Manualshelf

Specifications

ManualsBrandsBarracuda Networks ManualsComputer equipmentLoad Balancer
31323334353637383940
Chapter 3: Configuring the Barracuda Link Balancer 27
originating from those addresses can go out without being NAT'ed. Depending on how the ISP's
routers are set up, traffic from these networks can either be link balanced or be bound to one WAN
link. For the latter case, select specific primary and backup links.
Changing the Source IP Address of Outgoing Traffic
To set the source IP address of outgoing traffic to a masquerade IP address, rather than the IP address
of the WAN link, create outbound source NAT rules using the
Policy > Outbound Routing page.
Outbound source NAT rules consider source IP address (or range) and, optionally, application and
WAN link. If a rule match occurs, the specified external IP address is used as the source IP address
of the traffic.
The outbound source NAT rules are executed after the WAN link has been determined by the link
load balancing algorithm. They are executed regardless of the firewall operating mode.
The rules are arranged in a table on the Policy > Outbound Routing page in order of precedence from
top to bottom. Only the first rule that matches the profile of the traffic is executed. If the traffic
matches a 1:1 NAT Rule the outbound source NAT rules are ignored.
Configuring Virtual Private Networks
The Barracuda Link Balancer can act as an endpoint in a site-to-site VPN tunnel.
This section covers the following topics:
Site-to-Site VPN Tunnels.................................................................... 27
Creating VPN Tunnels ....................................................................... 28
Creating a VPN in a NAT’d Environment ......................................... 28
Failover and Failback ....................................................................... 29
VPN Tunnel as Failover Link for a Broken Site-to-Site WAN Link... 29
Troubleshooting a VPN Tunnel.......................................................... 29
Site-to-Site VPN Tunnels
You can create a site-to-site VPN tunnel between two Barracuda Link Balancers or between a
Barracuda Link Balancer and another device that supports IPsec.
Networks connected via a tunnel will communicate as if they are on the same network, even though
they are separated by the Internet.