We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

Azure Networking

  • Last updated on

To use your firewall in Azure in a similar way as on-premise firewalls, you must configure routing and other networking features. Most features are available for both Azure Resource Manager (ARM) and Azure Service Manager (ASM), which is also known as "classic" deployment mode. Microsoft recommends using ARM for new deployments. Do not mix ASM and ARM resources.

In this article

Azure Resource Manager (ARM)

Azure Route Tables (UDR) using Azure Web Portal

To use your firewall VM as the gateway for other VMs in your virtual network, you can configure a user defined routing table in Azure. Route tables can also be used to route Control Center VIP networks and S-Series networks to the correct VM. HA clusters must be configured to rewrite the Azure routing table so that the backend VMs are always using the active firewall as the gateway.

For more information, see How to Configure Azure Route Tables (UDR) using Azure Portal and ARM.

Azure Route Tables (UDR) using Azure PowerShell

Create a user defined routing table to send traffic from the VMs in the backend subnets through the firewall using PowerShell.

For more information, see How to Configure Azure Route Tables (UDR) using PowerShell and ARM.

Azure Load Balancer for High Availability Clusters

For HA clusters, you need a load balancer in front of the two firewall VMs to forward incoming traffic to the active firewall. The load balancer handles all traffic that matches the load balancer rules you defined. The service is polled by a health probe every 4 seconds. After two failed health checks, the VM is marked as inactive and traffic is redirected to the now active secondary firewall.

For more information, see How to Configure Azure Load Balancer for HA Clusters using PowerShell and ARM.

Azure Service Manager (ASM)

Azure Route Tables (UDR) using Azure PowerShell

To use your firewall VM as the gateway for other VMs in your virtual network, you can configure a user defined routing table in Azure. HA clusters must be configured to rewrite the Azure routing table so that the backend VMs are always using the active firewall as the gateway.

For more information, see How to Configure Azure Route Tables (UDR) in Azure using PowerShell and ASM and How to Configure Azure Route Table Rewriting for HA Clusters using ASM.

Reserved, Static, and Public IP Addresses

By default, the firewall in the cloud service is accessible by a dynamic IP address or static hostname assigned to the cloud service. The internal IP address is also dynamically assigned and can change on reboot. Azure offers static public and private IP addresses that can be configured for your firewall VM. 

For more information, see Reserved, Static and Public IP Addresses in the Azure Cloud using ASM.

Last updated on