Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 1112 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED60 strange LAN flipping problems

Jan Möhler

Hi,

I have to add 14 RED60 devices for a customer

I have now configured 2 devices, and have exact the same problem on both devices.

After configuration it works fine, for about 2 minutes. After this time, I have a short down on LAN port (only 1 sec) there after I get an IP from the RED default network, not from the VLAN I should. If I unplug the device from LAN before the first downtime of the LAN port, I will get the right IP from the right VLAN ... It is very strange to me.

A few facts:

 RED60 device is connected to XG230

RED60 is connected to 1 WAN in DHCP mode (WAN is always up)

RED60 is in Standard/Split mode. IP of the RED is 192.168.162.1/24 we have DHCP on the RED from 50 to 200 Shared network is an internal network from XG

Switch mode is VLAN. LAN1 is Untagged, dropp tagged (Access Port) VLAN is 1

Port 2 is Untagged (Hybrid Port) VLAN 703 Port 3 is Untagged (Hybrid Port) VLAN 203 Port 4 is Disabled

VLAN 703 is 172.16.3.0/24 VLAN 203 is 192.168.203.0/24 with DHCP from 50 to 200

PoE is disabled on LAN1 and LAN3

I have also tested to set LAN Port 2 and 3 to Untagged, drop tagged (Access Port) same problem.

I have changed the Network adapter in test client, and I have tested with 2 different RED60 devices.

At the moment we have no route to internet set from the VLANs on XG, but I think this should not be the problem for this strange effect.

Has someone a solution for my problem, or did I everything wrong with the RED60? 

I am very new with Sophos, worked with many other products in the past. So perhaps I did something wrong in configuration.

Thank you for helping  

Jan



This thread was automatically locked due to age.
  • 0

    I have some new information:

    Now I have changed the RED to Standard/Unified for testing. In Sophos Docs, this is the only mode VLAN can be handled complete, tagged and untagged.

    In this mode the same problem like described.

    Than I have tried (also in Standard/Unified mode) to disable LAN2 till 4 port on the RED60 device, and configure LAN1 port as tagged Port, with VLAN1 (the default LAN from this RED 192.168.162.1/24 with DHCP Server), my VLAN 203 and 703. 

    Behind the RED LAN1 port, I have a switch, configured in VLAN trunk mode at the port, and 1 port as VLAN1 Access-Port, 1 Port for VLAN203 and 1 Port for VLAN 703 in access-mode.

    Now the VLAN trunk port does not flip any more, the connection between switch and RED is permanent.

    But I have the same problem with the VLANs. about 2 minutes it works how I would expect, I get an IP address from VLAN 203 on the VLAN 203 Port. I also get an IP address from the RED default network if I patch to a VLAN 1 access-port. I can use 2 devices the same time, I will get 2 IP addresses from the right network. After about 2 minutes, VLAN 1 (the RED Network) continue working great. VLAN 203 and 703 are gone. I will not get any IP anymore, until I reboot the RED device. An existing IP keeps on, but no traffic.

    Greetings Jan   

  • 0

    It was so easy ... The firmware was the problem. Updating the RED devices solved the problem.

Unfiltered HTML