By creating group policy-based VPN templates in the NextGen X-Series Firewall's client-to-site VPN settings, you can let end users self-provision the VPN clients on their Windows, macOS, or iOS devices. Users then only need to log into CudaLaunch, or in their web portal, and click the provisioning link. The downloaded file automatically configures the Barracuda VPN client or iOS VPN client, depending on the operating system.
Before you begin
- Configure a client-to-site VPN. For more information, see Client-to-Site VPN.
- (macOS and Windows only) Install the Barracuda VPN Client. For more information, see Installing the Barracuda Network Access/VPN Client for Windows.
Configure the VPN template
Configure the client-to-site VPN access policy to allow CudaLaunch.
- Go to VPN > Client-To-Site VPN.
- In the VPN Access Policies section, edit an access policy, or click Add Access Policy and create a policy as described in Client-to-Site VPN and configure the VPN clients and network information to be passed to clients.
- In the Add / Edit VPN Access Policy window, set Use for CudaLaunch to Yes.
- (optional) Click Browse to upload a PNG file for the web portal, less than 30 kB and not larger than 80x80 pixels.
- In the CudaLaunch Server field, enter the IP address of the server providing CudaLaunch.
- In the Allowed Groups field, enter the user groups that the policy setting applies to. Click + after each entry. You can use question marks (?) and asterisks (*) as wildcard characters.
- Click Save.
The VPN template can now be used to self-provision your user's Windows, macOS, and iOS devices via the web portal as well as full device VPN in the CudaLaunch mobile app.