Barracuda Cloud Control (BCC) offers three methods of connecting to your LDAP server:
- Use a standard LDAP connection.
- Use LDAP over SSL or LDAP/STARTTLS. This option offers additional security.
- Further refine your firewall policy to only allow traffic from Barracuda IP addresses and ranges, and restrict ports to the protocol you choose.
See also Active Directory Authentication, which describes how to ensure uninterrupted access to your LDAP server from the Barracuda Cloud by allowing incoming connections from specific Barracuda IP ranges. The article also notes specific settings for LDAP attributes.
This example shows a firewall rule on a Barracuda CloudGen Firewall. Note that all three protocols are included, but not necessary, depending on the auth protocol you select. Figure 1 shows a network object to correspond with Barracuda network ranges. See Active Directory Authentication for the current list of IP addresses ('Include Entries') to use in your policy.
Figure 2 shows an example firewall rule where the destination is the public IP address or DNS name of your environment. See Active Directory Authentication for the current list of IP addresses ('Source') to use in your policy.