We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda NextGen Firewall X


This Product is Going End-of-Life and End-Of-Support

End-Of-Sales: As of December 1st, 2018, all new sales for Barracuda NextGen Firewall X Series products have ceased. Only renewals of software and hardware subscriptions for a maximum of one year are available for a limited time up to an expiration date of 30th November 2020.

End-Of-Life and End-Of-Support on December 1st 2020: All Barracuda Firewall X-Series sales will cease; neither new sales nor any renewals will be available. If you currently hold a maintenance and support contract, you will continue to receive our award-winning support and services until your contract expires, or until Dec 1st, 2020, whichever occurs first. Please see the End-Of-Life definition as described in the End of Support and End of Life Information.

Client-to-Site VPN

  • Last updated on

Client-to-site VPNs connect remote users to the corporate network.


Client-to-Site IPsec VPN

There are three types of IPsec VPNs available:

  • Shared Key – No external CA is required. A passphrase (shared key) is entered on the server and the client. This passphrase is used to authenticate the connection. 
  • Client Certificate – X.509 certificates are generated by an external CA. These certificates are used to authenticate the client. This method is more secure.

  • Shared Key or Client Certificate – Client and server require either a shared key or valid client certificate to authenticate the remote device.
Supported VPN Clients

The following VPN clients are supported:

  • Barracuda VPN Client (Windows/macOS/Linux)
  • Third-party IPsec VPN clients
Setting Up an IPsec Client-to-Site VPN

For instructions on how to set up an IPsec VPN, see the following articles:

SSL VPN Portal

The SSL VPN lets any user with a browser connect to published corporate resources—such as Exchange OWA, RDP connections to internal servers/computers, or internal Wikis. You can also use the My Network feature to initiate a full routed network VPN from the SSL VPN portal.

Setting up a SSL VPN

For instructions on how to set up SSL VPN, see SSL VPN.


As of 2012, PPTP is no longer considered secure. It is highly recommended that you switch away from PPTP because of the security risks involved.

Point-to-Point-Tunnel-Protocol (PPTP) is offered with up to 128-bit of MPPE encryption. It provides the following:

  • Long standing widespread support across many platforms.
  • Use if no other VPN client is available for client platform.
  • Use if VPN performance is more important than security.
  • Support for external authentication over MS-CHAP-v2 or a local user database.

PPTP VPNs have the following limitations:

  • No data integrity verification.
  • Weak encryption using only a 128-bit key. 
Supported VPN Clients

Almost every modern operating system includes a PPTP client. The following clients are officially supported by Barracuda Networks:

  • Native VPN clients included in Windows, macOS, and Linux.
  • Native VPN clients included in iOS and Android.
Setting Up a PPTP Client-to-Site VPN
Last updated on