Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3242 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Up2Date doesn't work anymore

Mohamed Hassan

Hi Guys,


My Sophos UTM stopped updating, nothing has changed with my internet or settings. From the dashboard it shows last check: never

In the logs I see:

2019:08:03-21:53:55 sukafun-utm audld[8534]: Starting Up2Date Package Downloader
2019:08:03-21:53:56 sukafun-utm audld[8534]: patch up2date possible
2019:08:03-21:54:27 sukafun-utm audld[8534]: Could not connect to Server 175.41.132.12 (status=500 Can't connect to 175.41.132.12:443).
2019:08:03-21:54:57 sukafun-utm audld[8534]: Could not connect to Server 107.21.214.248 (status=500 Can't connect to 107.21.214.248:443).
2019:08:03-21:55:28 sukafun-utm audld[8534]: Could not connect to Server 54.214.16.252 (status=500 Can't connect to 54.214.16.252:443).
2019:08:03-21:55:58 sukafun-utm audld[8534]: Could not connect to Server 79.125.21.244 (status=500 Can't connect to 79.125.21.244:443).
2019:08:03-21:56:28 sukafun-utm audld[8534]: Could not connect to Server 18.184.200.52 (status=500 Can't connect to 18.184.200.52:443).
2019:08:03-21:57:09 sukafun-utm audld[8534]: Could not connect to Authentication Server 175.41.132.12 (code=500 500 Can't connect to 175.41.132.12:443).
2019:08:03-21:57:49 sukafun-utm audld[8534]: Could not connect to Authentication Server 107.21.214.248 (code=500 500 Can't connect to 107.21.214.248:443).
2019:08:03-22:06:57 sukafun-utm audld[9725]: >=========================================================================
2019:08:03-22:06:57 sukafun-utm audld[9725]: All 5 Authentication Servers failed
2019:08:03-22:06:57 sukafun-utm audld[9725]:
2019:08:03-22:06:57 sukafun-utm audld[9725]: 1. Modules::Logging::msg:46() /</sbin/audld.plx>Modules/Logging.pm
2019:08:03-22:06:57 sukafun-utm audld[9725]: 2. Modules::Audld::Authentication::_handle_failure:235() /</sbin/audld.plx>Modules/Audld/Authentication.pm
2019:08:03-22:06:57 sukafun-utm audld[9725]: 3. Modules::Audld::Authentication::start:66() /</sbin/audld.plx>Modules/Audld/Authentication.pm
2019:08:03-22:06:57 sukafun-utm audld[9725]: 4. main::main:174() audld.pl
2019:08:03-22:06:57 sukafun-utm audld[9725]: 5. main::top-level:40() audld.pl
2019:08:03-22:06:57 sukafun-utm audld[9725]: |=========================================================================
2019:08:03-22:06:57 sukafun-utm audld[9725]: id="3703" severity="error" sys="system" sub="up2date" name="Authentication failed, no valid answer from Authentication Servers"
2019:08:03-22:06:57 sukafun-utm audld[9725]:
2019:08:03-22:06:57 sukafun-utm audld[9725]: 1. Modules::Logging::alf:100() /</sbin/audld.plx>Modules/Logging.pm
2019:08:03-22:06:57 sukafun-utm audld[9725]: 2. Modules::Audld::Authentication::start:70() /</sbin/audld.plx>Modules/Audld/Authentication.pm
2019:08:03-22:06:57 sukafun-utm audld[9725]: 3. main::main:174() audld.pl
2019:08:03-22:06:57 sukafun-utm audld[9725]: 4. main::top-level:40() audld.pl
 
 
 
What I've done so far which still did not fix the issue for me:
- Restored from an old backup which I know it was working
- Deployed brand new UTM and restored old backup
- Manually upgraded to latest firmware 
- Disabled firewall and tried any any allowed firewall rule
 
So I have a vdsl modem that's in bridged mode and my UTM is doing the PPPOE where Up2Date isn't working. But what I found out is if I switch my vdsl modem to do PPPOE and have my UTM just as a device behind my modem, Up2Date works. 
 
Can anyone think of why my UTM Up2Date doesn't work?
 
 
Cheers
Mo


This thread was automatically locked due to age.
  • 0

    have ypu done a traceroute to see whete the traffic drops?

  • 0 in reply to DouglasFoster

    Trace route completes to Sophos Up2Date IPs. I checked firewall and can't see anything not allowed regarding any of these IPs. I'm not using proxy or SUM host. What else should I look at?

  • 0 in reply to Mohamed Hassan

    Authentication fails for some reason even to the IPs that I can trace:

  • 0 in reply to Mohamed Hassan

    That's not good, Mohammed.  What happens if you try a server in the US?

    audld.plx --server us2.utmu2d.sophos.com:443

    If that's successful, then there must be a problem in your part of the world and Sophos should be informed.  If it doesn't work, what does Sophos Support have to say about this?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I tried the US URL and I got same authentication failed response. When I traceroute the URL I get: 

    Are you able to complete it from your end. However as I mentioned my UTM is my main gateway behind my bridged modem but if I switch my modem to be main gateway and have UTM just as a network device connected to the modem, updates work. Can't figure out why yet.

     

     

    Cheers

    Mo

  • 0 in reply to Mohamed Hassan

    Everything works for me, Mo.  What happens if you do #1 in Rulz (last updated 2019-04-17) with the modem bridged?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Golden rulz!

    I've disabled every protection component I can think of in the UTM as well as changed firewall to allow all. Still no joy as you see authentication fails and nothing in firewall logs show Up2Date IPs:

     

    What is id"3703"? 

     

      

  • 0 in reply to Mohamed Hassan

    Did you also check the Intrusion Prevention log?

    Does disabling Web Protection change anything?  It shouldn't, but this is a strange problem.

    I'm starting to suspect the modem.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    IPS logs is blank. Disabling web protection did not make any difference. 

    I also would think it's the modem but I already tried a different modem putting it on bridged mode and same thing. The strange thing is it used to work nothing has changed as I was overseas so was not even touching it. The two things could be affecting it, either an update with Sophos but I restored an old backup image and same thing. Or something changed with the connection from the ISP side? Hence it works when I have the modem as gateway. Gave up with this one first time can't fix an issue with Sophos UTM.

    I'm thinking of just have a new clean VM deployed on VMware rather than HyperV which I'm using at the moment and try it out with no configuration other than interfaces.

  • 0 in reply to Mohamed Hassan

    fyi for anyone have same issue in the future. I've created a new Sophos UTM VM and manually copied rules & configuration from old to new one. After that I did not have any issues with Up2Date. It was also a good chance to revise configuration and delete old unwanted configuration.

     

    Cheers

    Mo

Unfiltered HTML