We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure a High Availability Cluster for Managed F-Series Firewalls

  • Last updated on

Managed F-Series Firewalls are only connected through the association to the same virtual server in the Barracuda NextGen Control Center. This allows you to configure active-active clusters with multiple virtual servers. Both firewalls must be managed by a Control Center and be located in the same cluster. You can only combine two firewalls of the same model and platform (hardware, virtual, or public cloud). Using different revisions of the same hardware appliance is supported.


Before You Begin
  • In a cluster, select two firewalls of the same model and platform  E.g., two Barracuda NextGen Firewall F-Series F280RevB 
  • Verify that the cabling is done exactly the same on both units. The management IP addresses must also be configured on the same ports. For HA clusters using hardware appliances with different revisions, only use ports present on both systems.
  • License and activate both firewalls

Step 1. Complete Box Level Configuration for Both NextGen F-Series Firewalls

The box level configuration for both firewalls must be identical, except for the NetworkBox Properties and Licensing pages. If the connection to the Control Center is over a public IP address each firewall must also have a public IP address configured on the box layer. Use repository links for easy maintenance of the other configuration pages. For more information, see Repositories.

Step 2. Assign Primary and Secondary Unit for the Virtual Server

Choose which NextGen Firewall F-Series is by default the active unit in the HA cluster. For active-active clusters, repeat this step for the second virtual server.

  1. Go to your cluster in the Control Center > Virtual Servers > your virtual server > Server Properties.
  2. Click Lock.
  3. In the Virtual Server Definition section, define the primary unit and secondary unit.
    • Primary Box – The active system.
    • Secondary Box – The HA partner.

The primary and secondary servers are created and configured as HA partners on both units. 


Last updated on