It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

What ports should be open on my firewall to allow the Email Security Gateway to operate properly?

  • Type: Knowledgebase
  • Date changed: 3 years ago

Solution: #00004111



All Email Security Gateways, all firmware versions.


There are fives ports that are REQUIRED to be open to your Barracuda  Spam Firewall:

TCP port 22 OR 8788 -- SSH: Support tunnel to Barracuda Central (Outbound)
TCP port 25 -- SMTP: Email message transfer
UDP port 53 -- DNS: Peer identification and Internet name resolution
TCP port 80 -- HTTP: Energize Updates and Firmware downloads
UDP port 123 -- NTP: System Clock Synchronization

There are other ports which are optional and may need to be open only if related functionality is enabled on the Email Security Gateway:

TCP port 389 -- LDAP: Directory-based user administration

TCP port 443 -- HTTPS: SSL secured web browsing

TCP port 636 -- LDAPS: SSL secured LDAP
TCP port 3268 -- LDAP: Active Directory Global Catalog
TCP port 3269 -- LDAPS: SSL secured Active Directory Global Catalog

TCP port 4234 -- Required for Archiving mail from Barracuda Email Encryption Service (BEES)

TCP port 8000 -- HTTP: Default Administrative Web Interface

TCP port 8002 -- Clustering

If you are connecting to BCC/CPL/ you need to have the following ports open:

TCP 80 -- HTTP

if port 80 can't be used..then TCP PORT 23557 or 48320

TCP 443 -- HTTPS

TCP 25  -- SMTP

Link to this page: