Manuals
/
Brands
/
Computer Equipment
/
Network Hardware
/
Barracuda Networks
/
Computer Equipment
/
Network Hardware
Barracuda Networks
VERSION SP4
- page 157
1
157
268
268
Download
268 pages, 7.02 Mb
155 Barracuda NG Network Access Client - Administrator’s Guide
Fig. 11–6
Connection error because no Access Control Server IP addresses are configured
Contents
Main
Page
Barracuda NG Network Access Client
Chapter 1 - Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 2 - Server Config Access Control Service. . . . 17
Chapter 3 - Server Config Personal Firewall Rules . . . 41
Chapter 4 - Operating & Monitoring Barracuda NG NAC . 62
Chapter 6 - Update or Migration. . . . . . . . . . . . . . . . . . . 81
Chapter 7 - Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Chapter 8 - VPN Configuration. . . . . . . . . . . . . . . . . . . . 83
Chapter 9 - Barracuda NG Personal Firewall . . . . . . . . . 87
Chapter 10 - VPN Component Configuration. . . . . . . . . 124
Chapter 12 - Pre-Connector and Remote VPN . . . . . . . . 167
Chapter 13 - Example Configuration . . . . . . . . . . . . . . 172
Chapter 14 - 802.1X Technical Guideline . . . . . . . . . . 183
Chapter 15 - Appendix. . . . . . . . . . . . . . . . . . . . . . . . . 205
Warranty and Software License Agreement . . . . . . . . . 222
Chapter 1 Introduction
1.1 Endpoint Security and Network Access Control
1.2 Introduction to Barracuda NG Network Access Client
Page
1.2.1 What can Barracuda NG Network Access Client be used for?
Page
1.2.2 Licensing Aspects
1.2.3 Policy Matching Procedure
1.3 What is a Policy Rule Set?
Page
10 Introduction
Page
1.4 Health Matching
1.4.1 Health State "Untrusted"
1.4.2 Health State "Probation"
1.4.3 Health State "Healthy"
1.4.4 Health State "Unhealthy"
1.4.5 Health State Requirements
1.5 Endpoint Security Policy Introduction Practices (Analyse, Enforce, Monitor)
1.6 The Border Patrol
Page
Chapter 2 Server Config Access Control Service
2.1 General
2.2 Access Control Service Settings
2.2.1 System Health Validator
18 Server Config Access Control Service
19 Barracuda NG Network Access Client - Administrators Guide
2.2.2 Remediation Service
2.2.3 Trustzone-Border
2.2.4 802.1X
2.2.5 Advanced
2.2.6 General
2.3 Access Control Objects
Page
Page
Page
2.4 Access Control Service Trustzone
Page
2.4.1 Rules
28 Server Config Access Control Service
If the identity match fails, the next rule is taken into account.
29 Barracuda NG Network Access Client - Administrators Guide
30 Server Config Access Control Service
2.4.3 Identity Matching - Advanced
Page
32 Server Config Access Control Service
33 Barracuda NG Network Access Client - Administrators Guide
2.4.5 Required Health State - Advanced
34 Server Config Access Control Service
Page
36 Server Config Access Control Service
2.4.6 Policy Assignments
37 Barracuda NG Network Access Client - Administrators Guide
2.4.7 Settings
Exception attributes.
Page
Page
2.4.8 Support Chart
Chapter 3 Server Config Personal Firewall Rules
3.1 General
3.2 <Rule Set Name> Tab
Page
3.2.1 Rules Incoming / Outgoing
3.2.2 Context Menu
3.2.3 Button Bar
Page
Configure the following connection details in the Advanced view of the Rule Object window:
46 Server Config Personal Firewall Rules
Page
48 Server Config Personal Firewall Rules
The following entities are available for rule testing:
3.2.6 Test Report
3.2.7 Options
Page
3.3 Adapters
Page
Page
3.4 User Objects
3.5 Net Objects
Page
Page
Page
The following services are available in the Barracuda NG Personal Firewall by default:
3.7 Application Objects
Page
Page
Chapter 4 Operating & Monitoring Barracuda NG NAC
4.1 Box Monitoring and Real-time Information
4.1.1 Available Columns
4.1.2 Filtering
4.1.3 Context Menus
Page
4.1.4 Status Tab
4.1.5 Status VPN Tab
4.1.6 Access Tab
4.1.7 Quarantine Tab
Chapter 5 Client Installation
5.1 Complete Installation
5.2 Custom Installation
5.3 Unattended Setup
71 Barracuda NG Network Access Client - Administrators Guide
Trusted Network
see description for parameter Windows File Sharing, page 120.
see description for parameter Trusted Network, page 120
Allow other to access my files and printer(s)
Specific properties must be inserted into one row.
