We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
Accept
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Email Security Gateway
Overview Documentation Training Certification Materials

Back to Knowledgebase

What ports should be open on my firewall to allow the Email Security Gateway to operate properly?

  • Type: Knowledgebase
  • Date changed: 9 months ago

Solution: #00004111

 

Scope:

All Email Security Gateways, all firmware versions.

 

Answer:
There are fives ports that are REQUIRED to be open to your Barracuda  Spam Firewall:

TCP port 22 -- SSH: Support tunnel to Barracuda Central (Outbound)
TCP port 25 -- SMTP: Email message transfer
UDP port 53 -- DNS: Peer identification and Internet name resolution
TCP port 80 -- HTTP: Energize Updates and Firmware downloads
UDP port 123 -- NTP: System Clock Synchronization

There are other ports which are optional and may need to be open only if related functionality is enabled on the Email Security Gateway:

TCP port 389 -- LDAP: Directory-based user administration

TCP port 443 -- HTTPS: SSL secured web browsing

TCP port 636 -- LDAPS: SSL secured LDAP
TCP port 3268 -- LDAP: Active Directory Global Catalog
TCP port 3269 -- LDAPS: SSL secured Active Directory Global Catalog

TCP port 4234 -- Required for Archiving mail from Barracuda Email Encryption Service (BEES)

TCP port 8000 -- HTTP: Default Administrative Web Interface

TCP port 8002 -- Clustering


If you are connecting to BCC/CPL/COPY.com you need to have the following ports open:


TCP 80 -- HTTP

if port 80 can't be used..then TCP PORT 23557 or 48320

TCP 443 -- HTTPS

TCP 25  -- SMTP



Link to this page:

https://campus.barracuda.com/solution/50160000000HkFYAA0