The CONFIGURATION tab contains all configuration pages for your Barracuda NG Firewall. You can open the Configuration page in the following modes:
- Simple Configuration – Configuring standalone systems may be simpler in this mode. Links to configuration pages are grouped more logically for single-system administration. (This mode is not available on the Barracuda NG Control Center.)
- Full Configuration / Configuration Tree – This mode displays all configuration pages in a hierarchical tree. Use this mode if you have to change more advanced system configurations, such as Traffic Shaping etc.
In this article:
Simple Configuration Mode
On the Barracuda NG Firewall, the Configuration page first opens in Simple Configuration mode when you click the CONFIGURATION tab.
In Simple Configuration mode, links to configuration pages are organized in the following sections:
- Device Configuration – This section provides links to the following main configuration pages of the Barracuda NG Firewall:
- IP Configuration – On this page, configure network settings such as Management IP (MIP), Network settings, and Routing.
- System – On this page, configure system access, DNS, and proxy settings.
- Authentication – On this page, configure authentication schemes, define special user groups, and configure logging settings.
- Licenses – On this page, manage your system licenses.
- Operational Configuration – This section provides links to the configuration pages for virtual services that you have introduced on the Barracuda NG Firewall. For example:
- Firewall – The Firewall section provides links to the configuration pages for the forwarding rule set and firewall forwarding settings.
- VPN – The VPN section contains links to the configuration pages for the Client-to-Site VPN, Site-to-Site VPN, remote access, and VPN groups and policies.
- Extended Configuration – This section provides links to configuration pages for infrastructure such as DHCP, DNS, and OSPF/RIP/BGP settings. The section also provides links to any configured gateways and proxies, such as the FTP Gateway or SSH Proxy services.
Full Configuration Mode
The Full Configuration mode provides advanced access to all configuration areas of the Barracuda NG Firewall or Barracuda NG Control Center. To access this mode, click Configuration Tree under the CONFIGURATION tab.
In Full Configuration mode, the Configuration page provides the following sections:
- Configuration Tree – The Configuration Tree lists all of the configuration pages for your system in a hierarchical order. To access the subpages of a configuration section, click + (expand). To open a configuration page, double-click its node. On the Barracuda NG Firewall, the Box object is the highest node in the hierarchy of the Configuration Tree and contains all configuration objects, such as Box Properties, Virtual Servers, and Services. On the Barracuda NG Control Center, the Multi-Range object is the highest node. Expand Multi-Range to access all Ranges, Clusters, and Boxes.
- Quick File Access – On the Barracuda NG Control Center, the Configuration page provides an additional section in the right pane where configuration nodes are listed under tabs for quick access. From this section, you can select configuration files by boxes, servers, and services. To quickly locate a configuration node, open the respective tab and double-click it in the list.
Configuration Tree Controls
From the Configuration Tree, you can manage your configurations and administrative sessions. You can also identify which nodes have been modified. When you right-click the nodes of the Configuration Tree, you are provided with options to manage your systems, virtual servers, services, and administrative sessions. The following table lists some of the available options:
- Collapse All – Closes all open nodes in the Configuration Tree down to the top level.
- Properties – Opens a window that displays the properties of the configuration node. This option is available only on the Barracuda NG Control Center.
Lock – Locks write access to the selected node or tree branch. A lock icon is then displayed next to the node or branch. This lets other administrators know that the page has been locked for editing. If a page has been locked by you, a yellow lock is displayed next to it. If a page is locked by another administrator, a gray lock is displayed next to it. Selecting Show Lock Info from the context menu displays the information about the administrator who has locked the selected node or tree branch. Break Lock breaks the lock held by another administrator on the selected node or tree branch. Unlock releases write access to the configuration page. It is recommended that you unlock all configuration files before quitting a session or starting another task.
- Copy To Repository – Copies the selected configuration page to the corresponding repository section. This option is only available after you create a repository.
- Refresh From Here – Updates the view of the Configuration Tree from the selected node.
- Show RCS Versions – This option is only available on the Barracuda NG Control Center. It displays Revision Control System (RCS). (RCS) information for the selected nodes. For more information, see
- Show History – Displays a history of the locks that have been made to the selected node.
- Show Backlinks – Shows references to other objects if available. This option is available only on the Barracuda NG Control Center.
- Show Backlink Overrides – Displays overrides if backlinks are present. This option is available only on the Barracuda NG Control Center.
- Show Config Definition – Opens a window displaying the details of this configuration node. This option is available only on the Barracuda NG Control Center.
