Recently I purchased a RED20 to connect our branch office to HQ. The HQ has a Sophos XG firewall (XG310) which is all up to date.
When I try to connect the RED20 from the brach office to HQ no connection is being made.
What happens is this:
when booting the RED20 the system light starts blinking green and after a few seconds it's steady green and the router light starts blinking green.
After 70 seconds the router light dies and the system light turns red. This sequence keeps repeating itself.
The RED20 is connected directly to router and it should get an IP address from it.
On the XG I added a RED interface but it doesn't show any signs of connectivity with the RED20 (offline)
Does somebody have any clue why this isn't working?
If possible, I would move the RED to a different location and test from there.
Also if your NAT device allows some type of diagnostics tools, or TCPdump, I would see if it sees any traffic coming from the RED device.
I have moved the RED to a different location but the results are the same. My NAT device is unfortunately a very basic device with almost no diagnostic tools on board.
I've send you two zip-files (through private message). One is the tcpdump file, made from de XG console. The other one is a putty log from the RED20.
Perhaps you'll find some clues in it.
This would'nt be the first RED that has been shipped with faulty firmware unable to connect.
It is always connecting to Sophos Servers first to look for new configurations you made for it before connecting to your XG firewall.
So if connecting to Sophos = Internet is not working, you may have a bricked box there.
Don't know if you can re-image a RED or if this needs to be done by RMA. Perhaps emmosophos can write a line about that?
Yeah, I agree, that could be the case.
It should all be straight forward.
If nothing else will do, I'm gonna give the USB-stick option a try.
Thanks for your replies, I really appreciate it.
Thank you for the PM, I have requested some more information from you.
For the RED devices, it needs to be RMA.
Thanks for the soultion.
A DNAT rule was misconfigured.
The traffic was hitting NAT ID rule number 32, uponc checking your NAT rule it seems your rule has the Service as ANY, which is causing this issue
DNAT rule was narrowed down to the port specific being used to access the WRDSGW server.
Basically what is happening is that the XG is caching all the traffic in any incoming port and passing it down to the WRDSGW server.
Good you have it working now.
But what is WRDSGW?
And where is that NAT rule configured?