Virtual Appliance Setup Guide



Similar documents
Virtual Appliance Setup Guide

BaseManager & BACnet Manager VM Server Configuration Guide

Installing and Configuring vcloud Connector

Barracuda Message Archiver Vx Deployment. Whitepaper

Product Version 1.0 Document Version 1.0-B

F-Secure Internet Gatekeeper Virtual Appliance

SonicWALL SRA Virtual Appliance Getting Started Guide

F-Secure Messaging Security Gateway. Deployment Guide

Installing and Using the vnios Trial

LifeSize Transit Virtual Appliance Installation Guide June 2011

Installing and Configuring vcloud Connector

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

Virtual Server Installation Manual April 8, 2014 Version 1.8

GX-V. Quick Start Guide. VMware vsphere / vsphere Hypervisor. Before You Begin SUMMARY OF TASKS WORKSHEET

Barracuda Message Archiver Vx Deployment. Whitepaper

How to install/upgrade the LANDesk virtual Cloud service appliance (CSA)

VCCC Appliance VMware Server Installation Guide

Virtual Appliance for VMware Server. Getting Started Guide. Revision Warning and Disclaimer

VPN-1 VE Evaluation Guide

SSL VPN. Virtual Appliance Installation Guide. Virtual Private Networks

Virtual Web Appliance Setup Guide

Virtual Appliance Setup Guide

Barracuda Link Balancer Administrator s Guide

CommandCenter Secure Gateway

Virtual Managment Appliance Setup Guide

Deployment Guide: Transparent Mode

User Manual. User Manual for Version

Thinspace deskcloud. Quick Start Guide

Rally Installation Guide

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

VMware vcenter Log Insight Getting Started Guide

Security Analytics Virtual Appliance

Barracuda Backup Vx. Virtual Appliance Deployment. White Paper

Required Virtual Interface Maps to... mgmt0. bridge network interface = mgmt0 wan0. bridge network interface = wan0 mgmt1

Barracuda IM Firewall Administrator s Guide

Barracuda SSL VPN Administrator s Guide

Barracuda Networks Technical Documentation. Barracuda SSL VPN. Administrator s Guide. Version 2.x RECLAIM YOUR NETWORK

PineApp Surf-SeCure Quick

NSi Mobile Installation Guide. Version 6.2

Setting up VMware ESXi for 2X VirtualDesktopServer Manual

Common Services Platform Collector (CSPC) Self-Service - Getting Started Guide. November 2015

Hillstone StoneOS User Manual Hillstone Unified Intelligence Firewall Installation Manual

PHD Virtual Backup for Hyper-V

If you re not using Citrix XenCenter 6.0, your screens may vary. Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0

Forcepoint Sidewinder, Virtual Appliance Evaluation for Desktop. Installation Guide 8.x. Revision A

Quick Start - Virtual Server idataagent (VMware)

Reconfiguring VMware vsphere Update Manager

EMC Data Domain Management Center

Unitrends Virtual Backup Installation Guide Version 8.0

Quick Start Guide. for Installing vnios Software on. VMware Platforms

Core Protection for Virtual Machines 1

HP Insight Control Server Provisioning 7.4 Installation Guide

User Guide for Windows 10

OnCommand Performance Manager 1.1

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

Online Help StruxureWare Data Center Expert

Install Guide for JunosV Wireless LAN Controller

Web Application Firewall

vcloud Director User's Guide

Quick Start Guide for VMware and Windows 7

AlienVault. Unified Security Management (USM) x Initial Setup Guide

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

Altor Virtual Network Security Analyzer v1.0 Installation Guide

Acronis Backup & Recovery 10 Advanced Server Virtual Edition. Quick Start Guide

Installing and Configuring vcenter Support Assistant

Steps for Basic Configuration

SevOne NMS Download Installation and Implementation Guide

Virtual Appliances. Virtual Appliances: Setup Guide for Umbrella on VMWare and Hyper-V. Virtual Appliance Setup Guide for Umbrella Page 1

Infrastructure Navigator Installation and Administration Guide

M2M Series Routers. Port Forwarding / DMZ Setup

If you re not using VMware vsphere Client 5.1, your screens may vary.

