You can change the management IP address and interface to match your requirements. If the client is not in the same subnet, make sure the new management IP address is reachable from the client running Barracuda Firewall Admin. If needed, add a gateway route. You must activate the network changes for the management IP change to take effect.
In case you must configure an HA pair of firewalls, you must also enter the management IP address in an appropriate edit field that will otherwise not be displayed for a single firewall.
The management network part is calculated by configuring a netmask for the management IP address.
Step 1. Configure the Management Network and IP Address
Change the MIP address to match your existing network addresses.
- Go to CONFIGURATION > Configuration Tree > Box > Network.
- Click Lock.
- In the Management Network and IPs section, enter the following values:
- Interface – Select the interface to use for the management network.
- Management IP – Enter the management IP address.
- (alternative on a primary HA firewall) Primary Management IP – Enter the management IP address.
- (optional on a secondary HA firewall) Primary Management IP – Enter the management IP address.
- Associated Netmask – From the list, select the network mask.
- (optional) Responds to Ping – Set to yes.
- Use for NTPd – Set to yes.
- (only in advanced mode) Default Route via Shared IP – If activated, a default route is automatically created using the first IP address in the list of Shared IPs.
Use this option is recommended in an HA setup. For example, this option is useful where only one external IP address can be used for a remote management tunnel and where the passive firewall must be reachable via the remote management tunnel in case of an HA failover.
Click Send Changes and Activate.
Step 2. (optional) Configure the Shared IPs in the Management Network
To use services in the management network, you must configure shared IPs in the management network.
- Go to CONFIGURATION > Configuration Tree > Box > Network.
- Click Lock.
- For Shared IPs in this Network in the Management Network and IPs section:
- Click +. The Shared IP in this Network window opens.
- Enter the IP Address.
- (optional) From the list for Alias for this IP, select First IP or Second IP to tag the IP address.
- (optional) Set Responds to Ping to yes if necessary.
- Click OK.
- Click Send Changes and Activate.
Step 3. (optional) Change or Add the Gateway Route
If the client from which you are connecting to the CloudGen Firewall is not in the same network as the firewall, you must create or change a gateway route to be able to access the firewall after changing the management IP address. You do not need to add a route if your client is in the same network as the new management IP address.
For more information, see How to Configure Gateway Routes.
Step 3. Activate the Network Configuration
After you create or change basic network configurations, you must activate your new network configuration.
- Go to CONTROL > Box.
- In the left menu, expand the Network section, and click Activate new network configuration.
- In the pop-up dialog that appears, click Activate now.
You will now be able to log into the firewall with the new MIP address. If you are using a static IP, verify that the management PC can reach the new MIP.
Next Step
(optional) Create an IPv6 management IP address. For more information, see How to Add an IPv6 Management IP Address.