It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see for further information on our EoS policy.

How to Configure WiFi AP Authentication

  • Last updated on

The Barracuda NG Firewall can parse authentication information contained in the syslog stream of supported wireless access points. WiFi access points typically use authentication services such as RADIUS servers to authenticate users before allowing them to connect. The Barracuda NG Firewall monitors the syslog files sent by the WiFi access points for usernames and the associated IP address of logged-in users. Depending on the access point the Barracuda NG Firewall receives login and/or logout information.

Supported WiFi Access Points

  • Aerohive (login only)
  • Ruckus (login and logout)
  • Aruba (login only)

In this article


Watch the following video to see the Barracuda NG Firewall receive user information via WiFi Access Point authentication from a Aerohive Access Point:

Before you Begin

Configure the WiFi Access point to stream the syslog to the Barracuda NG Firewall. For more information, see:

Step 1. Configure a Box Level IP Address

Add an IP address to the box level that can be reached by the wireless access point.

  1. Go to CONFIGURATION > Configuration Tree > Box > Network.
  2. Click Lock.
  3. Click + to add an Additional Local IP.
  4. Enter a Name.
  5. Select the interface from the Interface Name dropdown.
  6. Enter the IP Address and Associated Netmask.
  7. Click OK.
  8. Click Send Changes and Activate.

Step 2. Configure WiFi AP Authentication

If the WiFi access point is using an SSL encrypted connection, the certificate can be imported from a PEM or PKCS12 file.

  1. Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > Authentication
  2. Click Lock.
  3. In the left menu, click WiFi AP Authentication.
  4. Set Activate Scheme to yes
  5. Click + to add an WiFi AP Endpoint. The WiFi AP Endpoints window opens.
  6. Enter the Source IP. This is the IP address of your WiFi access point.
  7. Select the Protocol used by the WiFi access point to send the syslog.
    • UDP
    • TCP
    • SSL
  8. (SSL only) Enter the Certificate Subject Alternative Name for the SSL certificate.
  9. (SSL only) Click Ex/Import and import the Certificate File.
  10. Select the manufacturer of your WiFi access point from the WiFi AP Model dropdown.
  11. Click OK.
  12. Click Send Changes and Activate

You can now use the authentication information from your WiFi access point. Go to Firewall > Users. All users with WiFi-AP in the Origin column are authenticated via the WiFi access point.

Last updated on