Table 51 Property Value (*=default) Corresponding Option in the Firewall Settings
Page
5.4 Customer Setup
5.4.1 customer.inf
74 Client Installation
5.4.2 Section "1. Customer Area" / [PhionCustomerCopyFiles]
Optionally, the following file-directives may be detailed:
Table 53
75 Barracuda NG Network Access Client - Administrators Guide
5.4.3 Section "2. Customer Area" / [CustomerReg]
Table 53
76 Client Installation
This section is used for creating profiles and defining default values.
Table 54
Page
5.4.5 silent.cmd
Page
Page
Page
Page
Chapter 8 VPN Configuration
8.1 Overview
8.2 Facts and Figures
Personal firewall capabilities
Policy matching capabilities
Usage Scenario
85 Barracuda NG Network Access Client - Administrators Guide
Table 84 Function Barracuda NG VPN Client Barracuda NG SSL VPN and NAC
Table 83 Function Comment
Architecture
OS requirements
Chapter 9 Barracuda NG Personal Firewall
9.1 Overview
9.1.1 Integration within Windows 7
Page
Page
9.4 General Firewall Settings and Tasks (Menu Bar)
9.4.1 Firewall Menu
This tab allows you to configure blocking of ICMP packets.
9.4.2 View Menu
9.4.3 Security Mode Menu
9.5 Load Display
9.6 NG Control Center - Monitoring Firewall Activities
9.6.1 Summary
9.6.2 Events
9.6.3 History
Select and then right-click a list entry to display the following context menu:
9.6.5 History Selection Tab
In the History Selection tab, the following checkboxes are available for fast and easy filtering.
Only displays connections that have been granted (marked with ).
Only displays connection attempts that have been blocked (marked with ).
Page
Page
101 Barracuda NG Network Access Client - Administrators Guide
9.6.8 Listing and Context Menu
The listing is divided into the following columns:
Table 94 Column Description
Table 95 Item Description
Page
9.7 Current State - Setting the Security Mode
9.8 Configuration
9.8.1 General
9.8.2 Rules
9.8.3 Context Menu
Page
Configure the following connection details in the Rules view of the Rule Object window:
Source / Destination / Service or Adapter / Source / Service or Adapter / Destination / Service
Configure the following connection details in the Advanced view of the Rule Object window:
9.8.6 Adapters
Page
9.8.7 Networks
Page
9.8.8 Services
Page
9.8.9 Applications
Page
Page
9.8.10 Users
9.8.11 Rule Tester
The Rule Tester view allows testing rule sets for consistency.
The following entities are available for rule testing:
9.8.12 Test Reports
120 Barracuda NG Personal Firewall
Select a report and click Delete to delete the report from the Test Report window.
9.9 Administration - Firewall Settings Wizard
The following options are available for customisation:
9.9.1 Automatic Adapter Configuration
9.9.2 Automatic Rule Configuration
Page
Page
Page
Page
10.2 Configure a New Profile Manually
Page
Page
10.2.1 Functional Elements of the Barracuda NG Network Access Clients System Tray Icon
10.2.2 The Barracuda NG VPN Clients Menu Bar
10.3 Connection Dialog
Page
10.4 Status Dialog
Page
10.5 Message Dialog
10.6 Barracuda Networks Control / Preferences Dialog
10.6.1 VPN Profiles Configuration Window
10.6.2 Certification Authorities Configuration Window
10.6.3 Advanced
Page
10.6.4 Connection Entries Tab
10.6.5 Barracuda Authentication
The following parameters are available for Barracuda Authentication:
The following parameters are available for X509 authentication:
10.6.6 X509 Authentication
Selecting this method requires a valid X.509 certificate (*.).
10.6.8 Advanced Settings Tab
Individual profile settings related to connection details can be configured from within the
Configure the following section when connecting to the VPN server over a proxy.
144 VPN Component Configuration
Tunnel Settings section:
145 Barracuda NG Network Access Client - Administrators Guide
Always Connect section:
OS Settings section:
User Interface Settings section:
10.6.9 Adaptation of Profile Creation using an .ini file (Barracuda NG Authentication only)
10.7 Log Window
Page
Chapter 11 Barracuda NG Access Monitor
11.1 Overview
11.1.1 Access Monitor
11.1.2 Port Security
11.2 Monitoring
11.2.1 Health Agent
151 Barracuda NG Network Access Client - Administrators Guide
Table 111 Property Description
Page
Page
Page
Page
11.2.6 802.1X Authentication - Port Security
11.2.8 Advanced Status Information
Page
159 Barracuda NG Network Access Client - Administrators Guide
11.3 Configuration
11.3.1 Health Agent Connectivity
Page
11.3.6 Health Agent Authentication
11.3.9 802.1X Settings
Page
11.3.14 Log Settings
11.4 Log Files
Page
Chapter 12 Pre-Connector and Remote VPN
12.1 General
12.2 VPN Connector
12.2.1 Creating a Connector
12.2.2 Connecting And Disconnecting using the Barracuda NG VPN Client
12.2.3 Remote Domain Logon (Pre-Logon)
12.3 Remote VPN (rvpn)
12.4 Connection Procedure
Page
Chapter 13 Example Configuration
13.1 Introduce Access Control Objects
13.2 Personal Firewall Rule Set
13.3 Introduce an Access Control Service Trustzone
Page
13.4 Configure an Access Control Service Trustzone
Page
Page
Page
Page
13.5 Configure Forwarding Firewall Rule Set
Page
Chapter 14 802.1X Technical Guideline
14.1 Overview
14.2 Status Monitoring
14.2.1 EAP Packet Tracer
14.2.2 Using the Barracuda NG Access Monitor for Analysis
14.2.3 Log Files on the Client Computer
186 802.1X Technical Guideline
To enable or disable verbose the below registry needs to be set:
14.2.4 Switch Web Interface
These values are described in more details on:
Complete URL:
Command:
Table 144 Item Description
Page
14.2.5 Switch Console Interface
14.3 Authentication
14.3.1 Notes
14.3.2 Operational Sequence
14.3.6 Start up
Page
Page
14.3.7 Runtime
Page
Page
Page
Page
Page
14.3.16 Shutdown
199 Barracuda NG Network Access Client - Administrators Guide
14.4 Addendum
14.4.1 Packets
14.4.2 WPA Supplicant Log File Identifiers
The table shows an EAPOL packet frame:
The table below shows the fields of the EAP request-response frame:
200 802.1X Technical Guideline
Table 1418
201 Barracuda NG Network Access Client - Administrators Guide
Table 1418
202 802.1X Technical Guideline
Table 1418
14.4.3 Engineering Environment
This technical guideline is based on an engineering environment using following components:
14.4.4 Known Issues using Cisco Catalyst 3750-E Switch
Additionally following tools have been used for analysis:
Page
205 Appendix
Chapter 15 Appendix
15.1 customer.inf File Template
Table 1523 Customer Install Files
206 Appendix
207 Barracuda NG Network Access Client - Administrators Guide
208 Appendix
209 Barracuda NG Network Access Client - Administrators Guide
15.2 VPN Profile Registry Keys
Table 1524 VPN Profile Registry Keys
210 Appendix
Table 1524 VPN Profile Registry Keys
15.3 Profile Registry Keys
15.4 FAQs
Page
15.5 Configuration Parameters
Page
Page
Page
217 Barracuda NG Network Access Client - Administrators Guide
15.6 Parameter Lists
Chapter 1 Introduction Chapter 2 Server Config Access Control Service
Chapter 3 Server Config Personal Firewall Rules
Chapter 4 Operating & Monitoring Barracuda NG NAC Chapter 5 Client Installation
Page
219 Barracuda NG Network Access Client - Administrators Guide
15.7 Figures
Chapter 1 Introduction
Chapter 2 Server Config Access Control Service
Chapter 3 Server Config Personal Firewall Rules
Chapter 4 Operating & Monitoring Barracuda NG NAC
Chapter 9 Barracuda NG Personal Firewall
Chapter 10 VPN Component Configuration
Chapter 11 Barracuda NG Access Monitor
Chapter 12 Pre-Connector and Remote VPN
221 Barracuda NG Network Access Client - Administrators Guide
Chapter 13 Example Configuration
Chapter 14 802.1X Technical Guideline
Chapter 15 Appendix
Barracuda Networks
Warranty and Software License Agreement
0.1 Barracuda Networks Limited Hardware Warranty
0.2 Barracuda Networks Software License Agreement
Page
Page
0.3 Barracuda Networks Software License Agreement Appendix