It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Network Security

Support Services

Barracuda SSL VPN

Overview Documentation

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda SSL VPN sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Configure Entrust IdentityGuard Authentication

Last updated on 2016-06-06 23:21:21

The Barracuda SSL VPN can authenticate users with login information from Entrust IdentityGuard servers. When configured, the Java based RADIUS client sends authentication requests to the IdentityGuard server and allows access to the Barracuda SSL VPN unit based upon a success or failure message returned by the server. Specify the Barracuda SSL VPN as a RADIUS client on the IdentityGuard server, configure the RADIUS server settings on the Barracuda SSL VPN and set up a RADIUS authentication scheme for your users.

Before you begin

You must have your IdentityGuard server configured to accept RADIUS requests from the Barracuda SSL VPN. To do this, specify the Barracuda SSL VPN IP address as a RADIUS client on the server.

Step 1. Configure the RADIUS server

Open the Management System > ACCESS CONTROL > Configuration page.
Enter the following information in the RADIUS section:
- RADIUS Server – Enter the hostname or IP address of the IdentityGuard server.
- Authentication Port – Enter 1812.
- Shared Secret – Enter the shared secret. This passphrase must be configured on the IdentityGuard server.
- Authentication Method – Select PAP.
- Reject Challenge – Disable in order to receive additional RADIUS prompts such as change PINs prompts.
Click Save Changes.

Step 2. Create an authentication scheme

Go to the Manage System > ACCESS CONTROL > Authentication Schemes page.
Create an authentication scheme which contains the RADIUS module (select RADIUS, click Add). You may add more modules if you wish to have multi factor authentication.
Select a policy which will be able to use this authentication (e.g. Everyone) and click Add.
Click Add.

The new scheme is now listed in the Authentication Schemes section, this may be set as the default module by clicking More.. next to the entry and choosing Increase Priority until it appears at the top of the list.

Step 3. Test the IdentityGuard authentication

To log into the Barracuda SSL VPN using Entrust IdentityGuard authentication, create a user account to match the RADIUS login name. Alternatively, if you are using an Active Directory or LDAP server, ensure this account exists on the user database. To create a new user account,

Go to the Manage System > ACCESS CONTROL > Accounts page.
Enter a username and password and click Add.

To test the authentication, log in as the user:

Enter the username and click Login.
Enter the password and click Login.
Work out the passcode based on the grid.

You are now logged into the Barracuda SSL VPN.

Previous Article Next Article