It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Activate Dynamic Firewall Rules for Remote Connections via SSL VPN

  • Last updated on

While connected to the SSL VPN via the web portal or CudaLaunch, you can enable or disable dynamic access and application rules for the Barracuda CloudGen Firewall. You must create a dynamic firewall rule resource in the SSL VPN configuration for the exiting dynamic rules to be able to activate them via the portals.

Before You Begin

Create the Dynamic Rule Resource for SSL VPN

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > VPN-Service > SSL-VPN.
  2. In the left menu, select Dynamic Firewall Rules.
    dyn_rules.png
  3. Click Lock.
  4. In the Firewall Rule Activation table, click + to add an entry for the dynamic rule.
  5. Enter a Name for the rule. For example, mgmt-dynamic
    dyn_name.png 
  6. Click OK. The Firewall Rule Activation window opens.
  7. Select the Active check box to make the rule visible.
  8. In the Visible Name field, enter the name for the rule. For example, CloudGen Firewall Management
    dyn_conf1.png 
  9. In the Dynamic Rule Selector table, delete the asterisk (*), and add the names of the dynamic rules that you created for the SSL VPN. Asterisk (*)  and question mark (?) wildcard characters are allowed.   

     Dynamic rules in cascaded rule lists must be entered as <rulelist>:<name> 

  10. To allow access only to specific user groups, delete the asterisk (*) in the Allowed User Groups table, and add the names of the MSAD groups allowed to activate these dynamic rules. For example, *OU=admins*.

    dyn_conf2.png
  11. Click OK.
  12. Click Send Changes and Activate.

Enable and Disable Dynamic Rules

You can enable and disable dynamic access and application rules from the SSL VPN web portal or CudaLaunch.

Enable and Disable Dynamic Rules from the SSL VPN Web Portal

While connected to the SSL VPN web portal, you can enable dynamic rules for a specified length of time on the Dynamic Firewall Rules page.

ssl_desktop_01.png

ssl_desktop_02.png

For more information, see SSL VPN.

Enable and Disable Dynamic Rules using CudaLaunch

When connected to the SSL VPN using CudaLaunch, you can enable dynamic rules for a specified length of time on the Rules page.

For more information, see the Dynamic Firewall Rules section in CudaLaunch.