Reconfiguring VMware vsphere Update Manager

Extreme Control Center, NAC, and Purview Virtual Appliance Installation Guide

Sharp Remote Device Manager (SRDM) Server Software Setup Guide

Getting Started with ESXi Embedded

HOMEROOM SERVER INSTALLATION & NETWORK CONFIGURATION GUIDE

VX 9000E WiNG Express Manager INSTALLATION GUIDE

OnCommand Unified Manager 6.2

vrealize Air Compliance OVA Installation and Deployment Guide

vsphere Replication for Disaster Recovery to Cloud

User Guide. Cloud Gateway Software Device

Required Virtual Interface Maps to... mgmt0. virtual network = mgmt0 wan0. virtual network = wan0 mgmt1. network adapter not connected lan0

vrealize Infrastructure Navigator Installation and Configuration Guide

D-Link Central WiFiManager Configuration Guide

Using Virtual Machines

Networking Guide Redwood Manager 3.0 August 2013

IronKey Enterprise Server 6.1 Quick Start Guide

MultiSite Manager. User Guide

CommandCenter Secure Gateway

Firewall VPN Router. Quick Installation Guide M73-APO09-380

MadCap Software. Upgrading Guide. Pulse


Scan to Quick Setup Guide

User's Guide. Product Version: Publication Date: 7/25/2011

Weston Public Schools Virtual Desktop Access Instructions

Setup Cisco Call Manager on VMware

Central Administration User Guide

Introduction to Mobile Access Gateway Installation

OnCommand Performance Manager 2.0

Getting Started Guide

Transcription:

The Barracuda SSL VPN Vx Virtual Appliance includes the same powerful technology and simple Web based user interface found on the Barracuda SSL VPN hardware appliance. It is designed for easy deployment on VMware infrastructure and can be combined with other Barracuda Networks hardware appliances. The virtual appliance is a good option for standardizing hardware platforms or for deploying a Barracuda SSL VPN solution in an existing virtual environment. As the organization grows, it can be scaled for performance and capacity and also provides quick backup and disaster recovery. Before downloading and installing your Barracuda SSL VPN Vx, make sure you have the following in place: A configured server running the VMWare ESXi server version 3.5 or higher. The VMware vsphere client installed on your local machine. 6 GB of free space on your VM client (local) machine if you are using the ZIP download method of getting the virtual machine image as described below. Installing the Virtual Appliance Image From the Virtual Machines Downloads Web page, there are two methods for obtaining the virtual appliance image for the Barracuda SSL VPN Vx: Method 1: Download the OVF Template from Barracuda Central by copying and pasting the URL from the Virtual Machines Downloads page into your VM client. This method is more convenient, but requires the bandwidth to download the entire virtual appliance image once for each installation of the virtual appliance. If you are only going to download one virtual appliance / product, this method is suggested. Method 2: Download the ZIP archive of the OVF Template directly from the Virtual Machines Downloads page (Figure 2). If you are going to deploy multiple Barracuda Network virtual appliances, this method will save time and bandwidth by only downloading once. You can simply re-use the same ZIP file for each virtual appliance installation. Installation Method 1: Download the OVF Template from Barracuda Central 1. Log in to your VM client. 2. From your VM client interface, select the File > Deploy OVF Template option to create the virtual appliance. 3. Select Deploy by URL and copy and paste the URL for your ESXi version from the Virtual Machines Downloads page as shown in Figure 1.. Figure 1. Virtual Machines Downloads page for getting the virtual appliance image Copyright 2004-2010, Barracuda Networks Inc. Page 1 of 6

4. Read and accept the license agreement. 5. Give the virtual appliance a name, such as, for example, Library SSL VPN. 6. In your VM client, choose a data store to use for your Barracuda SSL VPN Vx virtual appliance. 7. Review the options you ve selected before clicking Finish to start the deployment task. The task could take awhile as the product image downloads. 8. When you see the Deployment Complete window, close it, and you should see your new virtual appliance listed by the name you gave it in the left sidebar of the VM client. 9. After installation, if desired, you can Edit Settings by right clicking on the virtual appliance to configure memory, number of virtual processors and other settings before starting it. Installation Method 2: Download the ZIP archive of the OVF Template 1. From the Virtual Machines Downloads page, click on the link for the zip file for the product image. Downloading the image could take a few minutes. Figure 2. Click on the ZIP file to download the product image 2. Unzip the ZIP archive, which contains the following three files, on your system: The OVF template, which is an.ovf file. THIS is the file you will import to your VM client in step 5 below. The product image, which is a.vmdk file A checksum file (.mf) 3. Log in to your VM client. 4. From your VM client interface, select the File > Deploy OVF Template option to create the virtual appliance. 5. Select Deploy from file and click the Browse button to locate the OVF template (the.ovf file) you unpacked from the ZIP archive on your local file system or network. 6. Read and accept the license agreement. 7. Give your virtual appliance a name that will easily identify it in your VM Client, for example: Library SSL VPN Firewall. 8. In your VM client, choose a data store to use for your Barracuda SSL VPN Vx virtual appliance. 9. Review the options you ve selected before clicking Finish to start the deployment task. 10. After installation, if desired, you can Edit Settings by right clicking your virtual appliance in the left pane of the VM client to configure memory, number of virtual processors and other settings before starting it. Copyright 2004-2010, Barracuda Networks Inc. Page 2 of 6

Configuring the Virtual Appliance Template 1. Once the virtual appliance is downloaded to your VM Client, you can click on it to select it, then click the Run icon or menu option to run the virtual appliance. 2. Once your virtual appliance is running, click the Console tab to use the console configuration utility. You ll see the system starting up, which could take a minute or two. Log in with the username admin and a password of admin. NOTE: Your mouse will be captured by the VM client; press <ctrl><alt> to see your mouse again on the screen. 3. When you see the System Configuration screen, using your keyboard arrow keys, arrow down to 'TCP/IP Configuration' and set the IP address, netmask, gateway, and DNS addresses for this appliance. Arrow down to Save and hit Enter to commit the change. 4. Arrow down to Licensing, hit Enter and key in your license using the token from the Customer Services email message. Enter the default domain you want to use for this virtual appliance. 5. Arrow down to Save and hit Enter to commit the change. Opening Firewall Ports If your Barracuda SSL VPN Vx is located behind a corporate firewall, open the following ports on your firewall to ensure proper operation: Port Direction TCP UDP Usage 25 In/Out Yes No Email alerts and one-time passwords 53 Out Yes Yes Domain Name Service (DNS) 80 Out Yes No Virus, firmware and updates 123 Out No Yes Network Time Protocol (NTP) 443 In/Out Yes No HTTPS/SSL port for SSL VPN access 8000 In/Out Yes No Appliance administrator interface port (HTTP) 8443 In/Out Yes No Appliance administrator interface port (HTTPS) Note: The Appliance Administrator interface ports on 8000/8443 should only be opened if you intend to manage the appliance from the Internet. Copyright 2004-2010, Barracuda Networks Inc. Page 3 of 6

Logging into the Barracuda SSL VPN Vx Web interface Once the virtual appliance has been configured, visit the virtual appliance Web interface and use it like any other Barracuda Networks product. You can access the appliance by entering the following URL in your browser, replacing <MyVxIPaddress> with the IP address you entered in the console configuration utility above: http://<myvxipaddress>:8000 Verify the configuration by following these steps: 1. Log into the Barracuda SSL VPN Vx Web interface as the administrator. Use Username: admin Password: admin 2. Go to the BasicIP Configuration page and perform the following: a. Verify that the IP Address, Subnet Mask, and Default Gateway are correct. b. Verify that the Primary and Secondary DNS Server are correct. c. Verify that the Proxy Server Configuration settings are correct, if you are using a proxy server on your network. 3. Click any one of the Save Changes buttons to save all of the information. Update the Firmware Click on the AdvancedFirmware Update page. If there is a new Latest General Release available, perform the following steps to update the system firmware: 1. Click on the Download Now button located next to the firmware version that you wish to install. To view download progress, click on the Refresh button. When the download is complete, the Refresh button will be replaced by an Apply Now button. 2. Click on the Apply Now button to install the firmware. This will take a few minutes to complete. 3. After the firmware has been applied, the Barracuda SSL VPN Vx will automatically reboot, displaying the login page when the system has come back up. 4. Log back into the Web interface again and read the Release Notes to learn about enhancements and new features. It is also good practice to verify settings you may have already entered, as new features may have been included with the firmware update. Change the Administrator Password To avoid unauthorized use, we recommend you change the default administrator password to a more secure password. You can only change the administrator password for the Web interface. Go to BasicAdministration and enter your old and new passwords, then click on Save Password. Route Incoming SSL Connections to the Barracuda SSL VPN To take advantage of the features of the Barracuda SSL VPN Vx, you must route HTTPS incoming connections on port 443 to the virtual appliance. This is typically achieved by configuring your corporate firewall to port forward SSL connections directly to the Barracuda SSL VPN Vx. Copyright 2004-2010, Barracuda Networks Inc. Page 4 of 6

Note: The Appliance Administrator Web interface ports on 8000/8443 will also need similar port forward configurations if you intend to manage the appliance from outside the corporate network. Verify Incoming Connections to the Barracuda SSL VPN Once you have configured your corporate firewall to route SSL through to the Barracuda SSL VPN, you should be able to accept incoming SSL connections. 1. To test the connection, use a Web browser from the Internet (not inside the LAN) to establish an SSL connection to the external IP address of your corporate firewall. For example, if your firewall s external IP address is 192.168.1.1, connect your browser to: https://192.168.1.1. 2. You should be prompted to accept an un-trusted SSL certificate, which will cause a warning message to appear in your browser. Accept the warning and proceed to load the page. 3. You should be prompted with the login page for the SSL VPN User Interface. Log in with the credentials for the VPN administrator: Login: ssladmin Password: ssladmin 4. You should now be successfully logged in as the VPN administrator, and taken directly to the SSL VPN Management Interface. From here you can set up accounts and other resources for users of the Barracuda SSL VPN. Best Practices for Configuring your VMware vsphere Client Barracuda Networks recommends the following for best configuration of your VM client running the Barracuda SSL VPN Vx: 1. Allocate 1 GB of RAM for the virtual appliance per CPU allocated. 2. You will need only a single virtual NIC on your virtual appliance. Most likely you will want to use the 'bridged' networking setup on VMWare. 3. If you re going to use the Barracuda SSL VPN Vx Network Connector, you should enable Promiscuous Mode in your VMware vsphere client: In the client, click on the Configuration tab. Click on the Networking link on the left navigation bar. Click on the Properties link to the right of the Virtual Switch pane. In the Virtual Switch properties window, click on VM Network on left navigation bar (your network name may differ). Click the Edit button at bottom, select the Security tab, click the box for Promiscuous Mode, select Accept from the drop-down and click the Okay button. Note: VMWare tools are not needed for Barracuda Networks virtual appliances (they mostly have to do with graphical interface characteristics for virtual desktop OSs). Copyright 2004-2010, Barracuda Networks Inc. Page 5 of 6

Post Setup Configuration Items Your Barracuda SSL VPN should now be configured at a basic level to accept incoming connections from the Internet. Online help is available by clicking the Help icon on any page of the product Web interface. The Barracuda SSL VPN Vx Administrator s Guide covers concepts and advanced topics for administering the product and can be found on the Barracuda Networks Web site at http://www.barracuda.com/documentation Refer to the Administrator s Guide as necessary for more details regarding the following additional steps: Register a hostname with your DNS server for the Barracuda SSL VPN, e.g. sslvpn.company.com Install an SSL certificate on the Barracuda SSL VPN for this hostname to ensure that your users are able to determine that they are connecting to a genuine Barracuda SSL VPN that is registered to your organization. Integrate the Barracuda SSL VPN with your existing user database. To cleanly integrate with your environment, the Barracuda can read in user accounts and authenticate against a number of different databases, including Microsoft Active Directory. Grant access to resources to your SSL VPN users. See the documentation for more information on the usage of the policy based access control framework. If your network uses a DMZ, you may wish to configure the Barracuda SSL VPN in this topology for greater security. Backing Up Your Barracuda Virtual Appliance System State Virtual machine environments generally provide a "snapshot" capability, which captures the state of a system as it's running. Once a snapshot is created, you can perform additional operations on the system and "revert" to the snapshot in the case of disaster recovery (or for any other reason). Because this feature is so powerful, Barracuda Networks very strongly recommends performing a snapshot at certain points in time: 1. Before upgrading the Barracuda Virtual Appliance firmware. 2. Before making major changes to your configuration (this makes snapshotting a convenient "undo" mechanism). 3. After completing and confirming a large set of changes, such as initial configuration. 4. As a periodic backup mechanism. Barracuda Networks also strongly recommends that you review your virtual environment documentation regarding snapshotting capabilities and be familiar with their features and limitations. Copyright 2004-2010, Barracuda Networks Inc. Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information