When the Barracuda Web Filter is set into "Active" mode, it fails to pass most all web traffic.
When setting up a Barracuda Web filter as an "inline transparent" configuration, here are the important network configuration pointers:
1. Always have the Barracuda's Default Gateway point to the Firewall (WAN port side of filter). The Barracuda should not point back to any internal LAN switch or router, as LAN is not a way to the internet when inline.
2. If the customer has multiple subnets or (untagged - non 802.1Q traffic) VLANs that are on a different subnet than the Barracuda you will need to setup Static Routes for each of those subnets. See Solution 6041. The Gateways for those subnets will usually be the internal LAN switch or router. The Static Routes will help the Barracuda send client traffic back to the network device(s) that knows how to route back to clients.
3. For additional information about special considerations when configuring the web filter to support filtering (tagged - 802.1Q traffic) from VLANs, use the Advanced tab> Advanced networking page and help , please see Solution # 00002514. Support will need a network diagram, the device connected inline, and able to use active mode for testing, This may block some or most traffic while in active mode.
PIX (IP - 10.1.1.1)
BYF (IP - 10.1.1.8, Subnet Mask - 255.255.255.0)
L3 Switch (IP - 10.1.1.15)
Client subnets 10.1.2.x, 10.1.3.x, 10.1.100.x
Inline Pass-through setup:
PIX > BYF > L3 Switch
BYF should be configured:
Default Gateway - 10.1.1.1
IP - 10.1.2.0 Netmask - 255.255.255.0 Gateway - 10.1.1.15
IP - 10.1.3.0 Netmask - 255.255.255.0 Gateway - 10.1.1.15
IP - 10.1.100.0 Netmask - 255.255.255.0 Gateway - 10.1.1.15
Link to this Page: