Home‎ > ‎Barracuda‎ > ‎

basic config of 440


Overview:

There are three interfaces on the load balancer.  Two in the front are the "inside" and "outside", which are labeled LAN and WAN.  There is also an interface in the rear of the server that is for management access.


Configure WAN Interface

Configuring the first interface unfortunately really needs to be done via the keyboard/vga port.  There is no console port that you can connect into to simply set the box up like you can with more advanced systems.  (you can press the reset button in the front of the system, and it will set the ports to some specific IP's, but that's about it.)

At bootup, you get a login prompt

The default user/pass is admin/admin

You don't get the option of a shell, instead, this semi-gui screen pops up to "help" you configure the WAN interface only

When you have configured the WAN interface, you can test it with the Troubleshooting tools.

When you are done, select Exit, and it will log you out. 

Setup Outbound Firewall Rules

The system must connect to the Barracuda Network to handle licensing.  (this way they can milk the hell out of you for an over priced support contract. :)  Without this, the system throws errors and behaves poorly for admin purposes.  To enable this bend-overage, allow the following outbound flows on your firewall:

Allow TCP:80 from the Barracuda to the following networks

64.235.147.0 255.255.255.0
host 205.158.110.60
host 64.235.144.132
216.129.105.0 255.255.255.0
216.129.125.0 255.255.255.0
205.158.110.0 255.255.255.0


Configure LAN interface

Open up a web browser addressed to the WAN ip that you just configured.  The default user/pass is admin/admin.

Select (a) the Basic tab, and then (b) the IP Configuration sub-tab.  Within that window, modify the following:
  • (c) LAN IP Configuration: with the inside IP addresses
  • (d) DNS Configuration: with local or remote DNS servers.  (NOTE: the Barracuda is ham-stringed by DNS.  IF DNS IS NOT ACCESSIBLE, THE LB WILL BE SLUGGISH!
  • (d) Domain Configuration: with the hostname and domain info
Then select Save Changes.  This will log you out, so to confirm your settings, you will need to log back in.

Bring the box up to date:

Subscription:

Activate the subscription by going to the Basic tab, and selecting the Status page.  Then under the Subscription Status section, make sure that the status is current. 

Firmware:

To update Firmware, go to the Advanced tab, select Firmware Update, and confirm that the Current installed Version is less then the Latest General Release.  If so, select Download Now under the Latest General Release section, and then select Apply Now to install the newest release. 

Change Password:

Change the Admin Password by going to the Basic tab, and selecting Administration, and then adding your new password in the Password Change section. 

Setup HA Pair:

Bind a second load balancer by repeating the process above to the second unit, and then under the Advanced Tab, select High Availability, and enter in the other systems IP, and the same shared secret and group id. 

General Settings:

DNS:

Under the Basic Tab, under IP Configuration, set your DNS servers

Syslog:

Under the Advanced Tab, under Syslog, set the syslog servers.

Time:

There are two different places to change the time on the server, one is in the Basic tab, and the other under the "special expert variables".
Under the Basic Tab, under Admin, set the timezone


Then  in the Advanced tab, to to the end of the uri, and append the following to uri to get to the "Expert Variables"
&expert=1



This will enable another tab called Expert.  In there, you can set the NTP server to a local clock that is inside of your security zone. 


Admin Access:

Under the Basic Tab, under Admin, set the range of IP's that can connect to the admin port of this system.

SNMP Conf:

Under the Advanced Tab, under the SNMP configuration tab, define the snmp version, community string, and allowed IPs to poll this system.




Comments