maybe not compatible with Barracuda Cloudgen v8?

[karlderheinz91]

Hi,

I'm using this check Plugin for my Barracuda Cloudgen Firewall with Version 8.0.4. The Plugin often reports not a correct state of the status of the vpn tunnels. In the Firewall itself, all tunnels are up and running, but the check plugin reports that many vpn tunnels are down.

I have a Barracuda VF2000 (v8.0.4) and use the snmp service of the virtual server (assinged service at v8)

Do you have a fix for this?

Regards :-)

[usolved]

Hi,

we are currently not on v8 but we have also noticed that on some tunnels the value that SNMP returns doesn't match what the box shows in the UI. There's another issue https://github.com/usolved/check_usolved_barracuda_vpn/issues/2 that goes somewhat in the same direction where joke24 also contacted the Barracuda support. So it seems to me that as long as the plugin works via SNMP (and the vendor isn't fixing this) and it doesn't work with the Service directly like Barracuda is doing it internally I'm afraid that it might not be solved.

If a SNMP GET would return the correct value but the plugin does some weird things on the scripting side that's another thing and could be addressed.

Would it it be possible for your to double check if SNMP is wrong or the script by doing a query on the OIDs? snmp_oid_vpnname = '.1.3.6.1.4.1.10704.1.6.1.1'; snmp_oid_vpnstate = '.1.3.6.1.4.1.10704.1.6.1.2';

Regards

[karlderheinz91]

Hi,

thank you for the info. I checked via MIB Browser and I can confirm that your script is correct and the snmp database is not correctly updated for some vpn tunnels.

I also contacted barracuda for this and the support half confirmed that there is an issue/bug.

Viele Grüße Antonio Rolle

@.***

Antonio Rolle

Systems Engineer Cloud

t.

e.

@.**@.>

w.

[facebook]https://www.facebook.com/netgogmbh/

[twitter]https://twitter.com/netgogrp

[LinkedIn]https://de.linkedin.com/company/netgo-gmbh

[XING]https://www.xing.com/company/netgogmbh

[Instagram]https://www.instagram.com/netgo_gmbh/

[youtube]https://www.youtube.com/user/NETGOGmbH

@.***https://www.netgo.de/

– part of netgo group, Siemensdamm 62,

GF: Dr. Peter Heilmann, Ralf Berndt, Sebastian Meyer Amtsgericht Berlin-Charlottenburg HRB 84278 B | UST-IdNr.: DE813533741

Von: Ricardo Klement @.> Gesendet: Dienstag, 12. Oktober 2021 14:04 An: usolved/check_usolved_barracuda_vpn @.> Cc: Antonio Rolle @.>; Author @.> Betreff: Re: [usolved/check_usolved_barracuda_vpn] maybe not compatible with Barracuda Cloudgen v8? (#5)

Hi,

we are currently not on v8 but we have also noticed that on some tunnels the value that SNMP returns doesn't match what the box shows in the UI. There's another issue #2https://github.com/usolved/check_usolved_barracuda_vpn/issues/2 that goes somewhat in the same direction where joke24 also contacted the Barracuda support. So it seems to me that as long as the plugin works via SNMP (and the vendor isn't fixing this) and it doesn't work with the Service directly like Barracuda is doing it internally I'm afraid that it might not be solved.

If a SNMP GET would return the correct value but the plugin does some weird things on the scripting side that's another thing and could be addressed.

Would it it be possible for your to double check if SNMP is wrong or the script by doing a query on the OIDs? snmp_oid_vpnname = '.1.3.6.1.4.1.10704.1.6.1.1'; snmp_oid_vpnstate = '.1.3.6.1.4.1.10704.1.6.1.2';

Regards

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/usolved/check_usolved_barracuda_vpn/issues/5#issuecomment-940948217, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AV6BM5VSAY5Y4D6HHHV7B63UGQP4DANCNFSM5FN2VYOQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[usolved]

We just noticed that there's a REST API in v8 where you can also check VPN tunnel: https://campus.barracuda.com/product/cloudgenfirewall/api/8.0#/VPN/get_rest_vpn_v1_tunnels

So this seems to be a better way than SNMP. We plan to upgrade to v8 as well. When this upgrade is done I plan to work on an updated version that supports this API.

I can't give a time estimation tough at this moment.