Connect to Barracuda vpn from openwrt router

So i have Netgear WNDR 3700v4 router with latest openwrt snapshot. I have configured different vpns on it (2 openvpn, 1 pptp, 2 openconnect) These are all clients. I also have wireguard server running on it. I have configured routes for them so that default route is not overriden. This way i can connect to anything on these vpn networks from home and from outside too using that wireguard vpn. Security wise i have created 2 vlans. You can only use these vpns from 1 vlan. Second one is for others to use. It makes life so much easy not to have configure all these on my laptop and then turning on and off each on of them everytime i want to connect to something.

Now i have been given another vpn client credentials. Barracuda VPN. I have setup it on my laptop, but i wanted to set it up on my router like all those vpns but i can't find any information about how to install barracuda vpn client on my router. Can i configure barracuda vpn on openwrt router? Could you help me with this problem?

What protocol does it use?

As google says it's IPsec IKEv1 and IKEv2** VPN Protocols

1 Like

That would mean strongswan would be your keyword to research.

1 Like

Turns out it's using TINA vpn protocotl. I could not find anything about hot to connect to this vpn server with any other program then barracudas own.

1 Like

So answer is 'no'.

That is really impressive for a 560MHz MIPS device with 128MB of RAM.

It's true, there is no source code available for their VPN. Or if there is, they've buried it somewhere. The more commercial VPNs are going this route. This is for two reasons. 1) Their software becomes a lock-in for their service, and 2) they don't actually WANT you to direct all your traffic through them. They want you to activate and deactivate and/or use it only on one computer - both things which will reduce the amount of traffic they have to deal with.

I got my hands on a Barracuda VPN .deb installer and picked it apart - they only seem to have installers for x86. Nothing for MIPS, which is what you need.

The better VPNs, the ones which are truly security-conscious, are all adopting solutions that can be implemented on routers, typically with WireGuard. Two I've had dealings with and are comfortable recommending are VPN.AC and Mullvad. Interestingly Mullvad was recently raided and investigators were going to remove servers for searching when Mullvad proved they have no logs and retain no records that can possibly link clients to sessions, and the investigators left empty handed.

1 Like

Mullvad +1

Trust me i would gladly use wireguard or if mullvad (have not heard about it) is better option that one. It's just the company who's servers i need to connect gave me this vpn credentials. I do not have an option.
My router is too weak for this but one solution would be running this barracuda client inside qemu which will emulate x86 on ARM. I think router with good ARM cpu would easily handle it. If anyone needs and has hardware can try it easily.

TBH I do not believe articles like those especially when headline says that it was themselves claiming it. If some third party known source claimed it maybe i would trust a little bit more, but still i would take that with a giant rock of salt :smiley:

Apple also said they did not give FBI access to terrorists iphone, but i do not believe that either. I think apple, google, MS and all big US companies share data with US government like we breath air.

I would not try and use qemu-user to run an x86 VPN on and ARM device. It is far more trouble and far too much of a performance hit than it's worth. There is no hardware acceleration for the translation, and I don't think qemu is smart enough to use ARM hardware encryption in place of x86.
[EDIT] It doesn't appear that this is even supported by qemu-user. There are very few translations that are supported, and x86 on an ARM host is not one of them.

If you really need Barracuda specifically and need to get it running on a router, then you would be best served by getting an x86-based router.

1 Like

Did not know about not having hardware acceleration on this. I just thought it would be possible to do what i posted. I am not going to do it myself. I'll just use barracuda vpn directly on my laptop.