It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda NextGen Firewall X

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

This Product is End-of-Life and End-Of-Support

End-Of-Life and End-Of-Support on December 1st, 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

How to Configure Barracuda DC Agent Authentication

Last updated on 2016-08-10 23:50:47

The Barracuda DC Agent enables the Barracuda NextGen Firewall X-Series to transparently track user login activity in your Windows domains. When installed on a domain controller that runs either Windows Server 2003 with Service Pack 2 (SP2) or Windows Server 2008 or above, the Barracuda DC Agent monitors the user authentication logs. Configure the X-Series Firewall to query the Barracuda DC Agent so that it can learn which IP address is used by a network user.

Before you Begin

Download and install the Barracuda DC Agent on your domain controller or dedicated Windows PC. The DC Agent can be downloaded directly from your X-Series Firewall:

Do not install the Barracuda DC Agent on Windows Server domain controllers that are configured to use NTLM.

Go to the USERS > External Authentication page.
Click the DC Agent tab.
Click Download DC Agent.
Install the DC Agent. For more information, see How to Get and Configure the Barracuda DC Agent.

When configuring the Barracuda DC Agent, add the IP address(es) of your X-Series Firewall and configure local audit policies to generate an account login event whenever a user authenticates via the domain controller.

Configure DC Agent Authentication

Configure the X-Series Firewall to communicate with the Barracuda DC Agent and specify the domain controllers where the Barracuda DC Agent is installed.

Go to the USERS > External Authentication page.
Click the DC Agent tab.
Set Enable Single Sign-On to Yes.
In the Domain Controller IP field, enter the IP address of the domain controller running the DC Agent. The X-Series Firewall polls the DC Agent to obtain the list of users authenticated against this domain controller.
Enter the DC Agent Listening Port. Default: 5049.
In the Synchronization Interval field, specify the time interval in seconds at which the X-Series Firewall should poll the DC Agent for the list of authenticated users. The recommended value is 15 seconds.
Click Add.
Enter the username in the Exempt User Name field to exclude specific domain users. You can use Perl-compatible regular expression (PCRE) pattern-matching notation, such as \w for any alphanumeric character or \W for any non-alphanumeric character.
Click Add.