What ports should be open on my firewall to allow the Email Security Gateway to operate properly?
Solution: #00004111
Scope:
All Email Security Gateways, all firmware versions.
Answer:
There are fives ports that are REQUIRED to be open to your Barracuda Spam Firewall:
TCP port 22 OR 8788 -- SSH: Support tunnel to Barracuda Central (Outbound)
TCP port 25 -- SMTP: Email message transfer
UDP port 53 -- DNS: Peer identification and Internet name resolution
TCP port 80 -- HTTP: Energize Updates and Firmware downloads
UDP port 123 -- NTP: System Clock Synchronization
There are other ports which are optional and may need to be open only if related functionality is enabled on the Email Security Gateway:
TCP port 389 -- LDAP: Directory-based user administration
TCP port 443 -- HTTPS: SSL secured web browsing
TCP port 636 -- LDAPS: SSL secured LDAP
TCP port 3268 -- LDAP: Active Directory Global Catalog
TCP port 3269 -- LDAPS: SSL secured Active Directory Global Catalog
TCP port 4234 -- Required for Archiving mail from Barracuda Email Encryption Service (BEES)
TCP port 8000 -- HTTP: Default Administrative Web Interface
TCP port 8002 -- Clustering
If you are connecting to BCC/CPL/COPY.com you need to have the following ports open:
TCP 80 -- HTTP
if port 80 can't be used..then TCP PORT 23557 or 48320
TCP 443 -- HTTPS
TCP 25 -- SMTP
Link to this page:
https://campus.barracuda.com/solution/50160000000HkFYAA0