How can we help?

How to configure IPFIX on Barracuda NG firewalls

Follow

These instructions assume:

Configure IPFIX

  1. Log into the Barracuda firewall web admin console.
  2. Navigate to Configuration > Configuration Tree > Box > Infrastructure Services > General Firewall Configuration.
  3. In the left menu, select Audit and Reporting.
  4. Expand configuration mode and select Switch to Advanced View.
  5. Click Lock.
  6. Navigate to the log policy section
  7. Select Edit the audit log. A handling window opens.
  8. Set audit delivery to Send IPFIX.
  9. Under IPFIX streaming:
    1. Set Enable IPFIX/NetFlow to yes.
    2. Set Enable intermediate reports to yes.
    3. Set IPFIX template to default without Barracuda custom fields and UniFlow.
  10. Under collectors, select Add a Collector:
    1. In the Collector Name field, enter a name for the Auvik collector.
    2. Set export mode to UDP.
    3. In the Collector IP address field, enter the IP address for the Auvik collector.
    4. Choose from any of these ports: 2055, 2056, 4432, 4739, 6343, 9995, or 9996.
    5. Set byte order for the data set to LittleEndian.
  11. Click Send Changes and Activate.

Configure the firewall rule

  1. Navigate to Configuration > Full Configuration > Virtual Servers > [virtual server you’re configuring] > Assigned Services > Firewall > Forwarding Rules.
  2. Click Lock.
  3. Click the plus icon (+) in the top right rule set.
  4. Select Pass as the action.
  5. Create a name for the rule:
    1. Source: Enter the IP address for your Barracuda LAN interface.
    2. Destination: Enter the IP address for the Auvik collector.
    3. Service: Select Any.
    4. Click OK.
  6. Drag and drop the firewall rule so it’s the first rule that matches the traffic you want to forward.
  7. Click Send Changes and Activate.

IPFIX is now enabled on your Barracuda NG firewall.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Powered by Zendesk