Applies to all Barracuda SSL VPNs, firmware version 2.0.1 and earlier.
This issue is resolved as of firmware 2.1.
Due to the way the Barracuda SSL VPN handles Load Balancing and Simple High Availability it is not compatible with the Client Certificates authentication scheme. The Client Certificates extension is disabled with clustering or Simple HA enabled.
The reason for this is that the SSL VPN currently creates certificates that are only valid for that particular SSL VPN unit. A clustered environment would require the certificate to be valid across all units in the cluster. Under the current implementation, a certificate from one node in the cluster would not be compatible with any other node. This would result in users attempting to access one of the nodes with a certificate that cannot be accepted.
Link to this page: