We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Add Multiple IP Addresses to a Firewall in AWS

  • Last updated on

In some cases, you may need multiple IP addresses on a single network interface, for example to host multiple services running on the same port behind the firewall. For each private IP address on the instance, an Elastic IP address is associated. The maximum number of private IP addresses depends on the instance type.

Before You Begin

Step 1. Add Private IP Addresses to the Network Interface

Depending on the instance type, you can add multiple additional private IP addresses to the network interface.

  1. Log into the AWS console.
  2. Click Services and select EC2.
  3. In the INSTANCES section of the left menu, click Instances
  4. Select the firewall instance.
  5. In the Description tab for the firewall instance, locate the Network Interfaces parameter and click on eth0. The Network Interface eth0 popover opens.
    aws_multiple_IPs_01.png
  6. Click the Interface ID. The filtered list of network interfaces is displayed.
    aws_multiple_IPs_02.png
  7. Right-click the network interface and select Manage IP Addresses.
    aws_multiple_IPs_03.png
  8. Click Assign new IP
  9. (optional) Enter a unique Private IP. Leave empty for a free IP address in the subnet to be automatically assigned.
    aws_multiple_IPs_04.png
  10. Click Yes, Update.

Step 2. Create and Associate Elastic IP Addresses with the Private IPs

  1. Log into the AWS console.
  2. Click Services and select EC2.
  3. In the Network & Security section of the left menu, click Elastic IPs
  4. Click Allocate new address.
    aws_multiple_IPs_05.png
  5. Click Allocate.
  6. Click Close.
  7. Right-click the new elastic IP address and select Associate.
    aws_multiple_IPs_07.png
  8. Select the instance and private IP address:
    • Resource Type – Select Instance
    • Instance – Select the firewall instance from the list

    • Private IP – Select the secondary IP address added in Step1 from the list.

    • (optional) Reassociation – Select the check box if the Elastic IP Address is already associated with another instance.
    aws_multiple_IPs_08.png
  9. Click Associate.

Step 3. Add the Additional IP Address as Shared IPs

Add the custom private IP addresses of both firewalls for the additional network interfaces to the shared IP addresses. If multiple IP addresses are used in a High Availability cluster, you must add both the private IP addresses from the primary and the secondary firewall as a shared IP address.

  1. Log into the firewall
  2. Go to CONFIGURATION > Configuration Tree > Box > Network.
  3. Click Lock.
  4. In the left menu, click IP Configuration.
  5. In the Shared Networks and IPs section, double-click on the according entry.
  6. In the Shared IPs in this Network section, click + to add the additional private IP addresses.
    add_ip.png
  7. Click Send Changes and Activate.
  8. Go to CONTROL > Box.
  9. In the Network section of the left menu, click Activate new network configuration. The Network Activation window opens.
  10. Click Failsafe.

The firewall instance is now reachable through multiple public IP addresses.

Next Steps

Adapt access rules to use the additional private IP addresses.

Last updated on