It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Active DDoS Prevention

Backend IP Address Errors

  • Last updated on

When you set up Barracuda Active DDoS Prevention on your service, you must tell Barracuda Networks where to send traffic after filtering out DDoS attacks.

For more information on the Backend IP Address, see Understanding Service Architecture with Barracuda Active DDoS Prevention.

Backend IP Address Warning

When you try to set or edit the Backend IP Address, you might see a warning that the site, as retrieved from the Backend IP Address, does not match the site as retrieved directly.

To prevent mistakes, Barracuda Active DDoS Prevention attempts to retrieve your site root in two ways:

  • By connecting directly to the Backend IP Address you specified and requesting the site root, using the appropriate Host header for the domain you entered.
  • By looking up the IP address of your site with a DNS query, connecting to the server referenced in DNS, and requesting the site root.

This process is repeated for each domain you entered for your service when setting up Barracuda Active DDoS Prevention.

If you are setting up Barracuda Active DDoS Prevention on a site that already exists, the two methods above should yield the same site, since they are accessing the same application server. If you receive this warning, make sure the Backend IP Address you entered maps directly to your Barracuda Web Application Firewall’s Virtual IP Address for this service.

If you are setting up Barracuda Active DDoS Prevention on a site that is not yet live, you might receive an error because the web site is not yet active.

Backend IP Address Error

When you set or edit the Backend IP Address, you might see an error that Barracuda Networks cannot connect to the Backend IP Address you have specified.

Barracuda Networks must be able to connect to the Backend IP Address you specify in order to forward traffic after filtering. Check that the address you entered is correct and is accepting connections. If you are using a different port than the standard ports (80 for HTTP; 443 for HTTPS), you will also need to enter the port in the format IP:Port, for example 1.2.3.4:8080

Note

Your backend IP address must accept connections from the IP addresses specified in Allowing Access to Active DDoS Prevention Servers.