How do I configure my Barracuda SSL VPN for High Availability for use with the Barracuda Load Balancer?
Date changed: 5 months ago
Scope: The BarracudaSSL VPN supports Clustering for High Availability, if using a Barracuda Load Balancer, follow these instructions to configure the Load Balancer unit.
Lay out the network
It is best to install the Barracuda SSL VPN units on a separate network segment so that the only connection to the rest of the LAN is via the LAN port of the Barracuda Load Balancer. The LAN port connects to the same segment that the SSL VPNs are on, while the WAN port connects to the rest of the LAN. In addition to the IP addresses of each SSL VPN and the Load Balancer itself, a separate IP address will needed for use as the Virtual IP by the Load Balancer, to balance the incoming connections for the SSL VPNs. Outbound traffic from the SSL VPNs will go through the Load Balancer via the network bridge.
Configure the SSL VPN's on private IPs
The Load Balancer should be configured as a Layer 4 device that forwards the HTTPS traffic to the SSL VPNs. The SSL VPN supports both Route-Path (Solution #00001224) and Bridge-Path (Solution #00003452) load balancer operation modes.
Configure the Virtual IP address of the Load Balanced service to point toward the pool of SSL VPNs. To configure the service in Route PathClick Here, to configure the service in Bridge PathClick Here.
The service must be listening on Port 443.
Ensure that the Service Persistence Type is set to Layer 4 ? Client IP and the Testing Method is set to TCP Port Check.
Link to This Page: http://www.barracuda.com/kb?id=50160000000Hz6U