We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

How do I limit a service to a certain range of source IP addresses on my Barracuda Web Application Firewall?

  • Type: Knowledgebase
  • Date changed: 10 years ago

Solution #00004222

 

Scope:

This solution applies to all Barracuda Web Application Firewalls.

 

Answer:

If the restriction is to be done on a particular service then this has to be done on layer 7. Create a URL ACL by following the directions below.

 

Navigate to Websites > Allow/Deny.

1. Create an allow for the particular IP / subnet with the following parameters:

 

  • ACL Name : Any name
  • Host Match : *
  • URL Match : /*
  • Extended Match :  (Client-IP eq 192.168.1.0/24)  
  • Extended match sequence : 1
  • Action : Process

The extended match in the above example is important. The one mentioned above allows traffic from the entire 192.168.1.x subnet.


2. Create a default deny with the following parameters:

 

  • ACL : Any Name
  • host : *
  • URL match : /*
  • extended match : *
  • Extended squence Number : 999
  • Action : deny

 

Link to this page:

https://campus.barracuda.com/solution/50160000000HnTCAA0