I need to help setting up the Client to Site VPN on a new x200 Barracuda Firewall. The documentation on this feature is really lacking and I’m probable missing one little thing, just not sure what.
I have tried to setup the PPTP vpn settings & the Client-to-Site VPN settings and I can’t get either one to connect. Is there anywhere in the logs that will show me where its getting hung up?
2 Spice ups
Hi,
Maybe I can help you to connect to the Barracuda Firewall via PPTP:
The PPTP service logs to the VPN log (LOGS > VPN logs). If you followed the instructions in https://techlib.barracuda.com/BFW/ConfigClient2SitePPTP you should have not trouble connecting to your Firewall via PPTP.
To troubleshoot I would suggest to first try using local authentication instead of an external authentication source Also check the BASIC > Active Connections and BASIC > Recent Connections pages to see if you can see the connection attempts to the PPTP service.
As a personal side note: PPTP is insecure and I would highly recommend to use IPsec instead.
regards,
Michael
I would stay away from PPTP it’s no longer secure.
Okay, I managed to get the client to site VPN to work using local authentication, but not AD authentication. I’ll do some more reading on how to get the authentication to work properly.
Did you enter the AD searching user in the user@domain format? Using the DOMAIN\user format does not work. See MSAD section in the techlib article: https://techlib.barracuda.com/BFW/ExternalAuth #
I did check all the setting and had barracuda support look at them too. They could not find anything wrong with the setup. I still have an open support case with them on the issue.
sweaver
(SWeaver32)
8
I am having some issues getting external authentication working as well. Please let me know if you have any updates, everything seems configured right on my end, and the test connection to the AD server works but users can’t authenticate.
@Barracuda_Networks
Hi Jeff922 and SWeaver32,
@Jeff922: Could you please post your support case number so I can take a quick look?
@Sweaver32: What issues do you have? Are you using MSAD? What do you see in the Authentication Log while connecting?
Thank you.
Best regards,
Mario
Sorry, guys. I am returning my Barracuda X200 Firewall. I was still within the 30 day trial and I was having to many issues. Also overall I was not happy with the UI and the user manual.
sweaver
(SWeaver32)
11
I am using MSAD, the authentication log shows Authentication Failed when I try to connect.
The issue I am having is a try to connect to the VPN using an AD user name and password and it fails with invaild username and password, in the External Authentication screen when I test the AD connection it is successful. I am not sure if I am doing something wrong with the Access Policy or what.
Hi,
@Jeff922:
That’s sad that you returned the BFW. I wish we could have figured out all problems and made you a happy Barracuda customer.
@SWeaver32:
it might be the case that the “Test MSAD” button claims everything is alright (due to the correct admin user credentials), but the authentication for other users fail due to a wrong base DN. Did you verify that the configured base DN is correct?
Thank you.
Best regards,
Mario
I wish it worked out better also. I am not forced to go to a more expensive option, but at least I am familiar with the watchguard products and I ca pre-configure it then just push the config file to the box. It should be up and running withing 5 min. of plunging it in.
Okay maybe not 5 min. I just un-boxed a new watchguard xtm 330. It took 15 min. to setup. Basic http, ftp. smtp. pop https rules, VPN with ipsec, & AD integration. And it all works just fine. It took me 3 weeks to get this far with the barracuda x200 firewall.
