Overview:
There are three interfaces on the load balancer. Two in the front are the "inside" and "outside", which are labeled LAN and WAN. There is also an interface in the rear of the server that is for management access.
Configure WAN Interface
Configuring the first interface unfortunately really needs to be done via the keyboard/vga port. There is no console port that you can connect into to simply set the box up like you can with more advanced systems. (you can press the reset button in the front of the system, and it will set the ports to some specific IP's, but that's about it.)
At bootup, you get a login prompt
The default user/pass is admin/admin
You don't get the option of a shell, instead, this semi-gui screen pops up to "help" you configure the
WAN interface only.
When you have configured the WAN interface, you can test it with the
Troubleshooting tools.
When you are done, select
Exit, and it will log you out.
Setup Outbound Firewall Rules
The system must connect to the Barracuda Network to handle licensing. (this way they can milk the hell out of you for an over priced support contract. :) Without this, the system throws errors and behaves poorly for admin purposes. To enable this bend-overage, allow the following outbound flows on your firewall:
Allow TCP:80 from the Barracuda to the following networks
64.235.147.0 255.255.255.0
host 205.158.110.60
host 64.235.144.132
216.129.105.0 255.255.255.0
216.129.125.0 255.255.255.0
205.158.110.0 255.255.255.0
Configure LAN interface
Open up a web browser addressed to the WAN ip that you just configured. The default user/pass is admin/admin.
Select (a) the
Basic tab, and then (b) the IP Configuration sub-tab. Within that window, modify the following:
- (c) LAN IP Configuration: with the inside IP addresses
- (d) DNS Configuration: with local or remote DNS servers. (NOTE: the Barracuda is ham-stringed by DNS. IF DNS IS NOT ACCESSIBLE, THE LB WILL BE SLUGGISH!
- (d) Domain Configuration: with the hostname and domain info
Then select Save Changes. This will log you out, so to confirm your settings, you will need to log back in.
Bring the box up to date:
Subscription:
Activate the subscription by going to the
Basic tab, and selecting the
Status page. Then under the
Subscription Status section, make sure that the status is current.
Firmware:
To update Firmware, go to the
Advanced tab, select
Firmware Update, and confirm that the
Current installed Version is less then the
Latest General Release. If so, select
Download Now under the Latest General Release section, and then select
Apply Now to install the newest release.
Change Password:
Change the Admin Password by going to the
Basic tab, and selecting
Administration, and then adding your new password in the
Password Change section.
Setup HA Pair:
Bind a second load balancer by repeating the process above to the second unit, and then under the
Advanced Tab, select
High Availability, and enter in the other systems IP, and the same shared secret and group id.
General Settings:
DNS:
Under the
Basic Tab, under
IP Configuration, set your DNS servers
Syslog:
Under the Advanced Tab, under Syslog, set the syslog servers.
Time:
There are two different places to change the time on the server, one is in the Basic tab, and the other under the "special expert variables".
Under the
Basic Tab, under
Admin, set the timezone
Then in the
Advanced tab, to to the end of the uri, and
append the following to uri to get to the "Expert Variables"
&expert=1
This will enable another tab called
Expert. In there, you can set the NTP server to a local clock that is inside of your security zone.
