Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ping kills RED tunnel

Environment:
SFOS: 19.5.1 MR-1-Build278

SiteA: XGS 3xxx
SiteB: XGS 2xxx
SiteC: SD-RED 20

SiteA - SiteB: IPSEC tunnel (route based)
SiteA - SiteC: RED tunnel (standard/unified)

Ping test with host behind the tunnels:
SiteA to SiteB -> OK
SiteA to SiteC -> OK

SiteB to SiteA -> OK
SiteB to SiteC -> NOT OK -> RED tunnel disconnects and re-connects

SiteC to SiteA -> OK
SiteC to SiteB -> NOT OK -> RED tunnel disconnects and re-connects

red.log:
REDD ERROR: server: Can not do SSL handshake on Socket accept from 'xxx.xxx.xxx.xxx': SSL accept attempt failed
REDD ERROR: server: Can not do SSL handshake on Socket accept from 'xxx.xxx.xxx.xxx': SSL accept attempt failed
REDD INFO: server: New connection from xxx.xxx.xxx.xxx with ID RXXXXXXXXXXXXXXXXX (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1

red-RXXXXXXXXXXXXXXXXX.log:
Fri May 5 07:52:22 2023Z REDD INFO command '{"data":{"message":"Unstable peers","type":"RUNTIME_ERROR_OCCURRED"},"type":"DISCONNECT"}'
Fri May 5 07:52:22 2023Z REDD INFO Disconnecting: Unstable peers
Fri May 5 07:52:23 2023Z REDD INFO RXXXXXXXXXXXXXXXXX/XXX is now disconnected
Fri May 5 07:52:23 2023Z REDD INFO device is disconnected.
Fri May 5 07:52:27 2023Z REDD INFO server: New connection from xxx.xxx.xxx.xxx (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Fri May 5 07:52:28 2023Z REDD INFO Disabling debug
Fri May 5 07:52:28 2023Z REDD INFO connected OK, pushing config
Fri May 5 07:52:29 2023Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Fri May 5 07:52:29 2023Z REDD INFO Initializing connection running protocol version 0
Fri May 5 07:52:29 2023Z REDD INFO Sending json message {"data":{},"type":"WELCOME"}
Fri May 5 07:52:30 2023Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Fri May 5 07:52:30 2023Z REDD INFO Sending json message {"data":......................}
Fri May 5 07:52:34 2023Z REDD INFO command '{"data":...........}'
Fri May 5 07:52:34 2023Z REDD INFO Sending json message {"data":{},"type":"SET_KEY_REP"}
Fri May 5 07:52:35 2023Z REDD INFO RXXXXXXXXXXXXXXXXX/XXX is now re-connected after 30000 ms
Fri May 5 07:52:35 2023Z REDD INFO command '{"data":{"uplink":"WAN1","wan1_ip":"xxx.xxx.xxx.xxx"},"type":"STATUS"}'
Fri May 5 07:55:00 2023Z REDD INFO RXXXXXXXXXXXXXXXXX/XXX transfered bytes TX: 3673888 RX: 3686052

8 month ago I think this exact issue has already been reported by "craig A":  Very Strange issue has anyone seen anything like this? - XGS RED 60 

Currently we are within working hours, therefore I haven't tested the suggested workaround: system ipsec-acceleration disable

I can not find this issue in the Sophos Known Issues list https://doc.sophos.com/support/kil/index.html

Do I see a new issue or is it really true that this for a minimum 8 month old issue is till today not fixed?
Hopefully the workaround "system ipsec-acceleration disable" works, but who wants this because this the main reason to buy a XGS!!!



This thread was automatically locked due to age.
Parents Reply Children
No Data