Since upgrading all our customers to 9.601, a bigger part of them are complaining about RED's re/disconnection in a no-pattern way.
It started for all of them just the night we upgraded to 9.601, and they all are on different ISP's and located different places around the country.
Been with Sophos support for 2 hours today, and now they escalated it to higher grounds.
Will return with an update....
Suspicious entries in the log - but all connected REDs do this before connection:
2019:03:06-15:15:38 fw01-2 red_server[17509]: SELF: Cannot do SSL handshake on socket accept from 'xxx.xxx.xxx.xxx': SSL connect accept failed because of handshake problems
2019:03:06-15:15:46 fw01-2 red2ctl[12420]: Missing keepalive from reds3:0, disabling peer xxx.xxx.xxx.xxx
I know the last line is written before the tunnel disconnects, because there was no "PING/PONG" answer...
One customer has 2 x RD 50, one 1 100% stable and the other fluctuates in random intervals - we replaced this with a new RED 50, but the same thing occurs.
Are the issues only with RED50 or the smaller ones too?
Best regards
Alex
-
Alexander Busch said: Are the issues only with RED50 or the smaller ones too? Best regards Alex
Just RED 50 at the moment.
We have the same problem with multiple customers with RED50s and RED15s. The mentioned workaround fixed the problems for several RED50s and RED15s, only one RED50 doesn't come back at the moment.
The workaround does work, until it doesn't. Seven out of ten were able to stabilize with the workaround, three had to be RMA'd.
Lest anyone would get upset over the workaround not working. Should it work for you it's a win. Thanks for everyone's input to the forum, makes life less stressful in most cases.
It started for all of xenderthem just th omegle e night we upgraded to 9.601, and they all are on discord different ISP's and located different places around the country.