This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.7 and reliability of RED 50 devices

Hi all

we are currently on  9.700-5

and still suffering terribly with bricked red 50 devices 

at one site, we had a powercut then the device did not come back online

its stuck with   "live_log"   on the screen at boot

i had TWO not one ,  TWO more devices as cold standbys

both also in a  non bootable state now,  however they were definately working when put there....

so 3 more RMA tickets 

we  had  1 ticket in november and 2 in december

does anyone have any idea whats going on , i have been told everything is fixed with 9.7 .....

the utm is configured currently to use  unified firmware

are we supposed to be using this or not ?  

i remember the days before unifired firmware, you would put a red50 at a remote site and just forget about it 

they just worked.  now they dont seem to last more than a couple of months, and i actually fear UTM upgrades for the fact that its a lottery as to where the reds come up again ....

i have managment asking questions now that i cant answer .....

 

 


This thread was automatically locked due to age.
  • Yea we started having reliability issues, and hoped 9.700-5 with the new XG firmware/protocol would fix the problem.

     

    We're averaging losing a RED50 a week.  I've definitely lost faith in them, in fact I'm looking at alternative solutions now.  Support never has anything helpful, they just send a replacement unit.  I think today is our 6th or 7th brick in a couple of months.  We almost can't get them RMA'd fast enough before the next one bricks.

  • Guys, this is a known issue and is related to the load on the RED when the Up2Date is applied to the UTM.  Sophos should RMA the bricked units.

    For any further Up2Dates with REDs attached, first, run the following command as root:

    cc set red use_unified_firmware 0

    Then, in the remote locations with REDs, physically disconnect the local Ethernet cables on all of the attached REDs except for the port connected to the Internet.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • BAlfson said:
    Sophos should RMA the bricked units.

    They actually don't. We were advised to wait for UTM 9.7 MR2 since "the issue has been identified and fixed there".

    Ww have a support contract which states "advance replacement within 24 hours" and are held more than two weeks now.

    Out of urgent need we deployed LANCOM VPN tunnels instead of the RED50 (not bad, maybe we stay there).

  • Hi Bob,

    can you turn off the vlans in the UTM config that the remote Red50's are using rather than remove the ethernet cables whilst upgrading?

    Just a little difficult when you have multiple remote sites with no tech support at these locations.

    We have had many of these appliances bricked randomly.

     

    Regards,

    Stephen

  • Hi All,

     

    we have just released UTM 9.702 that contains the fix for the RED50 issues that have been observed over the past months (https://community.sophos.com/products/unified-threat-management/b/blog/posts/utm-up2date-9-702-released). It has taken quite some time for us to find the root cause of this issues, but we have found and addressed the source of these increased failures. More information is available in this KBA https://community.sophos.com/kb/en-us/135240

    RMA processing will also resume shortly and you should receive a fixed unit soon.

    There is no need to disconnect the RED units during the update, as the issue, in this case, is not in the update itself. RED50 that are currently connected can be updated online and will apply the fixed firmware and not run into these issues anymore.

     

    Jan

  • Hallo Jan,

    Just a clarifying question - does this mean that some of the out-of-warranty REDs might not have been permanently damaged and can be brought back up with 9.702?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    unfortunately, a RED50 that has been impacted will need to be RMAd. Only if the RED is still running the firmware update can be applied and will resolve the issue.

    There is no recovery tool available at this point in time.

    Jan