Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 12039 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED constantly disconnecting / unstable tunnel

Richard Priest

Hi,

 

I recenetly installed a RED at a remote site and cousn't get it to provide a stable connection back to our UTM. 

 

Looking at the UTM logs it constantly cycles with the following

 

2019:03:15-07:18:34 bch-sophosutm-aimes red_server[18177]: SELF: New connection from 195.188.243.4 with ID A3501B004319705 (cipher AES256-GCM-SHA384), rev1
2019:03:15-07:18:34 bch-sophosutm-aimes red_server[18177]: A3501B004319705: already connected, releasing old connection.
2019:03:15-07:18:34 bch-sophosutm-aimes red_server[17817]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A3501B004319705" forced="1"
2019:03:15-07:18:34 bch-sophosutm-aimes red_server[17817]: A3501B004319705 is disconnected.
2019:03:15-07:18:36 bch-sophosutm-aimes red_server[18177]: A3501B004319705: connected OK, pushing config
2019:03:15-07:18:40 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'UMTS_STATUS value=OK'
2019:03:15-07:18:40 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:18:40 bch-sophosutm-aimes red_server[18177]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A3501B004319705" forced="0"
2019:03:15-07:18:40 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:18:40 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PONG local_tx=0
2019:03:15-07:18:55 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:18:55 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:18:55 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PONG local_tx=0
2019:03:15-07:19:10 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:19:10 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:19:10 bch-sophosutm-aimes red_server[18177]: A3501B004319705: PONG local_tx=0
2019:03:15-07:19:11 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'SYSSTATE unstable peer using stabilization timeout 30'
2019:03:15-07:19:11 bch-sophosutm-aimes red_server[18177]: A3501B004319705: command 'CON_CLOSE reason=no_peer'
2019:03:15-07:19:41 bch-sophosutm-aimes red_server[18177]: A3501B004319705: No ping for 30 seconds, exiting.
2019:03:15-07:19:41 bch-sophosutm-aimes red_server[18177]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A3501B004319705" forced="0"
2019:03:15-07:19:41 bch-sophosutm-aimes red_server[18177]: A3501B004319705 is disconnected.
2019:03:15-07:20:04 bch-sophosutm-aimes red_server[18934]: SELF: New connection from 195.188.243.4 with ID A3501B004319705 (cipher AES256-GCM-SHA384), rev1
2019:03:15-07:20:04 bch-sophosutm-aimes red_server[18934]: A3501B004319705: connected OK, pushing config
2019:03:15-07:20:11 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'UMTS_STATUS value=OK'
2019:03:15-07:20:11 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:20:11 bch-sophosutm-aimes red_server[18934]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A3501B004319705" forced="0"
2019:03:15-07:20:11 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:20:11 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PONG local_tx=0
2019:03:15-07:20:27 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:20:27 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:20:27 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PONG local_tx=0
2019:03:15-07:20:41 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'PING 0 uplink=WAN'
2019:03:15-07:20:41 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PING remote_tx=0 local_rx=0 diff=0
2019:03:15-07:20:41 bch-sophosutm-aimes red_server[18934]: A3501B004319705: PONG local_tx=0
2019:03:15-07:20:42 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'SYSSTATE unstable peer using stabilization timeout 30'
2019:03:15-07:20:42 bch-sophosutm-aimes red_server[18934]: A3501B004319705: command 'CON_CLOSE reason=no_peer'
2019:03:15-07:20:47 bch-sophosutm-aimes red_server[19233]: SELF: New connection from 195.188.243.4 with ID A3501B004319705 (cipher AES256-GCM-SHA384), rev1
2019:03:15-07:20:47 bch-sophosutm-aimes red_server[19233]: A3501B004319705: already connected, releasing old connection.
2019:03:15-07:20:47 bch-sophosutm-aimes red_server[18934]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A3501B004319705" forced="1"
 
I can see the TCP 3400 traffic from the external IP hitting our gateway, and nothing is being blocked, why is the RED unable to fully establish it's connection?


This thread was automatically locked due to age.
  • 0

    Is it the only RED connection you have or do you have others that are working as expected?

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    Does Sophos Support think that the unit should be replaced?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Hi,

    we got exactly the same problem. Any update on this?

  • 0

    Hi Richard Priest,

    I have had issues with a RED15, and the first thing I always do is switch off compression, Sophos has never fixed this properly, and also I have had issues with the MTU size on the RED end...

    The RED15 in a Data-Center it would disconnect every 3-4 days, until I checked the firmware and found that the MTU was set incorrectly, so updated firmware and changed MTU, now it would only disconnect every 2-3 weeks.

    then if it did disconnect and then not re-connect I would reboot the router in front of the RED and all would be fine (for the next couple of weeks).

    I have a SG310 on a 40/100 fibre circuit, the data-center had 10/100 Ethernet circuit connected via a router (many were tried, finally settled on Draytek283x) and the RED15 was behind the router. I had no issues until the 9.5 updates then it all went south.

    I was using this as a (off-site) backup so this would be constantly running at full tilt all the time. Loading may have been another issue to contend with.

    I hope this helps you out

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

Unfiltered HTML