- Remember Position / Clear Position – If you want Barracuda NG Admin to open at a specific node for your next session, right-click the node and select Remember Position. To clear the saved position, right-click it and select Clear Remember Position.
The following options are only available when you right-click the Box node:
Create DHA box – (This option is only available on standalone units.) Creates a secondary or Dedicated High Availability (DHA) unit for an HA setup. You can only create one HA partner for each box. For more information, see High Availability. When you create the DHA unit, the HA Box and HA Network nodes are created at the bottom of the Configuration Tree. On the HA Network page, you can configure the network settings for the DHA unit. The configuration itself is the same as the regular network configuration.
- Remove DHA box – Deletes the DHA unit.
Emergency Override – This option is only available on Barracuda NG Firewalls that are administered by a Barracuda NG Control Center. It allows local configuration of the Barracuda NG Firewall.
- Refresh Complete Tree – Updates the view of the Configuration Tree.
- Collapse – Collapses all nodes in the selected tree branch.
- Expand – Opens all nodes in the selected tree branch.
- Create Repository – Creates a repository of configurations. For more information, see Repositories.
- Create PAR file – Creates a PAR file to back up your system configuration. For more information, see Backups and Recovery.
- Restore from PAR file – Restores the configuration of your system from a PAR file. For more information, see Backups and Recovery.
The following options are only available when you right-click the Virtual Servers node:
- Create Server – Creates a virtual server. For more information, see Virtual Servers and Services.
- Remove Server – Marks the selected server for deletion.
The following options are only available when you right-click the Assigned Services node:
- Create Service – Creates a service. For more information, see Virtual Servers and Services.
- Remove Service – Marks the selected service for deletion.
Identifying Modified Nodes
From the Configuration Tree, you can quickly determine if a node has been modified if one of the following icons is displayed next to it:
|The node has just been added. You will see this icon next to servers, services, and DHA units that you have added.|
|The node has been modified. You will see this icon next to configuration pages whose settings have been edited.|
|The node has been marked for deletion. You will see this icon next to servers and services that you have selected for removal.|
The modified nodes are added, applied, or deleted after you activate your configuration changes.
Configuration Page Controls
When accessing a configuration page from the Configuration Tree by double-clicking, you can find the following options for editing the settings and applying configuration changes to the system:
- Lock – Because multiple administrators can access a configuration page, you must always lock it before you can edit the settings. Lock locks the configuration page to give you write access and changes the status of the button to Unlock. Unlock unlocks the configuration page.
- Send Changes – After editing your settings, you must send them to the Barracuda NG Firewall or Control Center by clicking Send Changes. When the configuration changes were successfully sent, an Activation Pending link is displayed at the top.
- Discard – This option allows you to discard the changes after they were sent.
- Activate – To apply the configuration to the Barracuda NG Firewall after editing it and sending the changes, click Activate. (In case the Activation Pending link is displayed, click this link instead.)
The State Info dropdown menu provides information about all sessions and transactions on the system and offers controls to manage HA synchronization.
- Transactions – To view configurations that are pending activation, expand State Info and select Transactions.
- Locks – To gather information about all locked elements in the configuration, select Locks.
- Sessions – The service bar of the Configuration page displays your Generic Configuration Session ID (GCSID). The GCSID contains the IP address and source port of the connecting client followed by the PID of the server process (boxconfigd) that is handling the current connection. When clicking Sessions, you can also view information about the sessions of other administrators. To terminate or gather more information about a session, select it in the appearing Configuration Sessions window and then click one of the following buttons:
- Show Locks – Displays a list of the nodes that are locked by the administrator.
- Show Transactions – Displays a list of the configuration changes that are waiting for activation.
- Kill Session – Kills the session. However, it is strongly recommended that you do not kill sessions held by other administrators.
- HA Sync opens the HA Box Synchronization window with information about your HA units and controls to manage HA synchronization. For more information on these functions, see High Availability.
On a configuration page, you will also find controls for the following tasks:
- Im/Export – With this dropdown option, you can export your settings to the clipboard and import them to the configuration of another system:
- Copy to Clipboard – Exports your configurations to the clipboard.
- Replace With Clipboard – Replaces the settings on the page with values that were copied to the clipboard.
- Merge With Clipboard – Merges the settings of the page with values that were copied to the clipboard.
- RCS – The RCS dropdown menu lets you access information about configuration changes that were applied to your Barracuda NG Firewall units. For more information, see Revision Control System (RCS).