This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED site-to-site tunnel not working since 9.601

My RED site-to-site tunnel between two UTMs is not working any more since upgrading both UTMs to 9.601. With 9.600 everytrhing was fine.

Tunnel shows as "up" but i cannot get any traffic through.

I already rebooted both UTMs an also deleted and recreated the RED tunnel.

 

Server side RED log shows this about every minute:

2019:02:21-09:17:30 mx2 red_server[26365]: <RED ID>: command 'PING 1'
2019:02:21-09:17:30 mx2 red_server[26365]: <RED ID>: PING remote_tx=1 local_rx=0 diff=1
2019:02:21-09:17:30 mx2 red_server[26365]: <RED ID>: PONG local_tx=27
2019:02:21-09:17:46 mx2 red_server[26365]: <RED ID>: command 'PING 8'
2019:02:21-09:17:46 mx2 red_server[26365]: <RED ID>: PING remote_tx=8 local_rx=0 diff=8
2019:02:21-09:17:46 mx2 red_server[26365]: <RED ID>: PONG local_tx=33
2019:02:21-09:18:01 mx2 red_server[26365]: <RED ID>: command 'PING 12'
2019:02:21-09:18:01 mx2 red_server[26365]: <RED ID>: PING remote_tx=12 local_rx=0 diff=12
2019:02:21-09:18:01 mx2 red_server[26365]: <RED ID>: PONG local_tx=35
2019:02:21-09:18:15 mx2 red_server[26365]: <RED ID>: No in-tunnel frame for 60 seconds, exiting.
2019:02:21-09:18:15 mx2 red_server[26365]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="<RED ID>" forced="0"
2019:02:21-09:18:15 mx2 red_server[26365]: <RED ID> is disconnected.
2019:02:21-09:18:15 mx2 red_server[6958]: SELF: (Re-)loading device configurations
2019:02:21-09:18:19 mx2 red_server[26593]: SELF: New connection from <client public IP> with ID <RED ID> (cipher AES256-GCM-SHA384), rev1
2019:02:21-09:18:19 mx2 redctl[26595]: key length: 32
2019:02:21-09:18:19 mx2 redctl[26596]: key length: 32
2019:02:21-09:18:19 mx2 red_server[26593]: <RED ID>: connected OK, pushing config
2019:02:21-09:18:20 mx2 red_server[26593]: <RED ID>: command 'PING 0'
2019:02:21-09:18:20 mx2 red_server[26593]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="<RED ID>" forced="0"
2019:02:21-09:18:20 mx2 red_server[26593]: <RED ID>: PING remote_tx=0 local_rx=0 diff=0
2019:02:21-09:18:20 mx2 red_server[26593]: <RED ID>: PONG local_tx=0
2019:02:21-09:18:20 mx2 red_server[6958]: SELF: (Re-)loading device configurations
2019:02:21-09:18:35 mx2 red_server[26593]: <RED ID>: command 'PING 1'
2019:02:21-09:18:35 mx2 red_server[26593]: <RED ID>: PING remote_tx=1 local_rx=0 diff=1
2019:02:21-09:18:35 mx2 red_server[26593]: <RED ID>: PONG local_tx=17
2019:02:21-09:18:51 mx2 red_server[26593]: <RED ID>: command 'PING 8'
2019:02:21-09:18:51 mx2 red_server[26593]: <RED ID>: PING remote_tx=8 local_rx=0 diff=8
2019:02:21-09:18:51 mx2 red_server[26593]: <RED ID>: PONG local_tx=32
2019:02:21-09:19:06 mx2 red_server[26593]: <RED ID>: command 'PING 12'
2019:02:21-09:19:06 mx2 red_server[26593]: <RED ID>: PING remote_tx=12 local_rx=0 diff=12
2019:02:21-09:19:06 mx2 red_server[26593]: <RED ID>: PONG local_tx=36
2019:02:21-09:19:20 mx2 red_server[26593]: <RED ID>: No in-tunnel frame for 60 seconds, exiting.
2019:02:21-09:19:20 mx2 red_server[26593]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="<RED ID>" forced="0"
2019:02:21-09:19:20 mx2 red_server[26593]: <RED ID> is disconnected.
2019:02:21-09:19:20 mx2 red_server[6958]: SELF: (Re-)loading device configurations
2019:02:21-09:19:24 mx2 red_server[26819]: SELF: New connection from <client public IP> with ID <RED ID> (cipher AES256-GCM-SHA384), rev1
2019:02:21-09:19:24 mx2 redctl[26821]: key length: 32
2019:02:21-09:19:24 mx2 redctl[26822]: key length: 32

Client side RED log:

2019:02:21-09:17:14 vpn red_client[10404]: Tunnel 87: Forking client handler
2019:02:21-09:17:14 vpn red_client[28333]: CHILD Tunnel 87: performing initial keying.
2019:02:21-09:17:14 vpn redctl[28336]: key length: 32
2019:02:21-09:17:14 vpn redctl[28337]: key length: 32
2019:02:21-09:17:14 vpn redctl[28339]: <server public IP> =
2019:02:21-09:17:14 vpn redctl[28339]:   <server public IP>
2019:02:21-09:18:16 vpn red_client[28333]: CHILD Tunnel 87: Socket was closed
2019:02:21-09:18:16 vpn red_client[28333]: CHILD Tunnel 87: Unable to read PING response
2019:02:21-09:18:16 vpn red_client[28333]: Tunnel 87: disconnected
2019:02:21-09:18:19 vpn red_client[10404]: Tunnel 87: Forking client handler
2019:02:21-09:18:19 vpn red_client[28514]: CHILD Tunnel 87: performing initial keying.
2019:02:21-09:18:19 vpn redctl[28516]: key length: 32
2019:02:21-09:18:19 vpn redctl[28517]: key length: 32
2019:02:21-09:18:19 vpn redctl[28519]: <server public IP> =
2019:02:21-09:18:19 vpn redctl[28519]:   <server public IP>
2019:02:21-09:19:21 vpn red_client[28514]: CHILD Tunnel 87: Socket was closed
2019:02:21-09:19:21 vpn red_client[28514]: CHILD Tunnel 87: Unable to read PING response
2019:02:21-09:19:21 vpn red_client[28514]: Tunnel 87: disconnected
2019:02:21-09:19:24 vpn red_client[10404]: Tunnel 87: Forking client handler
2019:02:21-09:19:24 vpn red_client[28719]: CHILD Tunnel 87: performing initial keying.
2019:02:21-09:19:24 vpn redctl[28721]: key length: 32
2019:02:21-09:19:24 vpn redctl[28722]: key length: 32
2019:02:21-09:19:24 vpn redctl[28724]: <server public IP> =
2019:02:21-09:19:24 vpn redctl[28724]:   <server public IP>
2019:02:21-09:20:26 vpn red_client[28719]: CHILD Tunnel 87: Socket was closed

Any hints what's going wrong?



This thread was automatically locked due to age.
  • Solved itself after some more reboots. Strange, had a similar problem already when updating to 9.600...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)