It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda NextGen Firewall X
Overview Documentation Materials

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Join a Windows Domain

  • Last updated on

To successfully join the Barracuda NextGen Firewall X-Series to a Windows domain, you must first configure DNS, Active Directory authentication, and NTLM authentication. Joining a domain is required for NTLM or MS-CHAP authentication requests to be accepted by the domain controller. This is important for Client-to-Site VPN access and user-based firewall rules.

Step 1. Configure DNS

Because many of the requests for a domain join and subsequent authentication must query the domain controller directly, you must specify your domain controllers in the DNS configuration.

  1. Go to the NETWORK > IP Configuration page.
  2. In the DNS Configuration section, enter the IP addresses of your first and second domain controllers.
  3. Click Save Changes.
  4. Verify that the X-Series Firewall has a host entry in your Active Directory. By default, the hostname is the product model name. For example, the hostname for a Barracuda NextGen Firewall X200 is X200.

Step 2. Configure Active Directory Authentication

To configure Active Directory authentication:

  1. Go to the USERS > External Authentication page.
  2. Click the Active Directory tab.
  3. Add the information for your primary domain controller. It is critical that your settings are correct and match the domain.
    • If you want to use group selection with MS-CHAP authentication, enable Cache MSAD Groups.
    • For the domain join, you do not need to configure the settings in the Extended section.

    • Enter the Searching User as: user@domain .

      Do not use domain\user formatting as this may cause problems with some Active Directory servers.

    For more details about the settings, click Help on the page.
  4. Click Save Changes.

Step 3. Configure NTLM Authentication

To configure NTLM authentication:

  1. Go to the USERS > External Authentication page.
  2. Click the NTLM tab.

  3. Configure and save the NTLM settings.

    It is not necessary to have WINS running on your domain, but you must configure the WINS Servers setting.
  4. Click Save Changes.

Step 4. Join the Domain

To join the domain:

  1. Go to the USERS > External Authentication page and open the NTLM tab.
  2. In the Windows Domain Username and Windows Domain Password fields, enter the credentials for a user account with permissions to join the domain (such as an administrator). These user credentials are not saved and are only used once during the join attempt.
  3. Click Join Domain.
  4. To verify that the join was successful, click Registration Status.