We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Azure MFA Requirements for Microsoft CSPs

  • Last updated on

Starting August 1, 2019, all Microsoft Cloud Solution Providers must use multi-factor authentication for all users, including service accounts, in their partner tenant.

For more information, see Partner Security Requirements.

Required use of multi-factor authentication (MFA) impacts all Barracuda partners who are Microsoft Cloud Solution Providers (CSPs) and who configure Azure AD in Barracuda Cloud Control. Barracuda Cloud Control does not yet support the use of Azure MFA, which causes login failures if Azure MFA is enabled or required. As a workaround to bypass MFA, you can configure a conditional access policy in Azure AD for users signing in from trusted IPs or create an app password to allow apps access to your Office 365 account.

Conditional Access Policy

To configure a conditional access policy and enable trusted IPs, refer to the section on Trusted IPs in the Microsoft support article Configure Azure Multi-Factor Authentication settings.

The following Barracuda IP addresses must be used to create the conditional access policy:

  • 35.170.131.81
  • 54.156.244.63
  • 54.209.169.44

If you are using Exchange Integration, you must also open the following outbound ports referred to in Data Transfer IP Ranges.


App Password

To generate an app password to connect apps to Office 365, refer to the Microsoft article Create an app password for Office 365. Using an app password allows Barracuda to run Exchange Integration jobs without the need to authenticate with MFA.

Last updated on