It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledgebase

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Barracuda SSL VPN

Overview Documentation

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud-to-Cloud Backup

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Firewall Policy Manager

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup

MSP – Partner Management

MSP Knowledgebase

MSP – Partner Sales Enablement

NextGen Firewall X

Campus Help Center / Reference

Support Services

Network Security

Login Sign Up Contact & Support

United States – English (GMT-5)

Back to Knowledgebase

Why can?t I configure Client Certificate Authentication when my Barracuda SSL VPN is clustered?

Type: Knowledgebase
Date changed: 2 years ago

Solution #00004604

Scope:

Applies to all Barracuda SSL VPNs, firmware version 2.0.1 and earlier.

This issue is resolved as of firmware 2.1.

Answer:

Due to the way the Barracuda SSL VPN handles Load Balancing and Simple High Availability it is not compatible with the Client Certificates authentication scheme. The Client Certificates extension is disabled with clustering or Simple HA enabled.

The reason for this is that the SSL VPN currently creates certificates that are only valid for that particular SSL VPN unit. A clustered environment would require the certificate to be valid across all units in the cluster. Under the current implementation, a certificate from one node in the cluster would not be compatible with any other node. This would result in users attempting to access one of the nodes with a certificate that cannot be accepted.

Link to this page:

https://campus.barracuda.com/solution/50160000000IATWAA4

Additional Resources

More

Print Share Page