It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure an ISP with Static IP Addresses

  • Last updated on

If your Internet connection is using static IP addresses or entire network ranges assigned by your ISP, you must create routing entries on box level and then assign the IP address(es) to the virtual server. Choose the network type Untrusted to automatically create a default route (0.0.0.0/0) for the connection.

static_wan.png

Before You Begin

Connect the network equipment installed by your provider to an unused port (not the management port) of your Barracuda CloudGen Firewall.

Step 1. Add a Direct Route

Create a direct attached route entry to create the network on box level of the CloudGen Firewall. Be sure to create the route on the port the ISP is plugged into.

  1. Go to CONFIGURATION > Configuration Tree > Box > Network.
  2. In the left menu, select Routing.
  3. Click Lock.
  4. In the Main Routing Table, click + to add a new route.
  5. Enter a Name for the route and click OK.
  6. Enter the IP address of the target network in the Target Network Address field. E.g.,: 62.99.0.0/24
  7. Select directly attached network as the Route Type.
  8. Select the port the ISP is connected to from the Interface Name list. E.g.,: port 2.
  9. If the default route will be introduced in an environment where multiple dynamic links are available, specify a Route Metric.
  10. Select Untrusted as the Trust Level.
  11. Enter the Default Gateway IP address. E.g.,: 62.99.0.254
  12. Click OK.
  13. Click Send Changes and Activate.

Step 2. Perform a Network Activation

After you create or change basic network configurations such as routing, you must activate your new network configurations.

  1. Go to CONTROL > Box.
  2. In the left menu, expand the Network section and click Activate new network configuration.
  3. Select Failsafe.

Your route is now displayed as a disabled route (grey X icon) in CONTROL > Network.

Step 3. Add the Static IP Address to a Virtual Server

Assign the individual WAN IP addresses you want to use to the virtual servers on the firewall. By introducing the external IP addresses on the virtual server, you can use a high availability (HA) cluster to transfer the WAN address to the secondary unit and still be reachable under the same IP address. In our example, you would enter 62.99.0.221 in the virtual Server Properties (CONFIGURATION > Full Configuration > Virtual Servers > your virtual server ) as the First-IP, Second-IP or Additional IP address.

For more information, see Virtual Servers and Services.

Verify the Network Configuration

Open the CONTROL > Network page to verify that all network routes have been introduced successfully. Verify the WAN IP addresses are displayed with a green status icon and that the introduced routes are available in the tables Main and Default and that the default route is directing traffic through your ISP connection.

routing_static.PNG