Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
Dear All,Our customer's branch is in China.China block the IPsec VPN to other world, so we build the site to site vpn with RED tunnel between head and branch office.
The RED protocol works great.But the RED tunnel will not reconnect automatically when the connection failed.We only can restart the connection manually...
Can you tell us, which site causes this issue? XG or RED?
Do you see the RED trying to connect to the XG and failing or is there simply "nothing" in the RED log on XG?
Did you perform a dump on Port 3410 and Port 3400 while this issue occurs?
In reply to LuCar Toni:
Two sites use XG appliance both.
HeadOffice is XG210 (SFOS 16.05.8 MR-8),
BranchOffice is XG115 (SFOS 17.1.3 MR-3).
When the RED connection failed, the connect status still show "Uplink IP: XXX.XXX.XXX.XXX" on HeadOffice's XG.
I need to stop the RED, and start it again to make the connection work really.
In reply to ShunzeLee:
found this in a KB
If you see the tunnel constantly going up and down you may need to disable hardware acceleration.
Logon to the console of the XG and issue the following commands.
system firewall-acceleration show
In reply to Mark Darvell:
Thanks for reply.
But the RED status always show "Uplink" but not up and down.
It should be different issue.
Would suggest to update this V16 Appliance. You are couple of bug fixes behind...
verify both are are on 17.x sfos as was said, verify isp equipment firewalling is not interfering, verify both are on latest RED firmware at the backup & firmware >> pattern updates screen, review /log/red.log + /log/syslog.log + /log/networkd.log file contents at the time of problems.
In reply to momentum:
The issue doesn't happen again.
So maybe it is a special case.
I have same issue. I have 2 ISP lines WAN1 and WAN2 configured active-active. My RED goes offline when WAN1 goes down.
WAN1 is high bandwidth line and is primary line for me.
Thanks in advance for help