We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Activate Dynamic Firewall Rules for Remote Connections via SSL VPN

  • Last updated on

While connected to the SSL VPN via the Desktop Portal, CudaLaunch, or the SSL VPN mobile portal, you can enable or disable dynamic access and application rules for the Barracuda NextGen Firewall F-Series. You must create a dynamic firewall rule resource in the SSL VPN configuration for the exiting dynamic rules to be able to activate them via the SSL VPN portals.

In this article:

Before You Begin

Create the Dynamic Rule Resource for SSL VPN

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > VPN-Service > SSL-VPN.
  2. In the left menu, select Dynamic Firewall Rules.
    dyn_rules.png
  3. Click Lock.
  4. In the Firewall Rule Activation table, click + to add an entry for the dynamic rule.
  5. Enter a Name for the rule. For example, mgmt-dynamic
    dyn_name.png 
  6. Click OK. The Firewall Rule Activation window opens.
  7. Select the Active check box to make the rule visible.
  8. In the Visible Name field, enter the name for the rule. For example, NextGen Firewall F-Series Management
  9. Add a Link Description for the rule for SSL VPN users. For example, You can activate the dynamic rule for management access here.
    dyn_conf1.png 
  10. In the Dynamic Rule Selector table, delete the asterisk (*), and add the names of the dynamic rules that you created for the SSL VPN. Asterisk (*)  and question mark (?) wildcard characters are allowed.   

     Dynamic rules in cascaded rule lists must be entered as : 

  11. To allow access only to specific user groups, delete the asterisk (*) in the Allowed User Groups table, and add the names of the MSAD groups allowed to activate these dynamic rules. For example, *OU=admins*.

    dyn_conf2.png
  12. Click OK.
  13. Click Send Changes and Activate.

Enable and Disable Dynamic Rules

You can enable and disable dynamic access and application rules from the SSL VPN Desktop Portal, from CudaLaunch, or from the SSL VPN mobile portal.

Enable and Disable Dynamic Rules from the SSL VPN Desktop Portal

While connected to the SSL VPN desktop portal, you can enable dynamic rules for a specified length of time on the FIREWALL page.

ssl_desktop.png

For more information, see the Desktop Portal section in SSL VPN.

Enable and Disable Dynamic Rules Using CudaLaunch

When connected to the SSL VPN using CudaLaunch, you can enable dynamic rules for a specified length of time on the Options > Dynamic Firewall Rules page.

For more information, see the Dynamic Firewall Rules section in CudaLaunch.

Enable and Disable Dynamic Rules Using the SSL VPN Mobile Portal

When connected to the SSL VPN using the Barracuda SSL VPN mobile portal, you can enable dynamic rules for a specified length of time on the My Options > Firewall Rules page.

For more information, see the Enable and Disable Dynamic Firewall Rules section in the Mobile Portal User Guide.

Last updated on