HelloI am having problems with my RED setup since applying 9.704-2 to my both UTM appliances. They are "homified" SG 115w and UTM 220.Both have two RED servers and clients connecting vice versa. I am using availability groups with special monitoring on the RED interfaces in order to select my best route to the other site.
This setup was working flawlessly without any issues including version 9.703-3 and all 4 RED tunnels being up at the time. After applying 9.704 I am only able to have one of the four tunnels active. As soon as I activate a second one, I am getting a log like the attached one.It gives me disconnects, "Missing keepalive from [RED client interface], disabling peer [IP address]" and "Overflow happend on [RED client interface]" messages in the RED log.
red.logSwitching the ep-red RPM package back to the old version solves the problem for me.BR,Sascha
Thank you for contacting the Sophos Community!
What is the output of the following command:
# rpm -qa |grep redred-firmware-chainboot-8.17-0.76174932.g788e4c8ep-red-9.70-56.gd3d4160.rb5
Hi,9.705 does not include RPM packages for red-firmware-chainboot and ep-red. But of course I could upgrade to the latest release.I am currently on 9.704-2. Though I have replacedep-red-9.70-58.gdc75c10.rb3.i686withep-red-9.70-56.gd3d4160.rb5.i686by using the commandrpm -Uvh --oldpackage ep-red-9.70-56.gd3d4160.rb5.i686.rpmThis solved my problem and reverted RED to its previous, "normal" behavior.
With version 9.704-2 and downgraded to ep-red-9.70-56.gd3d4160.rb5.i686:sophos:/root # rpm -qa | grep redred-unified-firmwares-9700-0.358343537.gd6f8f71.rb3red-firmware-chainboot-8.17-0.76174932.g788e4c8ipv6-miredo-1.2.5-1.gd589f8cred15-firmware-5317-0.340969712.gdeba856ae.rb4red-firmware-8.17-0.g30d3fa5.rb1nss-shared-helper-chroot-1.0.10-0.7.10.81.g3fa4edbpython-ordereddict-1.1-1.0.317998409.gab3cfdd.rb2red-firmware2-5317-0.340967634.g849d3589d.rb4ep-red-9.70-56.gd3d4160.rb5EDIT: I have now upgrade to 9.705-3.
With version 9.705-3 (original):sophos:/root # rpm -qa | grep redred-unified-firmwares-9700-0.358343537.gd6f8f71.rb3red-firmware-chainboot-8.17-0.76174932.g788e4c8ipv6-miredo-1.2.5-1.gd589f8cred15-firmware-5317-0.340969712.gdeba856ae.rb4red-firmware-8.17-0.g30d3fa5.rb1ep-red-9.70-58.gdc75c10.rb3nss-shared-helper-chroot-1.0.10-0.7.10.81.g3fa4edbpython-ordereddict-1.1-1.0.317998409.gab3cfdd.rb2red-firmware2-5317-0.340967634.g849d3589d.rb4The issue still persists.BR,Sascha
Am I able to open a Support Case with SophosSupport as I am only a Home user?EDIT: It seems, I am. The assigned case number is: 03167215
Thank you for the Case ID. I will update you in case we need something else from your end, most likely the case might get closed since you are a home user, but I have reached out to DEV directly.
I am currently running with downgraded ep-red, as initially written.Only to bear this in mind.
A quick question, you only have site2site RED tunnels, right? No physical RED devices.
Hi,Yes. I am using 4 Site-2-Site tunnels in total. I do not have any physical RED devices.I am using the new protocol with ports 3400 and 3410 utilized (i. e. no Legacy RED).BR,Sascha
Hello Sascha,Thank you for the confirmation!
This is now being investigated under NUTM-12280
OK,Thank you so far. In case you need anything else from my side, please let me know.I may provide a remote session, remote access, configuration backups, etc. as also stated in one of my mails.BR,Sascha
I have sent you a PM, with the information asked for the DEV team.