What is the Barracuda SSL VPN Server Agent?



Similar documents
ShadowControl ShadowStream

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Setting Up Scan to SMB on TaskALFA series MFP s.

NSi Mobile Installation Guide. Version 6.2

Connecting an Android to a FortiGate with SSL VPN

LifeSize Transit Deployment Guide June 2011

Configuring Global Protect SSL VPN with a user-defined port

NETASQ ACTIVE DIRECTORY INTEGRATION

Managing Qualys Scanners

Installing and Configuring vcenter Multi-Hypervisor Manager

Introduction to Mobile Access Gateway Installation

VPN L2TP Application. Installation Guide

Deployment for Network Proxy in Simpana Environment

Introduction to the EIS Guide

NetSpective Global Proxy Configuration Guide

Configuration Guide. BES12 Cloud

F-Secure Messaging Security Gateway. Deployment Guide

Cisco QuickVPN Installation Tips for Windows Operating Systems

Central Administration User Guide

vcloud Director User's Guide

MultiSite Manager. Setup Guide

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Virtual Appliance Setup Guide

Pearl Echo Installation Checklist

EMR Link Server Interface Installation

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

VPN PPTP Application. Installation Guide

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

DameWare Server. Administrator Guide

enter the administrator user name and password for that domain.

Configuring IPsec VPN with a FortiGate and a Cisco ASA

USER GUIDE. Snow Inventory Data Receiver Version 2.1 Release date Installation Configuration Document date

Exchange 2013 mailbox setup guide

FTP, IIS, and Firewall Reference and Troubleshooting

Sophos Anti-Virus for NetApp Storage Systems startup guide

Deploying F5 with Microsoft Active Directory Federation Services

NETASQ SSO Agent Installation and deployment

Install and Configure Oracle Outlook Connector

How to Create a Basic VPN Connection in Panda GateDefender eseries

Investment Management System. Connectivity Guide. IMS Connectivity Guide Page 1 of 11

User Guide. You will be presented with a login screen which will ask you for your username and password.

How To Configure SSL VPN in Cyberoam

How To Configure A Bomgar.Com To Authenticate To A Rdius Server For Multi Factor Authentication

Laptop Backup - Administrator Guide (Windows)

7.1. Remote Access Connection

Password Manager. Version Password Manager Quick Guide

Virtual Web Appliance Setup Guide

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Using SonicWALL NetExtender to Access FTP Servers

Training module 2 Installing VMware View

PineApp Surf-SeCure Quick

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

Hosted Microsoft Exchange Client Setup & Guide Book

SysAid Remote Discovery Tool

Technical Note. Configuring Outlook Web Access with Secure WebMail Proxy for eprism

Configuring Thunderbird with UEA Exchange 2007:

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Sophos Anti-Virus for NetApp Storage Systems startup guide. Runs on Windows 2000 and later

Repeater. BrowserStack Local. browserstack.com 1. BrowserStack Local makes a REST call using the user s access key to browserstack.

Global VPN Client Getting Started Guide

WhatsUp Gold v16.3 Installation and Configuration Guide

Endpoint Security VPN for Windows 32-bit/64-bit

GE Measurement & Control. Remote Comms System. Installation and User Reference Guide

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

Kaseya Server Instal ation User Guide June 6, 2008

INTRODUCTION... 2 Windows Windows Mac OS X Ubuntu Advanced routing Windows Mac OS X Ubuntu...

DIGIPASS Authentication for SonicWALL SSL-VPN

Migration Manual (For Outlook 2010)

Aventail Connect Client with Smart Tunneling

Reference and Troubleshooting: FTP, IIS, and Firewall Information

Virtual Data Centre. User Guide

Xopero Backup Build your private cloud backup environment. Getting started

How To Plan A Desktop Workspace Infrastructure

MobileStatus Server Installation and Configuration Guide

Installing and Configuring vcloud Connector

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Installing Policy Patrol on a separate machine

SOA Software: Troubleshooting Guide for Agents

Introduction to the Mobile Access Gateway

Microsoft Outlook Setup With Exchange Server. Outlook

Forward proxy server vs reverse proxy server

1. Installation Overview

ADFS Integration Guidelines

Propalms TSE Deployment Guide

Virtual Appliance Setup Guide

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Comodo Endpoint Security Manager SME Software Version 2.1

Security Provider Integration Kerberos Authentication

Scenario: IPsec Remote-Access VPN Configuration

Centrify Cloud Connector Deployment Guide

Installation Instructions for Backup Manager and Cloud Management Console

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

Configuring Thunderbird for Flinders Mail at home.

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

SELF SERVICE RESET PASSWORD MANAGEMENT WEB INTERFACE GUIDE

escan SBS 2008 Installation Guide

qliqdirect Active Directory Guide

Transcription:

