It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SSL VPN

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda SSL VPN sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Configure One-Time Password (OTP) Authentication

  • Last updated on

One-time passwords (OTPs) are passwords that can only be used once in a predefined time frame, usually just minutes. You can configure the Barracuda SSL VPN to send the OTP to users by either email or SMS. OTPs do not require any special hardware or infrastructure. Any device that receives email or SMS can be used to receive the OTP.

  • To configure the Barracuda SSL VPN to send OTPs by email, configure the SMTP server and the OTP settings.
  • To configure the Barracuda SSL VPN to send the OTPs by SMS, configure the SMTP server, the OTP settings, and an SMTP to SMS service.

Prerequisites for sending OTPs by SMS

If you want to send OTPs by SMS:

  • You must have an account for an SMTP to SMS service that can send SMS to cell phones in your country
  • Determine the address format for sending SMS over email. Each service provider uses a different format.
  • Every user must have the mobile.number attribute set.

Step 1. Configure the SMTP server

Configure the SMTP server that will be used to send the OTPs.

  1. Select the user database that you want to configure the SMTP server for. To configure an SMTP server for all user databases, select Global View.
  2. Go to the Manage System > BASIC > Configuration page.
  3. In the SMTP section, enter the settings for your SMTP server.
  4. Click Save Changes.

Step 2. Configure the OTP settings

Specify when OTPs are sent, how they are sent, and what kind of OTPs are generated by the Barracuda SSL VPN.

  1. Go to the Manage System > ACCESS CONTROL > Security Settings page.
  2. In the One-Time Password section, configure the following settings:
    • Send Mode – Select At Login to send the OTP during user logins.
    • Method of password delivery – You can select either Email to send the OTP via email or SMS over Email to send the OTP to users' cell phones.
    • Generation Type – Select the type of OTP that you want the appliance to generate. If you experience problems with character encoding in your emails or SMS, select ASCII
  3. Click Save Changes.

If you configured the Barracuda SSL VPN to send OTPs by email, no additional configurations are required. When the appliance sends an OTP, it obtains the email address of the user from the user database.

Step 3. (If sending OTPs via SMS) Configure the SMTP to SMS service

If you configured the Barracuda SSL VPN to send the OTPs by SMS, provide the information required to connect with the SMTP to SMS service that you are using.

  1. Open the Manage System > ACCESS CONTROL > Configuration page.
  2. In the SMS section, enter the following information, depending on the requirements of your SMTP to SMS service provider:
    • SMS Gateway Address – The email address for the SMS gateway. A common example would be: ${userAttributes.mobileNumber}@example.com
    • SMS Provider Credentials – Usually the credentials and the text are entered here.
  3. Click Save Changes.

Next Steps

Add the OTP authentication to your authentication scheme. For more information, see Authentication Schemes.