It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Add Multiple IP Addresses to a Firewall in AWS

  • Last updated on

In some cases, you may need multiple IP addresses on a single network interface, for example to host multiple services running on the same port behind the firewall. For each private IP address on the instance, an Elastic IP address is associated. The maximum number of private IP addresses depends on the instance type.

Before You Begin

Step 1. Add Private IP Addresses to the Network Interface

Depending on the instance type, you can add multiple additional private IP addresses to the network interface.

  1. Log into the AWS console.
  2. Click Services and select EC2.
  3. In the INSTANCES section of the left menu, click Instances
  4. Select the firewall instance.
  5. In the Description tab for the firewall instance, locate the Network Interfaces parameter and click on eth0. The Network Interface eth0 popover opens.
    aws_multiple_IPs_01.png
  6. Click the Interface ID. The filtered list of network interfaces is displayed.
    aws_multiple_IPs_02.png
  7. Right-click the network interface and select Manage IP Addresses.
    aws_multiple_IPs_03.png
  8. Click Assign new IP
  9. (optional) Enter a unique Private IP. Leave empty for a free IP address in the subnet to be automatically assigned.
    aws_multiple_IPs_04.png
  10. Click Yes, Update.

Step 2. Create and Associate Elastic IP Addresses with the Private IPs

  1. Log into the AWS console.
  2. Click Services and select EC2.
  3. In the Network & Security section of the left menu, click Elastic IPs
  4. Click Allocate new address.
    aws_multiple_IPs_05.png
  5. Click Allocate.
  6. Click Close.
  7. Right-click the new elastic IP address and select Associate.
    aws_multiple_IPs_07.png
  8. Select the instance and private IP address:
    • Resource Type – Select Instance
    • Instance – Select the firewall instance from the list

    • Private IP – Select the secondary IP address added in Step1 from the list.

    • (optional) Reassociation – Select the check box if the Elastic IP Address is already associated with another instance.
    aws_multiple_IPs_08.png
  9. Click Associate.

Step 3. Add the Additional IP Address as Virtual Server IPs

Add the custom private IP addresses of both firewalls for the additional network interfaces to the virtual server IP addresses. If multiple IP addresses are used in a High Availability cluster, you must add both the private IP addresses from the primary and the secondary firewall as a virtual server IP address.

  1. Log into the firewall
  2. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > S1 > Server Properties.
  3. Click Lock.
  4. In the Additional IP table, click + to add the additional private IP addresses.
    aws_multiple_IPs_09.png
  5. Click Send Changes and Activate.

The firewall instance is now reachable through multiple public IP addresses.

Next Steps

Adapt access rules to use the additional private IP addresses.