By adding group policy-based VPN templates to your firewall's SSL VPN resources, you can let end users self-provision the VPN clients on their Windows, macOS, or iOS devices. Users then only need to log into their desktop or mobile portal and click the provisioning link. By default, the VPN template uses session and user attributes for single sign-on. The downloaded file automatically configures the Barracuda VPN client or iOS VPN client, depending on the operating system. Currently, VPN files containing personal license files (*.lic) cannot be uploaded.
Before You Begin
- Configure a client-to-site VPN group policy. For more information, see Client-to-Site VPN.
- (macOS and Windows only) Install the Barracuda VPN Client. For more information, see Installing the Barracuda Network Access/VPN Client for Windows.
Configure the VPN Template
Configure the client-to-site VPN access policy to allow CudaLaunch.
- Go to VPN > Client-To-Site VPN.
- In the VPN Access Policies section, edit an access policy, or click Add Access Policy and create a policy. Configure the VPN clients and network information to be passed to clients. For more information, see Client-to-Site VPN.
- In the Add / Edit VPN Access Policy window, set Use for CudaLaunch to Yes.
- (optional) Click Browse to upload a PNG file for the web portal. It must be less than 30 kB and no larger than 80x80 pixels.
- In the CudaLaunch Server field, enter the IP address of the server providing CudaLaunch.
- In the Allowed Groups field, enter the user groups that the policy setting applies to. Click + after each entry. You can use question marks (?) and asterisks (*) as wildcard characters.
- Click Save.
The VPN template can now be used to self-provision your user's Windows, macOS, and iOS devices via the web portal as well as full device VPN in the CudaLaunch mobile app.
To configure the VPN clients on their desktop or iOS device, users can access the VPN templates through either the SSL VPN web portals or CudaLaunch. Clicking on the VPN template resource adds the VPN group policy to the VPN client installed on the device. For CudaLaunch on the mobile devices, the VPN connection is fully managed by the app, including updating the VPN profile if the VPN file attached to the VPN template in the SSL VPN is changed. For Windows and macOS devices, the VPN connection for the Barracuda VPN Client can be downloaded directly from CudaLaunch or the web portal, but VPN configuration changes are not synced.
For more information, see: