It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Create a Site-Specific Network Object

  • Last updated on

A site-specific network object is an object that can be of different types (e.g., Single IP Address, List of IP Addresses, Single Network Address, List of Network Addresses) and that serves as a placeholder for different values on multiple firewalls. Site-specific network objects have to be configured either globally or on range or cluster level in the Control Center. Globally defined site-specific network objects must be configured on the Global Settings > Firewall Objects page. In order to enable site-specific network objects for ranges or clusters, this option must be enabled in the Properties settings for either ranges or clusters. A corresponding setting entry with the name Range Firewall Object or Cluster Firewall Object is then displayed for configuration in the parent node Range Settings or Cluster Settings. After the configuration, the site-specific network object will then be available for assigning a value in the Box > Network > IP Configuration page. Due to this characteristic, site-specific network objects can ease the management of common rulesets on multiple firewalls despite different values that are assigned to these objects.

Step 1. (optional) Create a Globally Defined Site-Specific Network Object

  1. Log into your Control Center.
  2. Go to CONFIGURATION > Configuration Tree > Multi-Range > Global Settings > Global Firewall Objects.
  3. Click Lock.

Step 2. (alternatively) Enable Configuration for Site-Specific Network Objects on Range/Cluster Level

  1. Log into your Control Center.
  2. Go to CONFIGURATION > Configuration Tree > Your Range/Cluster > Range/Cluster Properties
  3. Click Lock.
  4. In the Specific Settings section, set Own Firewall Objects to yes.
    enable_config_for_site-specific_network_objects.png
  5. Click Send Changes and Activate.
  6. Go to CONFIGURATION > Configuration Tree > Your Range/Cluster > Range/Cluster Settings > Range/Cluster Firewall Objects .
    range_firewall_object.png
  7. Click Lock.

Step 3. Configure the Site-Specific Network Object

  1. Right-click in the main area.
  2. Click New Site Specific. The Site Specific Network Object window opens.
  3. Enter a Name for your site-specific network object.
  4. From the Type list, select Single IP Address, List of IP Addresses, Single Network Address or List of Network Addresses.
  5. Click OK.
    create_site_specific_network_object.png
  6. Click OK.
  7. Click Send Changes and Activate.

Step 4. Configure the Value for Your Site-Specific Network Object

Assign a value to the specific network object on each firewall where necessary:

  1. Go to CONFIGURATION > Configuration Tree > Box > Network .
  2. In the left menu, click IP Configuration.
  3. Click Lock.
  4. In the section Site Specific Addresses and Networks, assign a network IP address to your specific network object.
    site_spec.png
  5. Click Send Changes and Activate.

Although your site-specific network object can be configured via the same name for all firewalls either globally or in your ranges or clusters, the configured value is specific to the firewall you selected for configuration. This has the advantage that you can set up identical forwarding rulesets for all firewalls but configure different values due to different network-specific demands.