This solution applies to Barracuda SSL VPNs, all firmware versions.
There are seven different types of authentication to log a
user into SSL VPN. These are as follows:
- Client certificates
- IP authentication
- Authentication key
- One time password via E-mail
The authentication schemes can be used in conjunction with
one another, and can be leveraged to provide staggered layers of access to
various resources on the Barracuda SSL VPN. For instance, a password may grant
a user access to an email resource, but a password and a public key might grant
the same user further access to a shared network drive.
To configure an authentication scheme:
- Open a web browser and navigate to your Barracuda SSL VPN; logon with the ssladmin user id.
- Navigate to Access Control > Authentication Schemes, here you may enter a name for a new Authentication Scheme.
- Select as many of the authentication modules as required, then click Add to the right.
- Select the Policies that this new authentication scheme will be valid for, then click Add to the right.
- To save
the new scheme, click the Add
button at the bottom. The auth scheme will then appear in the list below.
You may then change the order of the Authentication schemes if required. That is, if you want this new scheme to be the default password scheme that is prompted for, then click More... and then Increase Priority until it is at the top of the list.
Multi-factor authentication can easily be configured in this
way by selecting more than one module (although some modules can not be the
first in the list, such as One Time Password or Personal Questions). The order
in which the authentication types are prompted can be adjusted in the list on
the right-hand side.
Link to This Page: