This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Users complaining about network outages of RED in unified mode.

Hi,

we have a remote location with a RED running in standard / unified mode.
Users are complaining that the internet is going down from time to time (status of the network connection is switching to no internet - visible in icon). Connection is via cable.

When I look at red.log some of the incidents might be related to this entries which are the only on for the id in red.log. But there are also incidents that do not match. 
During the other times I see ping/pongs all the times.

Could there be a relation of these entries to the disconnects or are they normal?
Or is there not enought network bandwidth some times?
If they are normal how can one verify the occurences and identify the issue. 
What can I do to get rid of this?

This used to be stable until a couple of days ago. Nothing has been changed that could invoke such issues.

2021:05:04-01:01:22 vpn2-2 red_server[13456]: A360177E9A8E6E9: command '{"data":
{"key_active":1,"key0":"TA1rDxRkSgUC9lOW\/4UzyX+saK2aPqqbNrkhaG\/ur4U="},"type":
"SET_KEY_REQ"}'
2021:05:04-01:31:24 vpn2-2 red_server[13456]: A360177E9A8E6E9: command '{"data":
{"key1":"FI8+7RmAaCTFXIrFThW\/LYSaKibb8p8gibH01HuvrBA=","key_active":0},"type":"
SET_KEY_REQ"}'
2021:05:04-02:01:25 vpn2-2 red_server[13456]: A360177E9A8E6E9: command '{"data":
{"key_active":1,"key0":"rRuC9u\/14RVCqF4meTQ\/dujsr\/qMG41A\/hWRZThFRMs="},"type
":"SET_KEY_REQ"}'
2021:05:04-02:31:26 vpn2-2 red_server[13456]: A360177E9A8E6E9: command '{"data":
{"key1":"tWK\/WoP7fshW82OdJDQGaC7fr5deA9NMVf3U76G4rbc=","key_active":0},"type":"
SET_KEY_REQ"}'
2021:05:04-03:01:27 vpn2-2 red_server[13456]: A360177E9A8E6E9: command '{"data":
{"key_active":1,"key0":"d5eMk9sYcImAM368gTXBeXD1yEV9ZzQi\/GyP\/3DPhBI="},"type":
"SET_KEY_REQ"}'



Regards,
BeEf



This thread was automatically locked due to age.
  • Hallo,

    It's hard to guess.  Have they changed the Ethernet cables to the WAN and LAN ports?  Have they rebooted the RED and the ISP's device?  Can they give you an exact time when an outage begins?

    I'm not a fan of 'Tunnel compression', but I don't know that it's the cause of your problem.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I rebooted the RED and afterwards the client was not able to get a DHCP lease.

    Normally I'd do a reboot of the firewall.

    But in this case I migrated the Firewall to an XG with seperate networks for each REDs. LAN is working but I am not able to get the Wifi running. It is inactive no matter what I do. There is also an fresh entry on the DHCP Server for the Wifi Adapter which is pingable. However whatever I do it stays inactive (as it is internal there is no pending status).

    I have REDs with LAN & WiFi working on the XG but some other show the same behavior (DHCP is external (working), Relay configured. I tried split and unified seht Option 234 on the DHCP and included magic Wifi 1.2.3.4 as network when I used split.

    The WiFi worked on the SG until the Reboot.

  • Sounds like it's time to open a support case with Sophos.  Please let us know what solution they find.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA