The following troubleshooting tips may help correct some common errors.
The Barracuda NG Control Center cannot send configuration updates
If the Barracuda NG Control Center cannot send a configuration update to a Barracuda NG Firewall, the gateway might be offline. In this case, the Barracuda NG Control Center keeps attempting to send the update. The waiting period between attempts is increased after each update failure. After twenty failed attempts, the waiting period is increased to one hour. On the CC Configuration Updates Page, you can manually send the update. Right-click the Barracuda NG Firewall and select Update Now.
'Authentication Failed' message when logging into a Barracuda NG Firewall
If you receive an 'Authentication Failed' message when you log directly into a Barracuda NG Firewall from the CC Status Map Page, you might need to change the root password. To change the root password for a Barracuda NG Firewall, click the CONFIGURATION tab. In the Config Tree, navigate to the Barracuda NG Firewall, expand the box, and double-click Administrative Settings. In the Root Password section, change the root password. If the root password is linked from a repository, you must change the password in the repository object.
You have locked yourself out of the managed NG Firewalls after changing the CC IP addresses or certificates
Authentication Levels for Control Center - Box Communication
As stated above, the Control Center-box trust relationship is governed by private/public key technology. Thus, in a working environment, the NG Control Center knows its boxes, and the boxes recognize the NG Control Center as their one and only authority. The default level of authentication is that a box and its NG Control Center identify themselves by their keys and IP addresses. This means that the Control Center does not send any configuration data to untrusted boxes, and no box accepts data from an untrusted source. If, however, the Barracuda NG Control Center does not have a valid license (and, therefore, no certificate) or major migrations are made, it might be necessary to reduce the authentication level for a short period to establish a new trust relationship. Depending on which component is the untrusted one, this has to be done either on the Barracuda NG Control Center (Control > Configuration Updates > Untrusted Update checkbox selected) or on the box itself to make the unit accept the incoming data.
Meaning and effect
Anything goes. The system allows any attempt to send or retrieve configuration data.
Check IP address or key
Login is accepted if either IP address or the key challenge is successful. (still quite insecure)
Check IP address
Login is accepted if demanded IP address is at hand. (still quite insecure)
Login is accepted if key challenge is successful.
Check IP address and key
This is the default setting and should remain as such if there is no need to lower the security level temporarily.
Extract from the Box tab in the Box > Control window where authentication level can be lowered to interaction-free authentication: