We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure Virtual Servers

  • Last updated on

To manage networking and services on the Barracuda NextGen Firewall F-Series, you can use the virtual server S1 that is already present on the unit. To extend firewalling and networking capabilities, introduce additional servers with IP addresses that can be adapted and used by networks and services created under them. If a Barracuda NextGen Firewall F-Series system hosting virtual servers is running in a high availability (HA) cluster, the virtual servers are also present on the HA unit. If the primary unit fails, the virtual server, IP addresses, and all services are taken over instantly by the secondary unit.

Before You Begin

Verify that direct routes exist on the box layer for the network the virtual server IPs are in. If you are using a HA cluster, the routes must be configured on both units.

Create a Virtual Server on a Standalone Barracuda NextGen Firewall F-Series

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers.
  2. Right-click on Virtual Servers in your cluster and select Create Server. The Create Server windows opens.
  3. Configure the following settings:
    • Server Name – Enter a unique name up to eight characters long for the virtual server. 
    • Product Type – Select the model of your Barracuda NextGen Firewall F-Series. The product type of the virtual server and the NextGen Firewall F-Series the virtual server is running on must match.
    • Active Box – Select This-Box.
    • Backup Box (optional) – Select Other-Box if you are using a high availability cluster, or No-Backup if you are using a standalone Barracuda NextGen Firewall F-Series.
    • Encryption Level – Select Full Featured Encryption unless you are running in demo mode or are located in an export-restricted country.      
    • First-IP – Enter the first IP address for the virtual server.
    • Reply to Ping – Select yes for the virtual server to answer ICMP pings on the first IP address.
    • Second-IP (optional) – Enter the second IP address for the virtual server.
    • Reply to Ping – Select yes for the virtual server to answer ICMP pings on the second IP address.
    • (optional) Additional IP – Click + to add additional IP addresses.
    • (optional) Additional IPv6 Address – Click + to enter IPv6 addresses.
    IPv6_virtual_server_Ips.png
  4. Click Next 
  5. (optional) Configure monitoring settings for the virtual server. For more information, see Virtual Server Monitoring.
  6. Click Next.
  7. (optional) Enter custom command-line scripts that are executed when the virtual server is started or stopped. For more information, see Command-Line Interface
  8. Click Finish.
  9. Click Activate.

Create a Virtual Server on a Barracuda Control Center

Create a virtual server in a cluster on the Barracuda NextGen Control Center. The virtual server can be used for every managed NextGen Firewall F-Series of the same product type in the cluster.

  1. Go to CONFIGURATION > Multi-Range > your range > your cluster.
  2. Right-click on Virtual Servers in your cluster and select Create Server. The Create Server windows opens.
  3. Configure the following settings:
    • Server Name – Enter a unique name up to six characters long for the virtual server. 
    • Product Type – Select the model of your Barracuda NextGen Firewall F-Series. The product type of the virtual server and the NextGen Firewall F-Series the virtual server is running on must match.
    • Encryption Level – Select Full Featured Encryption unless you are running in demo mode or are located in an export-restricted country.      
    • Primary Box – Select the NextGen Firewall F-Series the  virtual server runs on. The box must be in the same cluster as the virtual server.   
    • Secondary Box (optional) – Select the secondary NextGen Firewall F-Series   
    • First-IP – Enter the first IP address for the virtual server.
    • Reply to Ping – Select yes for the virtual server to answer ICMP pings on the first IP address.
    • Second-IP (optional) – Enter the second IP address for the virtual server.
    • Reply to Ping – Select yes for the virtual server to answer ICMP pings on the second IP address.
    • (optional) Additional IP – Click + to add additional IP addresses.
    • (optional) Additional IPv6 Address – Click + to enter IPv6 addresses.
  4. Click Next.
    • (optional) Create or import the Server Private Key
    • (optional) Import the Server Certificate.
  5. Click Next
  6. (optional) If you are planning to use GTI, add the local networks for the VPN tunnels. For more information, see CC VPN GTI Editor.
  7. Click Next.
  8. (optional) Configure monitoring settings for the virtual server. For more information, see Virtual Server Monitoring.
  9. Click Next.
  10. (optional) Enter custom command-line scripts that are executed when the virtual server is started or stopped. For more information, see Command-Line Interface.
  11. Click Finish.
  12. Click Activate.

Deleting a Virtual Server

If you delete a virtual server, all of its assigned services are also deleted. Before changing server and service settings, back up your system configuration. For more information, see Backups and Recovery.

  1. Right-click on the virtual server you want to delete and click Lock.
  2. Right-click on the virtual server and click Remove Server.
  3. Click Yes. The virtual server and all its services are now marked with a red "x".
  4. Click Activate.

(Control Center only) Moving/copying Virtual Servers

You can move or copy virtual servers on the Control Center between different clusters. It is not possible to create a copy of a virtual server in the same cluster it is currently in. The clusters must use at least the same release version. For example, you cannot move a 6.0 virtual server to a 5.2 cluster.

  1. Right-click on the virtual server you want to move or copy and click Lock.
  2. Right-click on the virtual server and click Move Server or Copy Server.
  3. Select the destination in the Range/cluster tree.
  4. Enter the new name of the virtual server.
  5. Click OK.
  6. Click Activate.
Last updated on