We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

Example - How to Enable Remote Management Access From the Internet

  • Last updated on

Barracuda Networks recommends that you only enable management access from the Internet for a limited period of time. Remote management access constitutes a significant security risk, especially if you allow access via SSH. To minimize risk potential, restrict access to very few trusted source addresses or networks, disable access when it is not needed, and use strong passwords or key authentication.

When you place a standalone Barracuda NG Firewall at a remote site, you can enable access to it over the Internet for remote management and configurationYou can also enable remote access for Barracuda Networks Technical Support if direct access to the system is required for troubleshooting.

Create an App Redirect Firewall Rule

To enable remote management access to the Barracuda NG Firewall from the Internet, create an App Redirect Rule for the management ports to the internal management IP address.

  1. Open the Forwarding Rules page (Config > Full Config > Box > Virtual Servers > your virtual server Assigned Services > Firewall > Forwarding Rules).

  2. From the Rule Lists menu in the left pane, select Access Rules.
  3. Click Lock.
  4. Create an App Redirect rule with the following settings:
    • Source – Select Internet. To restrict access to specific IP addresses, you can explicitly enter the IP addresses or create a network object for reference.
    • Service – Select NGF-MGMT-STAT (TCP 807 Single Point Of Entry)
    • Destination – If the Barracuda NG Firewall connects to the Internet via a dynamic address, select the network object to match your connection (DHCP Local IP, DSL Local IP or 3G Local IP). If the system uses a static public IP address, enter this address.
    • Redirection – In the Local Address field, enter your internal management IP address (MIP) as defined in the network settings.
    RemoteManagementFWRule01.png
  5. Click Send Changes and Activate. 

Next Step

You can now manage your Barracuda NG Firewall over the Internet with the Barracuda NG Admin application. Instead of connecting to the management IP address of the unit, log into the system via the public IP address of your unit.

Last updated on