We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Security Gateway

Source-Based Routing

  • Last updated on

If you have clients or networks that you want to route to the Internet via a different gateway than the default set for the Barracuda Web Security Gateway, you can configure routing by specifying the source and destination IP addresses and gateways using the IP Routing feature. See the ADVANCED  > Advanced Networking page to set up source based routing.

For example, assume your organization has multiple physical locations. The server dedicated to Sales services and resources is located in Los Angeles, and a user in the Sales department at the Atlanta office needs to access those resources on the corporate intranet. Rather than use the default route to the cloud, the user has a secondary exit point (172.32.0.254) that handles all intranet activity across a dedicated connection to the 10.1.0.0/16 (Corporate Resources) network.

The Barracuda Web Security Gateway can look at traffic from the user’s machine (client) and direct the traffic to the appropriate gateway based on the source / destination of the traffic. If the packet is bound for a corporate resource, in this instance the Barracuda Web Security Gateway will route it out via the internal router, and all other traffic will proceed to the Internet via the Firewall.

Figure 1: Source Based Routing Provided by the Barracuda Web Security Gateway.

SourceBasedRoutingBWSG.png

To set up the Barracuda Web Security Gateway per the above example, go to the IP Routing section of the ADVANCED  > Advanced Networking page and configure the following settings. This example configures the Barracuda Web Security Gateway so that all client traffic from the 172.32.0.0 subnet routes to the specified Destination IP Address via the Gateway Address.

The IP addresses used in this example are just that - example addresses for demonstration purposes. Make sure to obtain the correct IP address and netmask values for your network for the actual configuration.
SettingMeaning and example value
Source IP Address

IP address of client or network to be routed to the alternate gateway. Enter 172.32.0.0 for the subnet the client is coming from.

Source NetmaskNetmask of client or network to route to the alternate gateway; enter 255.255.0.0.
Destination IP AddressAlternate gateway (the corporate intranet, in this case) to which you want to route the client(s) or network. Enter 10.1.0.0.
Destination NetmaskNetmask of alternate gateway. Enter 255.255.0.0.
Gateway AddressGateway address through which you're routing these clients/networks to the Internet - this would be the address of the Internal Router as shown above. Enter 172.32.0.254.
Last updated on