Overview
Indicator Lights:
| Light | Color | Description |
| | Red | Reserved
|
| | Yellow | Reserved |
| Traffic | Green | Blinks when device process traffic
|
Data I/O
| Green | Blinks during data transfer
|
| Power | Green | Solid green when powered on
|
Virginising the System:
You can bring the system back to the factory settings by rebooting and going into recovery mode.
Configuring 1st Interface:
Barracudas are cheap, and because of that, they are not really built like equipment you are normally used to. To do the initial setup on a Barracuda, you need to
plug a monitor and keyboard into them. Log in with the default user/pass (
admin/
admin) and go to the
TCP/IP Configuration tab. Enter in the following information:
- IP address of outside interface
- Mask of outside interface
- Default Gateway
- Primary and Secondary DNS (Note that Barracudas are built to be hamstrung by DNS, so make sure that your DNS solution is robust, and make sure that it can be connected to by the barracudas.
Setup Outbound Firewall Rules
The system must connect to the
Barracuda Network to handle licensing. (this way they can milk the hell
out of you for an over priced support contract. :) Without this, the
system throws errors and behaves poorly for admin purposes. To enable
this bend-overage, allow the following outbound flows on your firewall:
Allow TCP:80 from the Barracuda to the following networks
64.235.147.0 255.255.255.0
host 64.235.144.132
216.129.105.0 255.255.255.0
216.129.125.0 255.255.255.0
205.158.110.0 255.255.255.0
Activate the Firewall:
Login to ADMIN PORTAL:
You cannot simply connect to the IP address of the wan interface, you will need to connect to port 8000 over http. So your browser's url would be
http://<IP_Address>:8000
The default username and password is admin/admin
Subscription:
From the
Basic tab, under
Status, select (3) the "
Click here for activation code".
This will pull up a Barracuda webpage where you can enter in your
company's information for the support contract. When you are finished,
you will get an activation code, which you should paste back in (4) the
Basic tabs
Status page, under the
Subscription Status.
Firmware Upgrades:
To update Firmware, go to the
Advanced tab, select
Firmware Update, and confirm that the
Current installed Version is less then the
Latest General Release. If so, select
Download Now under the Latest General Release section, and then select
Apply Now to install the newest release. (note: the system will probably need to reboot after uploading the newest firmware.)
Energize Updates:
To get the latest Security, Virus and Attack updates, under
Advanced tab, select the
Energize Updates sub-tab. Then select (A)
update on those subsections. The system will be updated without needing a restart or anything.
General Settings:
IP Address:
Under the Basic Tab, under IP Configuration, set your IP
addresses under TCP/IP Configuration. Your IP should already be setup, so there should be no change needed here.
Static Routes:
Under the
Advanced Tab, within the
Advanced Networking sub tab, go to the
Static Routes section to add any additional routes.
DNS / Hostname:
Under the
Basic Tab, under
IP Configuration, set your DNS servers, and the hostname and domain of the barracuda
Syslog:
Syslog configuration is done with the SSLADMIN account, not the Admin (:8000) account. So log in to the main interface with the
ssladmin account (default pass = ssladmin)
https://<ip_address>/
Then and select Under the
Advanced Tab, under
Syslog, enter in the syslog hosts IP, and define if it should be transported over UDP 514 (yes)
From the Admin account you can only view the logs with the following method.
Under the
Advanced Tab, under
Syslog, in the Web interface Syslog section, select the
Monitor Web Syslog button to view the logs.
Time:
There
are two different places to change the time on the server, one is in
the Basic tab, and the other under the "special expert variables".
Under the
Basic Tab, under
Admin, set the timezone
Then in the
Advanced tab, under
Advanced Networking, add the Time servers under the
NTP Server section.
Admin Access:
Under the
Basic Tab, under
Admin, set the range of IP's that can connect to the admin port of this system.
SNMP Conf:
Also under the
Basic Tab, futher down the
Admin sub-tab is the SNMP configuration tab, where you can define the snmp
version, community string, and allowed IPs to poll this system.
Also, you need to connect to the normal web service of the barracuda with the
ssladmin account:
https://<ip_address>/
Select the
Advanced Tab, and then append
&expert=1 to the end of the uri
Still under the
Advanced Tab, select the new
Expert Tab.Scroll down till you get to the
snmp section, and make sure that the community string there is the same as the one you changed above.
Change Password:
Change the Admin Password by going to the
Basic tab, and selecting
Administration, and then adding your new password in the
Password Change section.
Final Touch Ups:
SSL Certificate
To ensure that https traffic to the appliance is trusted, you need to install a cert on the barracuda.
Under the
Basic Tab, under
SSL Certificate, Go to the Trusted Certificate section, and add your publicly signed certificate.
