Barracuda SSL VPN - Quick Start Guide
The Barracuda SSL VPN provides remote users secure, clientless access to your internal network. The Barracuda SSL VPN
may be installed directly inside the LAN or in a more complex DMZ configuration. Follow the instructions in this guide
to configure the Barracuda SSL VPN to accept incoming connections from the Internet.
Getting Started
To begin setting up your Barracuda SSL VPN, you will need the following:
•
Barracuda SSL VPN appliance
•
AC power cord; AC input voltage range is 100-240 volts at 50/60 Hz
•
Ethernet cables
•
VGA monitor (recommended)
•
PS2 keyboard (recommended)
Physical Installation
1. Install the Barracuda SSL VPN to a 19-inch rack or place it in a stable location.
2. Connect an Ethernet cable from your network switch to the Ethernet port on the back of the Barracuda SSL VPN.
3. Connect a VGA monitor, PS2 keyboard, and the AC power cord to the unit.
4. Turn on the unit by pressing the power button on the front panel.
Configure IP Address and Network Settings
With a monitor and keyboard attached
As soon as the Barracuda SSL VPN is fully booted the administrative console login is displayed:
1. Log into the Administrative Console using the admin credentials:
Login:
admin
Password:
admin
2. Configure the
IP Address, Subnet Mask, Default Gateway, Primary DNS Server
and
Secondary DNS Server
as appropriate for your network.
Without a monitor and keyboard attached
Use the RESET button on the front panel to configure the IP adress. Press and hold the RESET button according to the
table bellow:
IP Address
Netmask
Press and hold RESET for
192.168.200.200
255.255.255.0
5 seconds
192.168.1.200
255.255.255.0
8 seconds
10.1.1.200
255.255.255.0
12 seconds
1
Configure the Firewall
If your Barracuda SSL VPN is located behind a corporate firewall, open the following ports on your external
firewall to ensure proper operation:
Port Direction
TCP UDP Usage
22
Out
Yes
No
Remote diagnostics and service (recommended)
25
Out
Yes
No
Email One-time passwords
53
Out
Yes
Yes
Domain Name Service (DNS)
90
Out
Yes
No
Firmware and definition updates
123
Out
No
Yes
Network Time Protocol (NTP)
443
In
Yes
No
HTTPS/SSL port for SSL VPN access
8000
Out
Yes
No
Firmware and definition updates (backup)
Typically the corporate firewall is configured to port forward incoming HTTPS/SSL connections on port 443 directly to
the Barracuda SSL VPN.
Port Direction
TCP UDP Usage
1723
In
Yes
No
PPTP
access (
PPTP
access also requires GRE (IP protocol 47))
500
In
No
Yes
L2TP/IPsec
access
4500
In
No
No
L2TP/IPsec
access
To use L2TP/IPsec and PPTP in combination with an internal firewall, you must open the following ports:
Port Direction
TCP UDP Usage
389
Out
Yes
No
LDAP/Active Directory read access
636
Out
Yes
No
LDAP/Active Directory read/write access
Log into the Appliance Web Interface
Use a computer with a web browser that is connected to the same network as the Barracuda SSL VPN, to
log into the web interface:
1. Enter
http://IP address of the Barracuda SSL VPN:default appliance web interface HTTP port
in your browser. For example, if you configured the Barracuda SSL VPN with an IP address of 192.168.200.200, you
would type:
http://192.168.200.200:8000
2. Log into the appliance web interface as the administrator:
Login:
admin ,
Password:
admin
2
3
4
5
