Jump to content


Photo

Installing a SonicWALL behind a functioning Barracuda Link Balancer 330


This topic has been archived. This means that you cannot reply to this topic.
3 replies to this topic

#1 Jeff Noel

Jeff Noel
  • Members
  • 3 posts

Posted 05 January 2016 - 10:47 AM

Currently, our company network rests behind a Barracuda Link Balancer 330 (BLB) with three ISP connections. The BLB is in firewall mode with very few ports forwarded (Fonality system, and Daylite server). The folks in charge have decided that they would like to give some members of the staff VPN connectivity. The BLB has point-to-point capabilities, but not client-based or SSLVPN. There are obviously several options out there, and many of them are relatively expensive. Fortunately, I personally own a SonicWALL TZ215 (SW) we can test things with.

 
The issue is configuration. The SW works fine on its own with the Primary ISP settings from the BLB, but the BLB documentation lacks clarity regarding how things need to be configured. ´╗┐The documentation uses the scenario of Adding a BLB to an existing network, so I worked accordingly, resetting the BLB to factory (after saving a backup of the config), and following the instructions listed here:
 
 
Unfortunately. once I attach a cable (even a crossover, per the instructions) from the LAN port of the BLB to the WAN port of the SW, everything grinds to a halt. Not only can I not get to the outside, but I can't even get back to the BLB to make any changes.
 
The BLB has 3 ISP connections (one primary and two backups), and the SW has the same ISP config on the WAN port as the primary on the BLB. I can prvide further details as necessary, but the basic configuration reflects Fig. 2 in the link below:
 
 
Since it's not functioning as it's supposed to, there's obviouly something wrong, but I can't find it. I would appreciate any advice you might have.


#2 Rick Cone

Rick Cone
  • Members
  • 5 posts

Posted 05 January 2016 - 11:08 AM

You need to use the LB as the primary firewall, and lesson the SW role here.  The SW should not do any actual firewall functions.  Having the firewall turned on for both does not really make sense.

 

If you want to use the SW for personal VPN's forward connections to it from the LB for that process.  Although I would recommend a Barracuda SSL VPN appliance for this.  On a related note, I'm going to be selling an SSL VPN 230 in the near future (to be replaced with clustered 430's).  If you're interested, let me know. 



#3 Jeff Noel

Jeff Noel
  • Members
  • 3 posts

Posted 05 January 2016 - 12:25 PM

I'm using the LB in Firewall Disabled Mode when installing the SW-- per Figure 2 in the second link.



#4 Jeff Noel

Jeff Noel
  • Members
  • 3 posts

Posted 07 January 2016 - 10:07 AM

Note-- I was able to resolve this: I had mistakenly entered the identical WAN IP on both devices, which triggered IP Spoof protection on the SonicWALL.