It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Link Balancer

How can I enable NAT/Port Forwarding on my Barracuda Link Balancer if unable to add additional IP subnets to the existing firewall when the Link Balancer firewall is disabled?

  • Type: Knowledgebase
  • Date changed: 3 years ago
Solution #00004563

All Barracuda Link Balancer models, firmware versions and later with the Link Balancer firewall disabled.

If unable to add additional IP subnets to the existing firewall when setting up the Link Balancer with the firewall function disabled, you can setup the Barracuda link to Enable NAT/Port Forwarding to have the Destination IP address of inbound traffic on one of the links be NATed to another WAN IP address using the Enable NAT/Port Forwarding rule.

This option appears only if the Barracuda Link Balancer firewall is disabled. It is not available for WAN1. For other WAN links, click Enable on the WAN Firewall configuration to allow the translation of the destination IP address of inbound traffic on this link to the IP address of another WAN link.

If necessary, add the publicly accessible IP addresses to the particular link configuration. On the BASIC > Links page, click the plus (+) sign to expand and edit the WAN link. The WAN IP address is the IP address used for general purpose NAT. Add Additional IP Addresses which are the external IP addresses that are eligible to be used for 1:1 NAT.

After saving your changes to the Link Configuration, create a NAT rule using the FIREWALL > NAT page.

In the 1:1 NAT Rules section:
  1. In the 1:1 NAT Rules table, complete the following fields:
    • Rule Name
    • Listen Link ? Select the WAN link to use.
    • Hostname ? Optional. The hostname or the fully qualified domain name associated with these IP addresses. If you create a domain on the Services > Authoritative DNS page the Barracuda Link Balancer will search for matching domain names in the Port Forwarding and 1:1 NAT rules. For every match, a DNS A record is creating linking this hostname to its external and internal IP addresses. You can enter a fully qualified domain name (e.g. with or without the ending dot) or a hostname (e.g. www). If a hostname is entered, it is considered to be part of the default domain that is specified on the Basic > IP Configuration page.
    • Listen IP ? Shows all of the Additional IP Addresses from the Basic > Links page configured for the particular link.
    • Forward IP ? Type a static IP address reachable through a WAN link (usually, the firewall IP address reachable through WAN1) to create a DNAT rule for a link.
    • Disable ? Clear the check box to enable the rule.
    • Log ? Select the check box to write an entry in the Firewall Log whenever this rule is executed.
  2. Click Add.
Link to This Page: