Jump to content


Ability to use multiple Authentication Schemes for Client VPN and the SSL Portal

ClientVPN SSLPortal Authentication

This topic has been archived. This means that you cannot reply to this topic.
4 replies to this topic

#1 Patrick Schneeweiss

Patrick Schneeweiss
  • Members
  • 2 posts

Posted 07 March 2016 - 03:56 AM

Hi Barracuda Team,


it would be nice to use multiple authentication schemes for Client VPN and the SSL portal.
At the moment it is only possible to use one schemes, e.g. MSAD or local users.

Patrick Schneeweiß

#2 Jeremy Neal

Jeremy Neal
  • Members
  • 5 posts

Posted 25 May 2016 - 11:22 AM

It would be great if you could allow multiple client-to-site VPN authentication methods on the service/box.


We currently have our VPN authentication using MSAD. However, we have a 3rd party contractor we need to use VPN, and only needs access to one service. We don't want to add him to our AD. So we can't use MSAD for our domain users, and NGF_Local for this or more contractors.  Allow us to create subnets for each VPN authentication method, as I was wanting to create a firewall rule that would allow the NGF_Local access method IP's access to certain services and or servers.


We also ran into this problem in the pas when we needed to have some remote servers connected to VPN. We had to use the x509 certificate method, as it was the only method tech support could help us with to make sure the servers automatically reconnected on a reboot. Since we used the x509 certs we couldn't allow users to connect to VPN on that NG/Network without issuing all of them x509 certs, and if you have more then a couple users this isn't realistic to manage. Glad we had another site we could set our MSAD authentication up with.


Thank you, 

Jeremy Neal

#3 Geerts Robby

Geerts Robby
  • Members
  • 2 posts

Posted 11 October 2017 - 03:55 AM

We have received the same kind of request from a few customers over the past months as well. It's a shame that we're limited to using only one authentication scheme in the client-to-site VPN.

It would be great to be able to choose an authentication scheme per profile.

#4 Byron Morales

Byron Morales
  • Members
  • 5 posts

Posted 09 April 2018 - 01:36 PM

I'd also like to request this feature. We had a client toda that had their AD servers crash and everyone lost vpn access until we could temporarily enable local authentication for a few users.

#5 Markus Jünger

Markus Jünger
  • Members
  • 4 posts

Posted 26 March 2019 - 02:21 AM

We also need this feature to support mixing Radius MFA and MSAD Authentication with multiple domains.