Jump to content


Photo

Issues with Routing - gateway routes and directly attached networks?

routing ng firewall barracuda gateway routes directly attached networks gateway management IP Virtual Server F300 C400

  • Please log in to reply
5 replies to this topic

#1 Jonathan Klein

Jonathan Klein
  • Members
  • 34 posts

Posted 11 November 2014 - 01:12 AM

I am trying to get my Barracuda F300 NG Firewall online to connect to it remotely.

 

When I put in a gateway route to connect to my external network, I get this error message:

 

"gateway route default with unreachable gateway "64.235.155.129""

 

I was able to get my C400 online by using the gateway 64.235.155.129. The connecting switchport to the NG is configured for this subnet as an access port. Is there a step that I missed?

 

I also tried to add a directly arrached network to one of the NG ports for the internal network. The connecting switchport to the NG is configured correctly for the internal network as an access port. However, I get these error messages:

 

"direct route link on IP-less dev port2 cannot be activated"

 

and

 

"direct route link with target "172.27.0.0/24" generates duplicate route"

 

Did I also miss a step there?

 

Any advice would be gratefully appreciated.

 

Thank You,

 

Jonathan



#2 Mario Pirker

Mario Pirker
  • Barracuda Team Members
  • 112 posts

Posted 11 November 2014 - 02:04 AM

Hi Jonathan,

 

referring to both errors:

"gateway route default with unreachable gateway "64.235.155.129"

-) Do you have a directly attached route + Server IP or additional local IP in your 64.235.155.x network? The NG firewall must have an IP address within this network so it can reach this gateway.

 

"direct route link with target "172.27.0.0/24" generates duplicate route"

-) In this scenario, I would assume that you already have an additional local IP address configured in your network configuration nside the 172.27.0.0/24 network or already a directly attached network route for this prefix

 

Hope this helps.

 

Best regards,

Mario



#3 Jonathan Klein

Jonathan Klein
  • Members
  • 34 posts

Posted 13 November 2014 - 12:34 PM

Hello Mario,

 

Thank you for your reply. I really appreciate it.

 

I assigned the F300 the Mgmt IP Address in the 172.27.0.0/24 subnet and the C400 in the 64.235.155.128/29 subnet.

 

For the firewall would I need to assign an additional local IP address in the 64.235.155.128/29 subnet for a directly attached route to 64.235.155.129?

 

Would I need to make an a gateway route containing 172.27.0.0/24? In our network, we can access 64.235.155.128/29 remotely but we have to ssh through the lab's cisco router to access the switch that has the 172.27.0.0/24 subnet.

 

Jonathan Klein



#4 Mario Pirker

Mario Pirker
  • Barracuda Team Members
  • 112 posts

Posted 17 November 2014 - 02:49 AM

Hi Jonathan,

 

you always have two options for configuring an IP address + route:

1.) Option 1:

If you configure the IP address on the so called box layer (https://techlib.barr...Firewall Layers), you have to configure an "additional local IP". This will automatically create a directly attached network route.

2.) Option 2:

If you configure the IP address on the so called server/services layer, you have to configure a server IP address in the Virtual Server properties + a directly attached network route inside the network configuration.

 

Please don't forget to perform a network activation under control > box after every network change.

 

Hope this helps.

 

Best regards,

Mario



#5 Jonathan Klein

Jonathan Klein
  • Members
  • 34 posts

Posted 20 November 2014 - 07:09 PM

Mario,

 

Thank you for response and your help. This may sound like a silly question. Do the NG Firewall's Mgmt IP and the NG Firewall's virtual server have to be on the same subnet?

 

Thanks,

 

Jonathan



#6 Mario Pirker

Mario Pirker
  • Barracuda Team Members
  • 112 posts

Posted 03 December 2014 - 01:44 AM

Hi Jonathan,

 

sorry for the huge delay. No they don't have to be on the same subnet.

 

Best regards,

Mario