It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Configure SSL Tunnels

  • Last updated on

After you enable and configure the SSL VPN, you can add SSL tunnels. SSL tunnels are used to encrypt data for client/server applications that normally do not use encryption. An outgoing SSL tunnel protects TCP connections that a computer forwards from a local port to a preconfigured destination IP address and port that the user is connected to. To use SSL tunnels you must have a Remote Access Premium subscription.

generic_ssl_tunnel.png

Before you begin

Enable the SSL VPN service and CudaLaunch. For more information, see How to Enable SSL VPN and CudaLaunch.

SSL tunnels

Configure a resource containing one or more SSL tunnels that forward the TCP traffic of the remote service. Access to tunnel resources can be limited via the user groups.

  1. Go to VPN > SSL VPN and click the Resources tab.

  2. In the SSL Tunnels section, click Add SSL Tunnel.

  3. In the Add SSL Tunnel window, set Enable to Yes.
  4. (optional) Click Browse to upload a PNG file for the web portal, less than 30 kB and not larger than 80x80 pixels.
  5. In the Name field, enter the visible name for the tunnel resource. This is the name used in the web portal for this resource.
  6. In the Tunnels section, configure the SSL tunnel:
    1. Enter the Name of the SSL tunnel.
    2. Enter the tunnel destination IP address in the Address field.
    3. Enter the port on the loopback interface that the user connects to in the FWD Port field and the Local Port of the service tunneled by the SSL VPN. To use a random port, enter 0 (default).
    4. (optional) To restrict access to the SSL tunnel by user group, remove the * entry in the Allowed User Groups list. Enter the user groups that can access the tunnel, and click + after each entry. If no groups are added, the SSL tunnel cannot be accessed. Use question marks (?) and asterisks (*) as wildcard characters.
      ssl_res01.png
  7. Click Save.

Tunnels in CudaLaunch

Tunnels are available only in CudaLaunch. To enable or disable the tunnel, go to the Tunnels tab and click the tunnel icon. The gray or green status icon shows the state of the tunnel.

StateIcon
Tunnel inactivesslvpn_gen_tunnel_05.png
Tunnel activesslvpn_gen_tunnel_04.png

sslvpn_gen_tunnel_07.pngsslvpn_gen_tunnel_06.png