gateway that the SSL VPN unit is configured to use.
Link to This Page: