It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Access

Quick Start

  • Last updated on

The following configuration steps will allow you to access a resource protected by the CloudGen Access Proxy.

Before You Begin

  • The CloudGen Access Proxy is the software that contains the Envoy Proxy and the CloudGen Access Proxy Orchestrator.
  • The Envoy Proxy listens to requests and proxies them to the correct destination.
  • The CloudGen Access Proxy Orchestrator ensures that the Envoy Proxy is configured with the correct requests and takes care of authorization and authentication requests.
  • The CloudGen Access Proxy Orchestrator requires a valid token (CloudGen Access Proxy enrollment link) that contains the necessary information to bootstrap and authorize the service.

Step 1. Add a New CloudGen Access Proxy

  1. Go to CloudGen Access Enterprise Console.
  2. Navigate to Access and then Proxies.
  3. Click the + icon in the top right.

    This proxy will be used to test access for the test resource. However, this does not prevent it from being used as a permanent proxy later on.

    ec-access-proxies.png

  4. Add the following:
    • Proxy Name – Used to identify the proxy.
    • Location (optional) – For your reference only.
    • Host – IP/Hostname used to reach the proxy.
    • Port – Port where the CloudGen Access Proxy will be available.
  5. Click Create.
    ec-access-add-proxy.png
  6. Copy the link that will be used when configuring the proxy.

    This is the only time the link is provided by the Management Console.

    ec-access-add-proxy2.png

Step 2. Install the CloudGen Access Proxy in Docker

In this quick start, we recommend installing the solution using the docker infrastructure. For other platforms, see CloudGen Access Proxy.

  • The public port will need to be available for the clients connecting to resources.
  • The required images are available in dockerhub registry under the organization FydeInc.
  • Requires a valid CloudGen Access Proxy enrollment link, obtained in the previous step.

Minimum OS supported versions:

  • Debian 9
  • Centos 7
  • Ubuntu 16.04
  • MacOS 10.14

Please note that the steps below will execute scripts obtained externally. We advise you to inspect the content before execution.

  1. Choose yes, when asked about installing the test resource.
  2. Download and execute installation script.
sudo bash -c "$(curl -fsSL https://url.fyde.me/install-fyde-proxy-docker)"

Step 3. Add a New Resource

In this step, we are going to create a test resource. However, you can use an existing resource of your own, instead.

To add a new resource:

  1. Go to Access and click the + icon in the top right.
    ec-access-resources.png
  2. Fill in the details:
    ec-access-add-resource.png
    • Resource Name – HTTP Test
    • Public Host – http.example.org
    • Resource Host – httptest
    • External Port – 81
    • Internal Port – 80
    • Access Proxy – Select the existing CloudGen Access Proxy.
    • Policy Name – Allow Everyone.
    • Notes – Leave empty.
  3. Click Create.

Step 4. Add a New User

In order to register a device, you need to create a user. Users and account administrators are separate entities. The same email can be used for account administrators and a regular user, and there will be no relation between them.

To add a new user:

  1. Go to Identity and click the + icon in the top right.
    ec-control-users.png
  2. Add the following:
    • Name – Name to identify the user.
    • Email – Required to send the enrollment to the user link via email.
    • Phone (optional) – For your reference only.
    • Group (optional) – Groups that the user is part of
  3. Select Send email invitation (optional) to send an email to the user with enrollment steps.
  4. Click Create.
    ec-control-add-user.png

Step 5. Enroll a Device

A user can have multiple devices. This will be determined by the account administrators.

  • Enroll a new device for the created user by accessing the enrollment link. 
    •   The link is sent to the email configured for the user or by sharing the link from the user details.
  • The enrollment process is done directly from the created user’s device.

Step 6. Access Created Resource

The enrolled device will now access the created resource.

Access the configured resource by visiting the following link from the enrolled device: http://http.example.org:81/

Troubleshooting

If the device is not accessing the resource, see Troubleshooting for troubleshooting steps.

Last updated on