We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X


This Product is Going End-of-Life and End-Of-Support

End-Of-Sales: As of December 1st, 2018, all new sales for Barracuda NextGen Firewall X Series products have ceased. Only renewals of software and hardware subscriptions for a maximum of one year are available for a limited time up to an expiration date of 30th November 2020.

End-Of-Life and End-Of-Support on December 1st 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires, or until Dec 1st, 2020, whichever occurs first. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

Example - Configuring an Access Rule for the Barracuda Email Security Gateway

  • Last updated on

When deploying a Barracuda Email Security Gateway behind the Barracuda NextGen Firewall X-Series, configure a Destination NAT (DNAT) access rule to route SMTP traffic to the Email Security Gateway. For more information on the Barracuda Email Security Gateway, see: Overview.

This article provides instructions on how to configure an access rule for the following setup:


Before you Begin

Install and configure the Barracuda Email Security Gateway in your LAN as described in: Deployment Behind the Corporate Firewall.

Step 1. (Optional) Create a Service Object for SMTPS

To also forward SMTPS traffic to your Email Security Gateway, create a service object to redirect the traffic to port 465. For more information, see Service Objects.

Use the following settings:

  • Protocol – TCP
  • Port Range – 465


Step 2. Configure a DNAT Access Rule

Create a DNAT access rule that forwards all incoming SMTP traffic to the IP address of the Email Security Gateway.

  1. Go to the FIREWALL > Firewall Rules page.
  2. Click Add Access Rule to create a new firewall rule.
  3. In the Add Access Rule window, enter a name and description for the rule.
  4. Specify the following settings:

    ActionConnectionSourceNetwork ServicesDestinationRedirected To
    DNATNo SNATInternetSMTP, SMTP SSL (optional)
    Enter the public IP address of the X-Series Firewall. E.g.: the IP address or select the network object for your Barracuda Email Security Gateway. E.g.:


  5. Click Save.

Step 2. Verify the Order of the Access Rules

Because rules are processed from top to bottom in the rule set, arrange your access rules in the correct order. Make sure that this rule is the first access rule that matches SMTP traffic on the WAN port of the X-Series Firewall.

After adjusting the order of the rules in the rule set, click Save.

Last updated on