SSL VPN
Barracuda SSL VPN - Quick Start Guide4. Click any one of the Save Changes buttons to save all of the information.
Update the Firmware
Go to Advanced
Firmware Update. If there is a new Latest General
Release available, perform the following steps to update the system firmware:
1. Click on the Download Now button located next to the firmware version that
you wish to install. To view download progress, click on the Refresh button.
When the download is complete, the Refresh button will be replaced by an
Apply Now button.
2. Click on the Apply Now button to install the firmware. This will take a few
minutes to complete. To avoid damaging the Barracuda SSL VPN, do not
manually power OFF the system during an update or download.
3. After applying the firmware, the Barracuda SSL VPN will automatically
reboot, displaying the login page when the system has come back up.
4. Log back into the Appliance Administrator Web interface and read the
Release Notes to learn about enhancements and new features. It is also
good practice to verify any settings you may have already entered, as new
features may have been included with the firmware update.
Change the Administrator Password
To avoid unauthorized use, we recommend you change the password for the
default Appliance Administrator Web interface to a more secure password. You
can only change the password for the Appliance Administrator Web interface.
You cannot change the password for the Administrative Console, which is only
accessible via the keyboard which you can disconnect at any time.
1. Go to Basic
Administration and enter your old and new passwords.
2. Click on Save Password.
Product Activation
Verify that the Energize Updates feature is activated on your Barracuda SSL
VPN by going to the Basic
Status page.
1. Under Subscription Status, make sure the Energize Updates subscription is
Current. If the Energize Updates is Not Activated, click the corresponding
activation link to go to the Barracuda Networks Product Activation page and
complete activation of your subscriptions.
2. Reboot your Barracuda SSL VPN.
Route Incoming SSL Connections to the Barracuda SSL VPN
To take advantage of all available features, you must route HTTPS incoming
connections on port 443 to the Barracuda SSL VPN. This is typically achieved by
configuring your corporate firewall to port forward SSL connections directly to the
Barracuda SSL VPN.
Note: The Appliance Administrator Web interface ports on 8000/8443 will also need similar
port forward configurations if you intend to manage the appliance from outside the
corporate network.
Verify Incoming Connections to the Barracuda SSL VPN
Once you have configured your corporate firewall to route SSL through to the
Barracuda SSL VPN, you should be able to accept incoming SSL connections.
1. To test the connection, use a Web browser from the Internet (not inside the
LAN) to establish an SSL connection to the external IP address of your
corporate firewall. For example, if your firewall’s external IP address is
192.168.1.1, connect your browser to: https://192.168.1.1
2. You will be prompted to accept an un-trusted SSL certificate, which will
cause a warning message to appear in your browser. Accept the warning
and proceed to load the page.
3. You will be prompted with the login page for the SSL VPN User Interface.
Log in with the credentials for the VPN administrator:
•
Username
:
ssladmin
•
Password
:
ssladmin
4. You will now be successfully logged in as the VPN administrator, and taken
directly to the SSL VPN Management Interface. From here you can set up
accounts and other resources for users of the Barracuda SSL VPN.
Post-Setup Configuration Items
Your Barracuda SSL VPN should now be at the minimum configuration required
to accept incoming connections from the Internet. Refer to your product
documentation as necessary for more details regarding the following additional
steps:
• Register a hostname with your DNS server for the Barracuda SSL VPN,
such as: sslvpn.example.com
• Install an SSL certificate on the Barracuda SSL VPN for the hostname,
to ensure your users are able to determine that they are connecting to a
genuine Barracuda SSL VPN that is registered to your organization.
• Integrate the Barracuda SSL VPN with your existing user database. To
cleanly integrate with your environment, the Barracuda SSL VPN can
read in user accounts and authenticate against a number of different
databases, including Microsoft Active Directory.
• Grant access to resources to your VPN users, set up a policy-based
access control framework.
• If your network uses a DMZ you may wish to configure the Barracuda
SSL VPN in this topology for greater security.
Additional documentation can be found at
http://www.barracuda.com/documentation.
Contact and Copyright Information
Barracuda Networks, Inc. 3175 S. Winchester Blvd, Campbell, CA 95008 USA • phone: 408.342.5400 • fax: 408.342.1061 • www.barracuda.com
Copyright 2004-2009 Barracuda Networks, Inc. All rights reserved. Use of this product and this manual is subject to license. Information in this document is
subject to change without notice. Barracuda SSL VPN is a trademark of Barracuda Networks, Inc. All other brand and product names mentioned in this document
are registered trademarks or trademarks of their respective holders. 10v1-081007-03-1029