This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED15 connection problem

Hello,

we have UTM 9 Firewall ,

we have a problem with RED 15, since yesterday one of RED15 cannot connect to our firewall, on saturday we installed the firmware update, after the update everything worked.

we use another 3 REDs that work.

 here is the error log, it repeats

2021:09:14-10:55:17 firewall-1-2 red_server[55549]: SELF: New connection from 213.X.X.X with ID A350121E01A8804 (cipher AES256-GCM-SHA384), rev1
2021:09:14-10:55:17 firewall-1-2 red_server[55549]: A350121E01A8804: connected OK, pushing config
2021:09:14-10:55:18 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
2021:09:14-10:55:18 firewall-1-2 red_server[55549]: A350121E01A8804: Initializing connection running protocol version 0
2021:09:14-10:55:18 firewall-1-2 red_server[55549]: A350121E01A8804: Sending json message {"data":{},"type":"WELCOME"}
2021:09:14-10:55:19 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{},"type":"CONFIG_REQ"}'
2021:09:14-10:55:19 firewall-1-2 red_server[55549]: A350121E01A8804: Sending json message {"data":{"pin":"","fullbr_dns":"","split_networks":"1.2.3.4","lan2_vids":"","lan4_vids":"","local_networks":"","tunnel_id":13,"manual2_netmask":24,"asg_cert":"[removed]","manual_address":"0.0.0.0","bridge_proto":"none","unlock_code":"0Mxdg21i","password":"","manual2_defgw":"0.0.0.0","prev_unlock_code":"0Mxdg21i","manual_netmask":24,"lan3_vids":"","mac_filter_type":"none","mac":"00:59:d3:2a:98:af","dial_string":"*99#","manual2_address":"0.0.0.0","manual_dns":"0.0.0.0","poe_port1":0,"poe_port2":0,"lan1_mode":"unused","username":"","activate_modem":0,"tunnel_compression_algorithm":"lzo","fullbr_domains":"","htp_server":"firewall-1.bridgetec.de","uplink_balancing":"failover","asg_key":"[removed]","type":"red15","deployment_mode":"online","uplink2_mode":"dhcp","version_red15":"1-470-0a7bdb107-e9f0c31","manual2_dns":"0.0.0.0","lan2_mode":"unused","debug_level":0,"local_networks_t...L1398
2021:09:14-10:55:23 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"key1":"BAxr+aDRWna3tJbfpkuMg0GcGhFMn0TA+XCU1U6uTmM=","key0":"DdikqpOAsQD0NWDj\/n3CA\/RNCm8LssjYTc7S\/1av8G4=","key_active":0},"type":"SET_KEY_REQ"}'
2021:09:14-10:55:23 firewall-1-2 red_server[55549]: A350121E01A8804: Sending json message {"data":{},"type":"SET_KEY_REP"}
2021:09:14-10:55:24 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"seq":0},"type":"PING"}'
2021:09:14-10:55:24 firewall-1-2 red_server[55549]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A350121E01A8804" forced="0"
2021:09:14-10:55:24 firewall-1-2 red_server[55549]: A350121E01A8804: Sending json message {"data":{"seq":0},"type":"PONG"}
2021:09:14-10:55:25 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"uplink":"WAN1","wan1_ip":"172.X.X.X"},"type":"STATUS"}'
2021:09:14-10:55:40 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"seq":1},"type":"PING"}'
2021:09:14-10:55:40 firewall-1-2 red_server[55549]: A350121E01A8804: Sending json message {"data":{"seq":1},"type":"PONG"}
2021:09:14-10:55:51 firewall-1-2 red_server[55549]: A350121E01A8804: command '{"data":{"message":"Unstable peers"},"type":"DISCONNECT"}'
2021:09:14-10:55:51 firewall-1-2 red_server[55549]: A350121E01A8804: Disconnecting: , Unstable peers
2021:09:14-10:55:51 firewall-1-2 red_server[55549]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A350121E01A8804" forced="1"
2021:09:14-10:55:51 firewall-1-2 red_server[55549]: A350121E01A8804 is disconnected.

 

can you help me with that?

 

Thank you



This thread was automatically locked due to age.
Parents
  • Hallo and welcome to the UTM Community!

    I would guess that it's just a coincidence that the connection with the RED 15 failed when it did.  I say that because none of the other units has a similar problem.  So, it could be the RED or the ISP's equipment at the RED 15 location.

    What does Sophos Support say?  While waiting for their response, you could modify the configuration for that RED, wait ten minutes and then change it back to original.  That would cause the unit to reload its config from the server in the cloud.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hallo and welcome to the UTM Community!

    I would guess that it's just a coincidence that the connection with the RED 15 failed when it did.  I say that because none of the other units has a similar problem.  So, it could be the RED or the ISP's equipment at the RED 15 location.

    What does Sophos Support say?  While waiting for their response, you could modify the configuration for that RED, wait ten minutes and then change it back to original.  That would cause the unit to reload its config from the server in the cloud.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children