We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Security Gateway

How can I test connectivity to the support server to troubleshoot a Barracuda Web Filter's failed support tunnel?

  • Type: Knowledgebase
  • Date changed: 4 years ago

Solution #00006360

 

Scope:

Applies to all Barracuda Web Filter appliances on all versions of firmware.

Answer:
When you contact Barracuda Support, the technician may request a support tunnel to be opened from your device, to better assist you and be able to resolve any technical issues and quickly answer questions. In order to establish and maintain a support tunnel, the Barracuda Web Filter requires end-to-end port 22 outbound access to Barracuda Support servers. Access can be blocked by firewalls, ISPs, or other network factors that restrict port 22. One quick and easy way to test connectivity to the support servers is to run a telnet connection to the support server URL using the following steps.

When doing so you have two methods available.
 
From a PC:
 
1. Login to a workstation in the same subnet as your Barracuda Web Filter.
2. Open a Command prompt, From the Start menu, choose All Programs, click Accessories, and select Command Prompt. Shortcut: Windows Key + r and then type in cmd and enter.
3. You will be presented with a command line interface. At the cursor, enter the following: 
telnet support01.barracudanetworks.com 22
4. Press the enter key. If the telnet was successful, you will see SSH-2.0-OpenSSH_4.4 as the output. Any other output indicates a failed connection.
 
From the Barracuda:
 
If you do not have telnet as an option,
1.     you should also be able to find a telnet command on the Advanced Tab> Troubleshooting page. Here you can just add the IP and port to test and see the output.
A successful telnet connection indicates that your Barracuda Web Filter is able to access the support servers over port 22. Please contact Barracuda Support for additional support tunnel troubleshooting.
You should get this showing  SSH-2.0-OpenSSH_4.4
 
telnet 64.235.147.77 22
Trying 64.235.147.77...
Connected to barracuda.com (64.235.147.77).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.4
 
 
Dig or nslookup verified
dig support01.barracudanetworks.com
 
; <<>> DiG 9.4.1-P1 <<>> support01.barracudanetworks.com
 
;; QUESTION SECTION:
;support01.barracudanetworks.com. IN    A
 
;; ANSWER SECTION:
support01.barracudanetworks.com. 299 IN A       64.235.147.77
 
 
If not able to telnet on port 22, then you are being blocked somewhere upstream most likely, Checking that the DNS you are using in the filter can resolve the hostname above, verifying the Firewall is actually logging the traffic going out and coming back in, or if it is being blocked, Verify the ISP can see it passing to and from also.
 
A failed telnet connection indicates that a network device or service is blocking port 22 outbound access.
Many times an IDS/IPS device may allow the connection and then close it immediately.
Additional Notes:
Depending on your Windows configuration, your workstation may not have telnet installed by default. If you receive a command line error stating that telnet is not a recognized command, please use the following technet article to install telnet prior to running this solution.

http://technet.microsoft.com/en-us/library/cc771275%28v=ws.10%29.aspx

These tests will also help with an activation issue or even the Status Page taking an extremely long time to respond ( as DNS is needed to load this page), the Status page has other reason for latent loading though.
Verify no NIC issues with dropped traffic or bottle neck dropping traffic, bad cables or speed settings, Incorrect gateway settings on inline deployments, ACL’s,

Link to this page:

https://campus.barracuda.com/solution/501600000013SGMAA2