The standard communication model for outgoing calls is for the appliance to simply make a direct connection to the destination host. This paradigm does not suit all business needs. The Barracuda SSL VPN Server Agent provides an alternative routing framework. The framework registers interest from external clients and enables them to instead route information for a particular host. This chapter provides further information on this framework and ultimately information how an administrator can administer and manage this framework. The sections covered are: What is a Server Agent? What are Routes? Installing a Server Agent Server Agent Interface Create New Route Enabling Routes What is the Barracuda SSL VPN Server Agent? The Barracuda SSL VPN Server Agent is a small client that is installed on a machine. Once installed the Server Agent registers itself with the appliance and then sits idle. It is only when the appliance requires its assistance does the client wake and begin performing its tasks. What is its Function? The Barracuda SSL VPN Server Agent s purpose is to simply redirect traffic securely to a target host. As the diagram below shows, the Server Agent acts as a proxy directing traffic from the appliance to the remote system. The administrator is thus able to configure an environment where there is no direct connection to the end host. For example, a Server Agent can be installed on a remote network and connect back to the appliance using the standard HTTPS port. With the configuration of routes an administrator can then set up resources that access services on the remote network without the need to open up a single port on the firewall protecting the remote network. This same process can be used to access resources inside the LAN from a Barracuda SSL VPN residing in a DMZ. In the diagram below, the appliance sits in the DMZ with other Internet facing servers. The DMZ is secured from the Internet with a firewall which only has port 443 open so that the appliance is accessible. The link from LAN to DMZ is also secured by a firewall. The administrator creates a resource e.g. a web forward to a CRM system; this requires a connection to the CRM service on the LAN. Instead of opening another port on the firewall between the DMZ and LAN, the Page 1 of 9

administrator can position a Server Agent on the LAN side with a single port open which the Server Agent can receive data on. What are Routes? Visibility A route defines an endpoint host that is associated with a single Server Agent. A Server Agent can be associated with a number of routes all of which define what endpoints a particular Server Agent can connect to. When a connection takes place the system determines which Server Agent is associated with the client s desired route and contacts that Server Agent passing it all the traffic. The Barracuda Server Agent is not something a user will actually see or select to use it is actually a background process that takes over whenever a connection needs to go out from the appliance to a remote system. If the administrator has routes configured and a Server Agent installed the system will take advantage of this and proxy the traffic through the Server Agent. A user will be unaware that a Server Agent is proxying his or her traffic. When no Server Agent is installed, the Barracuda SSL VPN will continue to make direct connections to its target host. The Server Agent is strictly an administrator feature to help reassurance of security; its activation affects all resources. Compatible Resources Currently not all resources work with the Barracuda SSL VPN Server Agent; Active Directory, LDAP and Network Connect are inappropriate and Network Places is currently incompatible. Those that are currently compatible are as follows: Web Forwards Applications Tunnels Page 2 of 9

Installing the Server Agent Client Before any routing can begin the Server Agent client needs to be installed on a machine. This machine should be sufficiently placed so that the destined routes can be reached. As the diagram above shows the client is on a machine which is inside the secured LAN this allows the Server Agent to access any resource inside the company network. 1. Select the appropriate Download Client action from the Server Agent page (Management Console Configuration Server Agent), this example uses the Windows client: 2. The client file will need to be saved to an appropriate place. Once done the extracted file should be executed. 3. Once the wizard has started and the license agreed a destination folder needs to be specified Page 3 of 9

4. The next step is defining the Server Agent properties: Host: The hostname of the Barracuda SSL VPN to maintain communication with Port: The listening port of the Barracuda SSL VPN Authentication Method: Certificate or Password. Note Certificates Supported For tighter security a certificate can be used instead of a simple password Username: Username of a user that can access the SSL VPN Server Agent Certificate: If certificate has been chosen as the authentication method then this will be accessible. Browse to the appropriate certificate Password: If Password has been chosen as the authentication method then this will be accessible. Key in the password associated with the user Confirm Password: Confirmation of above password 5. Once installed the client needs to be started. This is run as a process and so for Windows you need to start the Barracuda SSL VPN Server Agent service (Control Panel Administrative Tools Services). Page 4 of 9

The SSL VPN Server Agent service will now be running. If successfully configured the client should successfully register with the appliance and appear in the main page. Page 5 of 9

Authorize Server Agent Once a Server Agent has been created and has registered successfully with the appliance, in order for it to be used and have routes assigned to it the Server Agent needs to be authorized. Against the appropriate Server Agent select More followed by the Authorize action. Server Agent Interface Action Icons The main Server Agent page (Management Console Advanced Server Agent) provides information on all successfully registered clients. The action icons against each Server Agent performs functions on the associated Server Agent, their respective objective is detailed below: Delete Server Agent Edit Server Agent details Authorize Server Agent (More ) Disable Server Agent (More ) Page 6 of 9

Create New Route 1. For a Server Agent to work a route needs to be created. Select the Create Route action as displayed below: 2. The Create Server Agent wizard will be initiated. The first step in the wizard requires basic information for the route. Name: The name of the route Description: Details of the route 3. The route itself needs to be defined. Page 7 of 9

Host Pattern: The address of the route. Any traffic destined for this host will be proxied through the selected Server Agent. The Server Agent doesn t necessarily have to support only one address a range can be defined for example if you want this route to be used for all requests in a given domain *.example.com would be used. Port Pattern: Any specific host that should be identified Use Regex Pattern Match: By checking this regular expressions can be keyed into the host pattern Continue if Server Agent is Offline: Selecting this will allow another Server Agent, which has an equivalent route, to serve the request destined for this route. If there is a selection of routes all with this flag set, the system will search through the list for a route which matches and eventually if all routes happen to be offline fall back to the default Server Agent. Type: There are two types of Server Agent - Local and Remote. Local: Connections are established from the appliance out to the Server Agent Remote: Connections are established from the Server Agent back to the appliance Server Agent: Selects the Server Agent which will service this. The list of active Server Agent is available from the list 4. Once all the necessary parameters are defined the wizard displays a summary. Selecting Next will finish the creation of the route. The newly created route will be visible from the main page under the appropriate section Local Routes or Remote Routes. Page 8 of 9

Enabling Routes Even though the route may be assigned to a Server Agent and the Server Agent authorized in order for the route to be used by the Server Agent, a route still needs to be enabled. To enable a route simple go to the appropriate route and choose enable from the More button. Page 9 of 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information