Jump to content


Photo

Unable to use RSA SecurID and Barracuda Network Access Client (VPN)

vpn rsa securid two factor client to site client2site 2 factor

This topic has been archived. This means that you cannot reply to this topic.
No replies to this topic

#1 Jason Stadtlander

Jason Stadtlander
  • Members
  • 1 posts

Posted 18 February 2020 - 12:59 PM

Our security policy requires us to to have the follow:

  • Connect over VPN when outside the office
  • Must use 2 factor authentication using RSA SecurID for VPN
  • Must be connected to VPN prior to logging into Windows

 

Barracuda's Client to Site VPN client (Network Access Client for Barracuda) will only present the VPN connection capability at the windows logon screen if "Single Sign on" is checked in the client. However, if we use single sign on, then the process works as follows:

 

User enters username and [RSA PIN] + [RSA Token] > VPN connects > windows tries to pass the VPN credentials for windows login (this is where the problem is) and of course it fails, because it wants the AD username and password. 

 

How can we make it so that either A) the user can enter the RSA token AND the user can enter the windows password or B) VPN authenticates and then waits for user to actually login to windows?

 

Any help would be greatly appreciated. I'm happy to elaborate more if needed.