We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SSL VPN

Why can’t I configure Client Certificate Authentication when my Barracuda SSL VPN is clustered?

  • Type: Knowledgebase
  • Date changed: 7 years ago

Solution #00004604

 

Scope:

Applies to all Barracuda SSL VPNs, firmware version 2.0.1 and earlier.


This issue is resolved as of firmware 2.1.

 

Answer:

Due to the way the Barracuda SSL VPN handles Load Balancing and Simple High Availability it is not compatible with the Client Certificates authentication scheme. The Client Certificates extension is disabled with clustering or Simple HA enabled.

 

The reason for this is that the SSL VPN currently creates certificates that are only valid for that particular SSL VPN unit. A clustered environment would require the certificate to be valid across all units in the cluster. Under the current implementation, a certificate from one node in the cluster would not be compatible with any other node. This would result in users attempting to access one of the nodes with a certificate that cannot be accepted.

 

Link to this page:

https://campus.barracuda.com/solution/50160000000IATWAA4