We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Configure MSNT Authentication

  • Last updated on

Windows NT (MSNT) is used as external directory service, e.g., to authenticate Client-to-Site VPN users. MSNT validates user accounts and authorizes access to local or remote systems or domains at log-on of type local, domain, or trusted domain. On the Barracuda NextGen Firewall F-Series, you can configure MSNT as an external authentication scheme.

Before you Begin

MSNT does not provide group information. To create groups, see How to Configure Explicit Groups.

Configure MSNT

To configure MSNT for external authentication with the Barracuda NextGen Firewall F-Series:

  1. Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > Authentication Service.
  2. In the left menu, select MSNT Authentication.
  3. Click Lock.
  4. Enable MSNT as external directory service.
  5. In the Domain Controller Name table, add an entry for each domain controller. You can edit the following settings:
    • Domain Controller Name – Name of the primary domain controller, without the domain suffix. The name must be DNS-resolvable.
    • Domain Name – Name of the domain.
    • Domain Controller IP – IP address of the domain controller. If given, the IP address is used instead of the hostname.
  6. Click OK.
  7. If group information is queried from a different authentication scheme, select the scheme from the User Info Helper Scheme list.
  8. Click Send Changes and Activate.

MSNT Authentication Through the Remote Management Tunnel

To allow remote F-Series Firewalls to connect to the authentication server through the remote management tunnel, you must activate the outbound BOX-AUTH-MGMT-NAT Host Firewall rule. By default, this rule is disabled.

Last updated on