This configuration is available with any type of Barracuda Web Security Gateway deployment.
If you have clients or networks that you want to route to the Internet via a different gateway than the default set for the Barracuda Web Security Gateway, you can configure routing by specifying the source and destination IP addresses and gateways using the IP Routing feature. See the ADVANCED > Advanced Networking page to set up source based routing.
For example, assume your organization has multiple physical locations. The server dedicated to Sales services and resources is located in Los Angeles, and a user in the Sales department at the Atlanta office needs to access those resources on the corporate intranet. Rather than use the default route to the cloud, the user has a secondary exit point (126.96.36.199) that handles all intranet activity across a dedicated connection to the 10.1.0.0/16 (Corporate Resources) network.
The Barracuda Web Security Gateway can look at traffic from the user’s machine (client) and direct the traffic to the appropriate gateway based on the source / destination of the traffic. If the packet is bound for a corporate resource, in this instance the Barracuda Web Security Gateway will route it out via the internal router, and all other traffic will proceed to the Internet via the Firewall.
Figure 1: Source Based Routing Provided by the Barracuda Web Security Gateway.
To set up the Barracuda Web Security Gateway per the above example, go to the IP Routing section of the ADVANCED > Advanced Networking page and configure the following settings. This example configures the Barracuda Web Security Gateway so that all client traffic from the 188.8.131.52 subnet routes to the specified Destination IP Address via the Gateway Address.
|Setting||Meaning and example value|
|Source IP Address|
IP address of client or network to be routed to the alternate gateway. Enter 184.108.40.206 for the subnet the client is coming from.
|Source Netmask||Netmask of client or network to route to the alternate gateway; enter 255.255.0.0.|
|Destination IP Address||Alternate gateway (the corporate intranet, in this case) to which you want to route the client(s) or network. Enter 10.1.0.0.|
|Destination Netmask||Netmask of alternate gateway. Enter 255.255.0.0.|
|Gateway Address||Gateway address through which you're routing these clients/networks to the Internet - this would be the address of the Internal Router as shown above. Enter 220.127.116.11.|