Barracuda Icon
Live Chat

Hi, I'm Rosa.
How may I help you?

How may I help you?

Click below to send us a Message


A global support network of experts.
At your service.

Back to Knowledgebase

What rule does a customer need to place on their firewall to have a PC connected via SITE TO SITE VPN and to enable the ability to use the MGMT VIP to connect my boxes?

Solution #00007230

Answer:The entry point into the VIP network is the Control Center server IP. So if your ng admin client is on the other side of a site-to-site tunnel, then you must advertise the VIP network in the site-to-site tunnel configuration, and then the firewall that is in the same location as the control center needs to have a static route that says the VIP network is reachable by using the CC server ip address as the gateway. Then you also most likely need a firewall rule on the CC box that source NAT the traffic to its own IP
Link To This Page: