Enable the SSL VPN to allow mobile apps to connect. CudaLaunch supports the same SSL VPN features as the web portal and resources using SSL Tunnels. To use CudaLaunch a Remote Access Premium subscription is required. For testing purposes one concurrent SSL VPN and CudaLaunch connection is included in the base license.
Full device VPN for Android and iOS
To use the full device VPN, you must create a client-to-site configuration and a VPN Template Resource in the SSL VPN in order to push the configuration to the mobile devices. By default, the first VPN template is used to connect to the VPN service. Due to differences in the mobile operating systems, the Android version of CudaLaunch uses the Barracuda VPN client with the TINA protocol, whereas CudaLaunch on iOS manages the built-in iOS IPsec client.
Client-to-site VPN configuration
You must configure a client-to-site group policy that is compatible with both Android and iOS devices. Create an IPsec PSK group policy and verify that both IPsec Client and Barracuda Client are enabled in the Group Policy Conditions.
For more information, see How to Configure a Client-to-Site VPN Group Policy or Example - Client-to-Site IKEv1 IPsec VPN with PSK.
Create a VPN template on the SSL VPN
Export the VPN configuration file for the VPN Group Policy and then create a VPN Template resource for the SSL VPN. CudaLaunch will automatically present the VPN templates to the user. You can create multiple VPN Template Resources and restrict them per group as needed.
For more information, see How to Configure VPN Group Policies in the SSL VPN.
SSL VPN apps
A searchable list of Web Forwards is displayed when logging in to CudaLaunch. Important or frequently used Web Forwards can be marked as favorites.
SSL VPN dynamic firewall rules
Dynamic firewall rules allow administrators to temporarily enable access rules. CudaLaunch allows users with the necessary permissions to enable (with or without time limit) or disable the dynamic rule. When the time limit is reached, all existing firewall sessions matching this rule are terminated.
For more information, see How to Create and Activate a Dynamic Access Rule and How to Activate Dynamic Firewall Rules for Remote Connections via SSL VPN.
Client certificate authentication
You can configure the Barracuda NextGen Firewall F-Series SSL VPN and the CudaLaunch on iOS and Android to use client certificate authentication.