You can use SMS Passcode servers to authenticate users with one-time passwords (OTP) that are sent via SMS. The user logs in with a username and password and then receives an SMS containing the OTP (e.g., nc43sa
). After entering the OTP, the user is logged in. For multi-factor authentication, you can combine SMS Passcode with other authentication modules.
To set up authentication with SMS Passcode, configure a RADIUS server to be used by it and then create an authentication scheme that includes the RADIUS server.
Step 1. Configure the RADIUS server
On the Barracuda SSL VPN, enter the configuration for the SMS Passcode RADIUS server.
- Go to the Manage System > ACCESS CONTROL > Configuration page.
- In the RADIUS section, enter the following information:
- RADIUS Server – Enter the hostname or IP address of the SMS Passcode server.
- Authentication Port – Enter
1812
. - Shared Secret – Enter the shared secret. This passphrase must be configured on the SMS Passcode server.
- Authentication Method – Select PAP.
- Reject Challenge – Select No.
- Click Save Changes.
Step 2. Create an authentication scheme
Create an authentication scheme that includes the SMS Passcode RADIUS server.
- Go to the Manage System > ACCESS CONTROL > Authentication Schemes page.
- In the Create Authentication Scheme section:
- Enter a Name for the scheme (e.g.,
SMS Passcode RADIUS
). - From the Available modules list, select RADIUS and click Add. RADIUS then appears in the Selected modules list.
- (Optional) If additional authentication modules are required by your security policy, add them to the Selected modules list.
- From the Available Policies list, select the policies that you want to apply this authentication scheme to and click Add. The policies then appear in the Selected Policies list.
- Click Add.
- Enter a Name for the scheme (e.g.,
- (Optional) If you want to make the SMS Passcode authentication scheme the default, click the More link next to it in the Authentication Schemes section and then click Increase Priority.
Step 3. Test the SMS Passcode authentication
To test the SMS Passcode authentication:
- If the SMS Passcode authentication scheme is not the default scheme, select it.
- Enter your username.
- When prompted, enter your SMS Passcode password, and then click Login.
- After you receive the OTP via SMS, enter the OTP in the Enter PASSCODE field, and then click Login.
You are now logged into your Barracuda SSL VPN.