It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

Network

  • Last updated on

The Network configuration node on the CloudGen Firewall and on the Control Center provides all options to configure all basic features related to network connectivity. These options cover the special usage of IP addresses and their behavior related to important box-layer-based services of the CloudGen Firewall such as management of the firewall, box-layer-based IP addresses, and high availability.

Interfaces and IP Addresses

IP Address Configuration

IP addresses are the essential information for identifying endpoints and for forwarding network traffic between them. To provide basic operation for this, the CloudGen Firewall handles IP addresses in various ways.

For more information, see Understanding the Usage of Operational-Relevant IP Addresses on the CloudGen Firewall.

Interfaces

Hardware systems are automatically configured with the correct number of network ports and interfaces. For hardware systems with Barracuda network modules or virtual systems, it may be necessary to add additional network interfaces. These network interfaces must also be added to the configuration of the CloudGen Firewall. If you are planning to use VLANs, make sure to use Barracuda network modules or virtual network adapters that use kernel modules with VLAN support.

For more information, see How to Add Additional Network Interfaces

Network Links

Virtual LAN (VLAN)

VLANs allow you to split one physical network interface into several virtual LANs. The physical interface behaves as if it were several interfaces, and the switch behaves as if it were multiple switches. The CloudGen Firewall can use up to 256 VLANs on one physical network interface and a maximum of 4096 VLANs globally.

For more information, see How to Configure VLANs.

Ethernet Bundles

Ethernet bundles - also known as "Ethernet channel", "Link Aggregation", "Trunking", or "Bonding" - combine multiple physical ports into a single virtual link to increase the physical bandwidth available for the connection. Ethernet bundles can operate in several modes, providing different advantages for specialized situations.

For more information, see How to Configure Ethernet Bundles.

Layer 2 Bridging

Layer 2 Bridging provides the option to act as a proxy ARP between two peers.

For more information, see How to Configure Layer 2 Bridging.

Routing

Advanced Routing

Routing tables are used to store the best path to a remote network. The CloudGen Firewall uses the routing tables to forward traffic to the correct interfaces, next hop gateways, or VPN tunnels. The destination, route metric, and source address (optional) of an IP packet is used to determine which route matches and where the packet is forwarded to.

For more information, see How to Configure Source Based Routes and Advanced Routing.

Virtual Router

Virtual routers are virtual instances that work like a hardware router. Because virtual routers can be run as multiple software instances on a common hardware, network paths can be segmented without additional devices. They can also use same IP addresses on each instance, which can even overlap without conflicting with each other.

For more information, see Virtual Routing and Forwarding (VRF).

Connecting to the Internet

xDSL / DHCP, Wireless WAN

The CloudGen Firewall supports various types of Internet connections. If multiple ISP connections are used, the firewall offers granular control over link balancing and load balancing either on a per-access-rule basis or via route metric. You can configure the following Internet connections:

  • Static IP addresses
  • Dynamic IP addresses (DHCP)
  • xDSL with PPPoE and PPTP
  • Wireless WAN using the external Barracuda USB Modem
  • ISDN

For more information, see WAN Connections.

Tunneling

IP Tunneling

IP tunneling provides the option to configure point-to-point network tunnels based on generic routing or plain IP-in-IP encapsulation.

For more information, see How to Configure Web Security Service Integration using GRE Tunnels and a Static Public IP.

Advanced Network Configurations

For more information, see How to Make a CloudGen Firewall Centrally Manageable Without a Control Center .

Others

Integrity Check

The Integrity Check lets you select between different options for doing a logical test of the network configuration before it is activated.

For more information, see How to Configure the Consistency Verification for Network Configurations.

User Scripts

User scripts can be added in order to be executed when the network subsystem is restarted.