This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.601 - RED issues!

Since upgrading all our customers to 9.601, a bigger part of them are complaining about RED's re/disconnection in a no-pattern way.

It started for all of them just the night we upgraded to 9.601, and they all are on different ISP's and located different places around the country.

Been with Sophos support for 2 hours today, and now they escalated it to higher grounds.

Will return with an update....

Suspicious entries in the log - but all connected REDs do this before connection:

2019:03:06-15:15:38 fw01-2 red_server[17509]: SELF: Cannot do SSL handshake on socket accept from 'xxx.xxx.xxx.xxx': SSL connect accept failed because of handshake problems

2019:03:06-15:15:46 fw01-2 red2ctl[12420]: Missing keepalive from reds3:0, disabling peer xxx.xxx.xxx.xxx

I know the last line is written before the tunnel disconnects, because there was no "PING/PONG" answer...

One customer has 2 x RD 50, one 1 100% stable and the other fluctuates in random intervals - we replaced this with a new RED 50, but the same thing occurs.



This thread was automatically locked due to age.
Parents
  • So all RED's are running 9.702-1 and still seeing this SSL drop issue. 

     

    red2ctl[15035]: Overflow happened

    SELF: Cannot do SSL handshake on socket accept from 'x.x.x.x': SSL connect accept failed because of handshake problems

     

    Honestly...

  • I'm still getting this also on a RED 50 running 9.702-1.... quite annoying.

  • Hello everybody,

    can somebody give me an update how the actual situation is about the connection problems, bootloop problems and unified_firmware problems wit RED ?

    I was strugeling myself at the end of 2019 with the bootloop problem and I`m still looking for a solution to connect a branch to our main office, using the same IP-range.
    I got three RED15 over RMA, but no one worked until I found this post - we gave all of them back but I still have no connection.

    In the main office we`re using a SG210 running 9.605-1, but I could update to 9.702-1.

    What about the RED 20....same problem...?

     

    Greetings..
    Bruno

  • Knock on wood, our RED50s have been stable since the upgrade to 9.702.  Before we were losing 1-2 a week out of the 8 we have deployed.

  • Hello Aaron,

    thanks for your Info.
    I´m really thinking about giving it a chance...but....
    "Sophos User287" wrote in Mai that he has still the same issues.
    Next problem is, the RED50`s are actually not available because of delivery problems.

    I could get a RED20....has anyone experiences with it....`?

     

    Greetings
    Bruno

  • Yes and it's still happening..... Only just last week again! I've even got it in balancing mode now and it still dropped out.

     

    Once the 9.703-3 update becomes available for my units I'll deploy and see what happens but suffice to say, the issue still exists in 9.702-1 for us.

  • Unfortunately I can only speak for our organization.

    The RED50 is being replaced by RED60, so you might be able to get those.  The RED20 should be good too if it meets your requirements.

    You just have to have 9.703 installed to be able to configure either one.

  • Good morning Aaron,

    yesterday I had a telephone conference with a distributor and his sophos techician.
    They told me that Sophos is going to solve the problem with 9.703-3 but still you have to have to get hands on it.
    Sophos published an image for RED´s and you have to flash the RED`s with it.
    And in combination with 9.703-3 the RED`s should be stabel.
    Before I start another test I asked them to give me more information how that flashing has to be done.
    The image has to be copied on a memory stick and then you have to flash it in a console session.
    But... not all memory sticks are compatible....?!?!
    I let you know if get the informations...

    Greetings
    Bruno

  • We updated from 9.702-1 to Version  9.703-3 the last days, but the Problems are still not solved!!!
    One of our Red15 (which has already been replaced a few month before due to these problems) is facing the same problems again since two weeks now. Also after the update to 9.703-3 the issues are still there.
    -connection loss, overflow happen, etc. etc. it also generates tons of emails -> red connection down / up /down / up

    The workaround at the moment is, disable the red and the appropriate interface, wait 5 to 10 minutes and enable it again. the red comes up, but it only lasts 2 - 3 days till the problem comes back.

    Flashing the REDs manually with a new Image? Seriously, this cant be a solution for a lot of customers out there.

Reply
  • We updated from 9.702-1 to Version  9.703-3 the last days, but the Problems are still not solved!!!
    One of our Red15 (which has already been replaced a few month before due to these problems) is facing the same problems again since two weeks now. Also after the update to 9.703-3 the issues are still there.
    -connection loss, overflow happen, etc. etc. it also generates tons of emails -> red connection down / up /down / up

    The workaround at the moment is, disable the red and the appropriate interface, wait 5 to 10 minutes and enable it again. the red comes up, but it only lasts 2 - 3 days till the problem comes back.

    Flashing the REDs manually with a new Image? Seriously, this cant be a solution for a lot of customers out there.

Children