While connected to the SSL VPN via the web portal or CudaLaunch, you can enable or disable dynamic access and application rules for the Barracuda CloudGen Firewall. You must create a dynamic firewall rule resource in the SSL VPN configuration for the exiting dynamic rules to be able to activate them via the portals.
Before You Begin
- Configure the SSL VPN for the CloudGen Firewall. For more information, see How to Configure the SSL VPN Service.
- Create a dynamic access or application rule. For more information, see How to Create and Activate a Dynamic Access Rule .
Create the Dynamic Rule Resource for SSL VPN
- Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > VPN-Service > SSL-VPN .
- In the left menu, select Dynamic Firewall Rules .
- Click Lock.
- In the Firewall Rule Activation table, click + to add an entry for the dynamic rule.
- Enter a Name for the rule. For example,
mgmt-dynamic
- Click OK. The Firewall Rule Activation window opens.
- Select the Active check box to make the rule visible.
- In the Visible Name field, enter the name for the rule. For example,
CloudGen Firewall Management
In the Dynamic Rule Selector table, delete the asterisk ( * ), and add the names of the dynamic rules that you created for the SSL VPN. Asterisk ( * ) and question mark (?) wildcard characters are allowed.
To allow access only to specific user groups, delete the asterisk ( * ) in the Allowed User Groups table, and add the names of the MSAD groups allowed to activate these dynamic rules. For example,
*OU=admins*
.
- Click OK .
- Click Send Changes and Activate .
Enable and Disable Dynamic Rules
You can enable and disable dynamic access and application rules from the SSL VPN web portal or CudaLaunch.
Enable and Disable Dynamic Rules from the SSL VPN Web Portal
While connected to the SSL VPN web portal, you can enable dynamic rules for a specified length of time on the Dynamic Firewall Rules page.
For more information, see SSL VPN.
Enable and Disable Dynamic Rules using CudaLaunch
When connected to the SSL VPN using CudaLaunch, you can enable dynamic rules for a specified length of time on the Rules page.
For more information, see the Dynamic Firewall Rules section in CudaLaunch.