It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda CloudGen Firewall

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

How to Configure Wi-Fi AP Authentication

Last updated on 2024-06-17 09:49:41

The Barracuda CloudGen Firewall F-Series can parse authentication information contained in the syslog stream of supported wireless access points. Wi-Fi access points typically use authentication services such as RADIUS servers to authenticate users before allowing them to connect. The Barracuda CloudGen Firewall F-Series monitors the syslog files sent by the Wi-Fi access points for the username and the associated IP address of logged-in users. Depending on the access point, the Barracuda CloudGen Firewall F-Series receives login and/or logout information.

Supported Wi-Fi access points

Aerohive (login only)
Ruckus (login and logout)
Aruba (login only)
Aruba Instant (login only)

Video

Watch the following video to see the Barracuda CloudGen Firewall F-Series receive user information via Wi-Fi Access Point authentication from an Aerohive Access Point:

Videolink:

https://campus.barracuda.com/

Before you Begin

Configure the Wi-Fi access point to stream the syslog to the Barracuda CloudGen Firewall F-Series. For more information, see:

Step 1. Configure a Box Level IP Address

Add an IP address to the box level that can be reached by the wireless access point.

Go to CONFIGURATION > Configuration Tree > Box > Network.
Click Lock.
Click + to add an Additional Local IP.
Enter a Name.
Select the interface from the Interface Name drop-down list.
Enter the IP Address and Associated Netmask.
Click OK.
Click Send Changes and Activate.

Step 2. Configure Wi-Fi AP Authentication

If the Wi-Fi access point is using an SSL-encrypted connection, the certificate can be imported from a PEM or PKCS12 file. For non-standard Wi-Fi Access Point syslog streaming ports, change the port in Advanced View and edit the port in the BOX-AUTH-WIFI-SYNC rule accordingly.

Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > Authentication.
Click Lock.
In the left menu, click Wi-Fi AP Authentication.
Set Activate Scheme to yes.
Click + to add a Wi-Fi AP Endpoint. The Wi-Fi AP Endpoints window opens.
Enter the Source IP. This is the IP address of your Wi-Fi access point.
Select the Protocol used by the Wi-Fi access point to send the syslog.
- UDP
- TCP
- SSL
(SSL only) Enter the Certificate Subject Alternative Name for the SSL certificate.
(SSL only) Click Ex/Import and import the Certificate File.
Select the manufacturer of your Wi-Fi access point from the Wi-Fi AP Model drop-down list.
Click OK.
Click Send Changes and Activate.

You can now use the authentication information from your Wi-Fi access point. Go to Firewall > Users. All users with Wi-Fi-AP in the Origin column are authenticated via the Wi-Fi access point.