This solution applies to all Barracuda SSL VPNs, all firmware versions.
Yes, PhoneFactor has been tested with the Barracuda SSL VPN and works for authentication; this is done using RADIUS Authentication.
Procedure to set up this feature:
Step 1: On a PC/Server in your network:
- Install the PhoneFactor Agent on a PC/Server in your network and launch the Agent configuration.
- Click on RADIUS Authentication and click Add to add a new RADIUS client.
- Enter the IP Address of your SSL VPN and then enter and shared secret (and enter its confirmation in the appropriate field).
- Click OK to add the RADIUS client.
Step 2: On the SSL VPN:
- On the SSL VPN, navigate to Access Control>Configuration and scroll to the RADIUS section.
- Enter the host/IP of the machine which has the PhoneFactor Agent installed.
- Enter the shared secret that you created in Step 1 and then set the authentication method to PAP.
- Save the Changes.
- Now navigate to Access Control>Authentication Schemes.
- Create a new Authentication Scheme that contains the RADIUS module.
- Add policies to allow your users to access this authentication scheme.
You should now be able to use Phone Factor.
NOTE: The username that you use in SSL VPN must match the username that is used in PhoneFactor.
How the logon works:
You enter your username and password into the SSL VPN logon page.
A few seconds later, PhoneFactor calls your phone and you press the # key.
The authentication then proceeds and logs you on to the SSL VPN.
Link to This Page: