Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

has Sophos stopped Firmwareupdates of RED15/W ?

RED15/w are EOL, I know.

We have some up running and they are fine.

Today I powered up a RED15 and a RED15W

both need to update firmware and will never come online again so I have the feeling, Sophos is actively blocking the something here?

For the the first device I suspected a hardware fault and tried the second - but I do not belive both are faulty suddenly.

RED15:

Tue Jan  9 08:08:43 2024Z REDD INFO A3501xxxxx210A/RED15-frei-2 transfered bytes TX: 0 RX: 0
Tue Jan  9 08:09:17 2024Z REDD INFO server: New connection from 109.xx.xx.177 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Tue Jan  9 08:09:18 2024Z REDD INFO Disabling debug
Tue Jan  9 08:09:18 2024Z REDD INFO connected OK, pushing config
Tue Jan  9 08:09:18 2024Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Tue Jan  9 08:09:18 2024Z REDD INFO Initializing connection running protocol version 0
Tue Jan  9 08:09:18 2024Z REDD INFO Sending json message {"type":"WELCOME","data":{}}
Tue Jan  9 08:09:20 2024Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Tue Jan  9 08:09:20 2024Z REDD INFO Sending json message {"data":{"fullbr_dns":"","debug_level":0,"bridge_proto":"none","manual2_address":"","branchname":"xxxxxxxxxxxxxx
Tue Jan  9 08:09:20 2024Z REDD INFO command '{"data":{"message":"Firmware update required. Trying provisioning service ..."},"type":"DISCONNECT"}'
Tue Jan  9 08:09:20 2024Z REDD INFO Disconnecting: Firmware update required. Trying provisioning service ...
Tue Jan  9 08:09:21 2024Z REDD INFO A3501xxxxx210A/RED15-frei-2 is now disconnected
Tue Jan  9 08:09:21 2024Z REDD INFO device is disconnected.

RED15W:


Tue Jan  9 10:19:23 2024Z REDD INFO connected OK, pushing config
Tue Jan  9 10:19:24 2024Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Tue Jan  9 10:19:24 2024Z REDD INFO Initializing connection running protocol version 0
Tue Jan  9 10:19:24 2024Z REDD INFO Sending json message {"data":{},"type":"WELCOME"}
Tue Jan  9 10:19:25 2024Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Tue Jan  9 10:19:25 2024Z REDD INFO Sending json message {"type":"CONFIG_REP","data":{"prev_unlock_code":"[removed]","hostname_balancing":"failover","uplink_mode""xxxxxxxxxxxxxx
Tue Jan  9 10:19:26 2024Z REDD INFO command '{"data":{"message":"Firmware update required. Trying provisioning service ..."},"type":"DISCONNECT"}'
Tue Jan  9 10:19:26 2024Z REDD INFO Disconnecting: Firmware update required. Trying provisioning service ...
Tue Jan  9 10:19:26 2024Z REDD INFO A36017xxxxxxx4324/RED15w-frei-3 is now disconnected
Tue Jan  9 10:19:26 2024Z REDD INFO device is disconnected.


Tue Jan  9 10:22:57 2024Z REDD INFO server: New connection from 109.xx.xx.177 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Tue Jan  9 10:22:58 2024Z REDD INFO Disabling debug
Tue Jan  9 10:22:58 2024Z REDD INFO connected OK, pushing config
Tue Jan  9 10:22:59 2024Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Tue Jan  9 10:22:59 2024Z REDD INFO Initializing connection running protocol version 0
Tue Jan  9 10:22:59 2024Z REDD INFO Sending json message {"data":{},"type":"WELCOME"}
Tue Jan  9 10:23:00 2024Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Tue Jan  9 10:23:00 2024Z REDD INFO Sending json message {"type":"CONFIG_REP","data":{"manual_defgw":"","route_mode":"default","version_red15":"1-546-fea488294-b1551d"xxxxxxxxxxxxxx
Tue Jan  9 10:23:01 2024Z REDD INFO command '{"data":{"message":"Device configuration has changed, reconnecting ..."},"type":"DISCONNECT"}'
Tue Jan  9 10:23:01 2024Z REDD INFO Disconnecting: Device configuration has changed, reconnecting ...
Tue Jan  9 10:23:01 2024Z REDD INFO A3601xxxxxx74324/RED15w-frei-3 is now disconnected
Tue Jan  9 10:23:01 2024Z REDD INFO device is disconnected.
Tue Jan  9 10:24:13 2024Z REDD INFO A3601xxxxxx74324/RED15w-frei-3 transfered bytes TX: 0 RX: 0


Tue Jan  9 10:26:05 2024Z REDD INFO server: New connection from 109.xx.xx.177 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Tue Jan  9 10:26:06 2024Z REDD INFO Disabling debug
Tue Jan  9 10:26:06 2024Z REDD INFO connected OK, pushing config
Tue Jan  9 10:26:07 2024Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Tue Jan  9 10:26:07 2024Z REDD INFO Initializing connection running protocol version 0
Tue Jan  9 10:26:07 2024Z REDD INFO Sending json message {"type":"WELCOME","data":{}}
Tue Jan  9 10:26:08 2024Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Tue Jan  9 10:26:08 2024Z REDD INFO Sending json message {"type":"CONFIG_REP","data":{"username":"","lan2_vids":"","asg_ca":"[removed]","uplink2_mode":"","lan3_mode":"","t"xxxxxxxxxxxxxx
Tue Jan  9 10:26:09 2024Z REDD INFO command '{"data":{"message":"Firmware update required. Trying provisioning service ..."},"type":"DISCONNECT"}'
Tue Jan  9 10:26:09 2024Z REDD INFO Disconnecting: Firmware update required. Trying provisioning service ...
Tue Jan  9 10:26:09 2024Z REDD INFO A3601xxxxxx74324/RED15w-frei-3 is now disconnected
Tue Jan  9 10:26:09 2024Z REDD INFO device is disconnected.

Tue Jan  9 10:26:25 2024Z REDD INFO server: New connection from 109.xx.xx.177 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Tue Jan  9 10:26:25 2024Z REDD INFO Disabling debug
Tue Jan  9 10:26:25 2024Z REDD INFO connected OK, pushing config
Tue Jan  9 10:26:26 2024Z REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Tue Jan  9 10:26:26 2024Z REDD INFO Initializing connection running protocol version 0
Tue Jan  9 10:26:26 2024Z REDD INFO Sending json message {"data":{},"type":"WELCOME"}
Tue Jan  9 10:26:27 2024Z REDD INFO command '{"data":{"fw_update_counter_exceeded":"1-546-fea488294-b1551d2"},"type":"STATUS"}'
Tue Jan  9 10:26:28 2024Z REDD INFO Deactivated red, fw update counter exceeded
Tue Jan  9 10:26:29 2024Z REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Tue Jan  9 10:26:29 2024Z REDD INFO Sending json message {"type":"CONFIG_REP","data":{"hub_hostname":"212.126.215.59","asg_cert":"[removed]","asg_key":"[removed]","lan3_mode":"xxxxxxxxxxxxxx
Tue Jan  9 10:26:35 2024Z REDD INFO command '{"data":{"message":"May not update firmware: Firmware update counter exceeded"},"type":"DISCONNECT"}'
Tue Jan  9 10:26:35 2024Z REDD INFO Disconnecting: May not update firmware: Firmware update counter exceeded
Tue Jan  9 10:26:36 2024Z REDD INFO A3601xxxxxx74324/RED15w-frei-3 is now disconnected
Tue Jan  9 10:26:36 2024Z REDD INFO device is disconnected.



This thread was automatically locked due to age.
Parents
  • So - Sophos did NOT remove the support for EOL Hardware like RED15 on the provisioning Server. 

    This looks like a technical issue on the deployment. By the way: If the RED can build a connection to the firewall (SFOS/UTM) it will update from the device itself. 

    __________________________________________________________________________________________________________________

  • Thanks, that was the answer I was looking for. Will try to reconfigure such failed REDs via USB stick.

Reply Children
No Data