Barracuda SSL VPN
Barracuda SSL VPN -
Quick Start Guide
The Barracuda SSL VPN provides remote users secure, clientless access to their internal
network. The Barracuda SSL VPN may be installed directly inside the LAN or in a more
complex DMZ configuration.
Getting Started
Follow the instructions in this guide to configure the Barracuda SSL VPN to
accept incoming connections from the Internet. To begin setting up your
Barracuda SSL VPN, you will need the following:
Barracuda SSL VPN
AC Power Cord
Ethernet Cables
VGA Monitor (recommended)
PS2 Keyboard (recommended)
Physical Installation
To install the Barracuda SSL VPN:
1. Fasten the Barracuda SSL VPN to a 19-inch rack or place it in a stable
location.
2. Connect an Ethernet cable from your network switch to the Ethernet port on
the back of the Barracuda SSL VPN.
3. Connect a VGA Monitor, PS2 Keyboard, and AC power cord to the unit.
4. Press the power button on the front panel to turn the unit on.
Configure IP Address and Network Settings
If you have a monitor connected, the Barracuda SSL VPN will display the Boot
Menu initially, and the Administrative Console login prompt once fully booted. To
begin the configuration:
1. Login to the Administrative Console using the admin login:
Login
:
admin
Password
:
admin
2. Configure the
IP Address, Subnet Mask, Default Gateway, Primary DNS
Server
and
Secondary DNS Server
as appropriate for your network.
If you do not have a monitor and keyboard and want to set the IP address using
the RESET button on the front panel, press and hold the RESET per the
following table:
IP address
Press and hold RESET for
…
192.168.200.200
5 seconds
192.168.1.200
8 seconds
10.1.1.200
12 seconds
Open Firewall Ports
If your Barracuda SSL VPN is located behind a corporate firewall, open the
following ports on your external firewall to ensure proper operation:
Port
Direction
TCP
UDP
Usage
22
Out
Yes
No
Remote diagnostics and service (recommended)
25
Out
Yes
No
Email One-time passwords
53
Out
Yes
Yes
Domain Name Service (DNS)
80
Out
Yes
No
Firmware and definition updates
123
Out
No
Yes
Network Time Protocol (NTP)
443
In
Yes
No
HTTPS/SSL port for SSL VPN access
8000
Out
Yes
No
Firmware and definition updates (backup)
8000
In*
Yes
No
External appliance administrator port (HTTP)*
8443
In*
Yes
No
External appliance administrator port (HTTPS)*
* Only if appliance management is performed from outside the corporate network
T
he following ports must be opened if the listed type of access is desired:
1723
In
Yes
No
PPTP
access**
500
In
No
Yes
L2TP/IPsec
access
4500
In
No
Yes
L2TP/IPsec
access
*
* Note:
PPTP
access also requires GRE (IP protocol 47)
If you also have an internal firewall (due to placing the Barracuda SSL VPN in a
DMZ, for example), then the following must be allowed on your internal firewall:
389
Out
Yes
No
LDAP/Active Directory read access
636
Out
Yes
No
LDAP/Active Directory read/write access
Barracuda SSL VPN Configuration
Use a computer with a Web browser that is connected to the same network as
the Barracuda SSL VPN and follow these steps:
1. In your web
browser’s address bar, enter http:// followed by the IP address of
the Barracuda SSL VPN, followed by the default Appliance Administrator
web interface HTTP port (:8000). For example, if you configured the
Barracuda SSL VPN with an IP address of 192.168.200.200, you would type:
http://192.168.200.200:8000
2. Log in to the Appliance Administrator web interface as the administrator:
Username:
admin
Password:
admin
3. Go to the
BASIC > IP Configuration
page and perform the following:
Verify the
IP Address
,
Subnet Mask
, and
Default Gateway
.
Verify the
Primary
and
Secondary DNS Server
.
Enter the
Default Hostname
and
Default Domain
.
If you are using a proxy server on your network, you should also verify the
Proxy Server Configuration
settings.
4. Complete the rest of the fields on this page and save your changes.