We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure a Generic Proxied Web App

  • Last updated on

Create proxied web apps to allow SSL VPN users to access web-based internal applications. There are predefined web app types for frequently used services, such as Outlook Web Access and SharePoint servers, as well as generic settings that allow you full control over how the web content is rewritten. Web apps can also be customized using user attributes. User attributes are defined by the administrator and filled in by the end user in the mobile or desktop portal. They allow for personalized URLs or single sign-on for web apps. 

Configure a Generic Web App

  1. Go to CONFIGURATION > Configuration Tree > Box > Assigned Services > VPN-Service > SSL-VPN.
  2. In the left menu, select Web Apps.
  3. Click Lock.
  4. In the Proxied Web Apps section, click + to add a web app to the list.
  5. Enter a Name for the web app and click OK. The Proxied Web Apps window opens.

  6. Select Generic from the Web Apps Template drop-down list.

    For Outlook Web Access and SharePoint web apps, see How to Configure an Outlook Web Access Web App and How to Configure a SharePoint Web App.
  7. Enter the Visible Name. This is the name used in the desktop and mobile portal for this web app.
  8. Enter the Root URL of the web server in the following format: Protocol type (http:// or https://) followed by the FQDN or IP address of the web server. E.g., http://your.domain.com or
  9. Enter the Launch Path in the following format: "/" followed by the path and file name you want to request when starting the web app. Hash characters (#) in the launch path must be replaced by [hash]. You can also include user or session attributes in the launch URL. For more information on attributes, see How to Use and Create Attributes.
    E.g., /wiki/${session:username}/ or /lunchmenu/${user:location}/index.php

  10. (optional) To restrict access to the web app by user group, replace the * entry in the Allowed User Groups list. Click + to add new user groups.

  11. (optional) Click + to enter the additional web servers in the Allowed Hosts list. Add all servers that must be proxied by the SSL VPN when accessing this web app.
  12. (optional) Click Ex/Import to upload a custom icon.
  13. To configure Authentication (single sign-on) for this web app, see How to Configure Single Sign On for Proxied Web Apps.

  14. Click OK.
  15. Click Send Changes and Activate.

Advanced Settings

For some web apps, more granular control over how the content is rewritten may be required. In the left menu, click Advanced View to set these parameters.

  • GET/POST Content Rewrite – Rewrites the web forward path in GET/POST parameters so that the SSL VPN engine can forward it properly. For example, references to "/test.html" will be rewritten to "/web_forward_test/test.html".
  • Custom Replacements – Rewrite a part of the web page on the fly. Define a matching and corresponding replacement pattern and assign a weight to each. The lowest weight is processed first.
  • Custom Headers – Define rules to replace or remove header values for either requests, responses, or both.
  • Dynamic Access – Make this resource only available when enabled by super user groups:

    • Select the Dynamic App checkbox.

    • Allow super user groups to enable, disable, or time-enable the resource.

    • Select the Allow Maximum/Minimum Time checkboxes and restrict the maximum and minimum amount of time this resource can be time-enabled for.

Last updated on