This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SD-RED 60 - UTM SG 310 V9.705-3 - RED device is disconnected

Hello

I just tried to configure a SD-RED 60 and I have always the same message coming into the "Open RED live LOG"

21:01:04-18:55:43 firewall red_server[21205]: SELF: Cannot do SSL handshake on socket accept from '194.230.146.130': SSL connect accept failed because of handshake problems
2021:01:04-18:55:45 firewall red_server[21212]: SELF: New connection from 194.230.146.130 with ID R60001RMKPWQREB (cipher AES256-GCM-SHA384), rev1
2021:01:04-18:55:45 firewall red_server[21212]: R60001RMKPWQREB: connected OK, pushing config
2021:01:04-18:55:46 firewall red_server[21212]: R60001RMKPWQREB: command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
2021:01:04-18:55:46 firewall red_server[21212]: R60001RMKPWQREB: Initializing connection running protocol version 0
2021:01:04-18:55:46 firewall red_server[21212]: R60001RMKPWQREB: Sending json message {"data":{},"type":"WELCOME"}
2021:01:04-18:55:47 firewall red_server[21212]: R60001RMKPWQREB: command '{"data":{"poe_port1_status":{"current":0,"FETok":true,"detectionOn":false,"pdstate":0,"port":1,"pdclass":-3,"classificationOn":false,"classFail":false,"TPPL":0,"good":false,"type":"port","priority_str":"high","PMoff":false,"MSCCcap":false,"priority":0,"mode":0,"pdstate_str":"unknown","volt":0,"PPL":0,"pdclass_power_limit":0,"FEToverTemp":false,"isAT":false,"power":false,"watt":0,"mode_str":"shutdown"},"poe_port2_status":{"current":0,"FETok":true,"detectionOn":false,"pdstate":0,"priority_str":"low","pdclass":-3,"classificationOn":false,"classFail":false,"TPPL":0,"good":false,"type":"port","port":2,"PMoff":false,"MSCCcap":false,"watt":0,"power":false,"PPL":0,"FEToverTemp":false,"isAT":false,"pdclass_power_limit":0,"volt":0,"pdstate_str":"unknown","mode":0,"priority":2,"mode_str":"shutdown"},"poe_chip_status":{"type":"chip","id":46,"totalPower":0,"totalPowerReg":0,"temperature":52.68,"volt":53.5653,"totalPowerCalc":0,"maxTotalPower":34,"firmware":12}},"type":"STATUS"}'
2021:01:04-18:55:48 firewall red_server[21212]: R60001RMKPWQREB: command '{"data":{},"type":"CONFIG_REQ"}'
2021:01:04-18:55:48 firewall red_server[21212]: R60001RMKPWQREB: Sending json message {"data":{"pin":"","fullbr_dns":"","split_networks":"192.168.1.0/24 1.2.3.4","lan2_vids":"","lan4_vids":"","local_networks":"","tunnel_id":1,"manual2_netmask":24,"asg_cert":"[removed]","manual_address":"0.0.0.0","bridge_proto":"none","unlock_code":"m1tijtv8","password":"","manual2_defgw":"0.0.0.0","prev_unlock_code":"m1tijtv8","manual_netmask":24,"lan3_vids":"","mac_filter_type":"none","mac":"00:b4:8c:e4:2e:80","dial_string":"*99#","manual2_address":"0.0.0.0","manual_dns":"0.0.0.0","poe_port1":0,"poe_port2":0,"lan1_mode":"unused","username":"","activate_modem":0,"tunnel_compression_algorithm":"lzo","fullbr_domains":"","htp_server":"unesa.ddns.net","uplink_balancing":"failover","asg_key":"[removed]","version_red60":"1-1095-276a6ad18-fda4803","type":"red60","deployment_mode":"online","uplink2_mode":"dhcp","manual2_dns":"0.0.0.0","lan2_mode":"unused","debug_level":0,"local_netw...L1393
2021:01:04-18:55:48 firewall red_server[21212]: R60001RMKPWQREB: command '{"data":{"message":"Received device configuration from UTM using network fallback mode successfully","type":"NEW_CONFIG"},"type":"DISCONNECT"}'
2021:01:04-18:55:48 firewall red_server[21212]: R60001RMKPWQREB: Disconnecting: NEW_CONFIG, Received device configuration from UTM using network fallback mode successfully
2021:01:04-18:55:48 firewall red_server[21212]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="R60001RMKPWQREB" forced="1"
2021:01:04-18:55:48 firewall red_server[21212]: R60001RMKPWQREB is disconnected.
I tried to redo the configuration of the SD-RED with same error.
if you have info let me know

KR and Happy New Year

Olivier


This thread was automatically locked due to age.
  • My problem it's only in standard/split mode when I add the Internal network, the RED is always disconnecting.

  • Salut Olivier and welcome to the UTM Community!

    "Cannot do SSL handshake" - is there something being intercepted by the device the RED is behind?

    I didn't understand the implications of your last comment.  Does the RED come up if you configure in Unified?  When you're in Split, does the tunnel come up if don't include "Internal (Network)"?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    I have resolved my problem, yesterday evening. So now everything is working fine.

    Thanks for your answer.

    Happy New Year and best wishes.

  • Bonnes nouvelles !  Au fait, ceci aiderait plus aux autres s'ils savaient ce qu’il fallait faire pour resoudre le probleme.

    Happy New Year to you and yours, Olivier.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA