This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED Devices not working any longer

Hello,

we are investigating issues with our RED devices which are used in occasionally projects. They used to work a couple of months ago.

2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: SELF: New connection from 178.197.221.139 with ID xxxx19055AA454B (cipher AES256-GCM-SHA384), rev1
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Device config was not yet uploaded with the current firmware version '1-501-bb7bd1013-b1551d2'
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Connection is refused as device config was not yet uploaded.
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Sending json message {"data":{},"type":"DEVICE_CONFIG_NOT_YET_UPLOADED_TO_PROV"}
2022:07:27-13:45:41 xxxx-zrh-fw01 red_server[21769]: SELF: Cannot do SSL handshake on socket accept from '10.20.5.108': SSL connect accept failed because of handshake problems
2022:07:27-13:45:41 xxxx-zrh-fw01 red_server[21770]: SELF: Cannot do SSL handshake on socket accept from '10.20.5.108': SSL connect accept failed because of handshake problems
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: SELF: New connection from 10.20.5.108 with ID A35019025674335 (cipher AES256-GCM-SHA384), rev1
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: xxxx9025674335: Device config was not yet uploaded with the current firmware version '1-501-bb7bd1013-b1551d2'
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: xxxx9025674335: Connection is refused as device config was not yet uploaded. 2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: A35019025674335: Sending json message {"data":{},"type":"DEVICE_CONFIG_NOT_YET_UPLOADED_TO_PROV"}

The system is booting into system - router both green and go then to system (red flashing) - router (green) - internet (green flashing)
and then starting with an earlier stage.

Thanks.



This thread was automatically locked due to age.
Parents
  • I have a similar Problem like Bernd, I update an SG 115 UTM to 9.711-5. After Reboot the UTM my two SD RED 20 are disconnected. I have try to delete

    one and readd but no victory. This is show the Log the RED Live log:

    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23126]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Connection is refused as this device is deactivated.
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Sending json message {"data":{},"type":"DEVICE_DEACTIVATED"}
    2022:08:01-08:07:34 xxx-xxx-gw00 red_server[232xx]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:07:36 xxx-xxx-gw00 red_server[23290]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1

    For the second RED i read this post an It works  "do changed the tunnel compression and back and saved the config. This helped"

    But The first one I have delete, the solutions doesn´t work.

    I there any possibiltiy to get the First One also online

    Sorry for my bad englisch

Reply
  • I have a similar Problem like Bernd, I update an SG 115 UTM to 9.711-5. After Reboot the UTM my two SD RED 20 are disconnected. I have try to delete

    one and readd but no victory. This is show the Log the RED Live log:

    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23126]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Connection is refused as this device is deactivated.
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Sending json message {"data":{},"type":"DEVICE_DEACTIVATED"}
    2022:08:01-08:07:34 xxx-xxx-gw00 red_server[232xx]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:07:36 xxx-xxx-gw00 red_server[23290]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1

    For the second RED i read this post an It works  "do changed the tunnel compression and back and saved the config. This helped"

    But The first one I have delete, the solutions doesn´t work.

    I there any possibiltiy to get the First One also online

    Sorry for my bad englisch

Children
  • Hi Holger,

    are you sure, that the RED-configuration is enabled? Check in RED Management->[Server] Client Management if the switch on the device xxxx2MCX96MT4B is green.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • Thanks for the fast Reply, I Check this the Switch is green under RED Management->[Server] Client Management.

    But I have turn off and on, Bellow the Live Log

    2022:08:01-11:17:10 xxx-xxx-gw00 red_server[28292]: SELF: IO::Socket::SSL Version: 1.953
    2022:08:01-11:17:10 xxx-xxx-gw00 red_server[28292]: SELF: Startup - waiting 15 seconds ...
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28512]: UPLOAD: Uploader process starting
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: SELF: (Re-)loading device configurations
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2H8943W63F: New device
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2H8943W63F: Staging config for upload
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2MCX96MT4B: New device
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28292]: xxxx2MCX96MT4B: Staging config for upload
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28512]: [xxxx2MCX96MT4B] Config has not changed, no need to upload to registry service
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28512]: [xxxx2H8943W63F] Config has not changed, no need to upload to registry service
    2022:08:01-11:18:20 xxx-xxx-gw00 red_server[28601]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: xxxx2MCX96MT4B: Connection is refused as this device is deactivated.
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: xxxx2MCX96MT4B: Sending json message {"data":{},"type":"DEVICE_DEACTIVATED"}

  • Hi Holger,

    it's strange, according to the logs, there is no connection configuration for the RED xxxx2MCX96MT4B.

    I would try to delete the existing config and make it new. If that doesn't help, open a ticked at Sophos support.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • Hallo Holger and welcome to the UTM Community!

    Instead of simply toggling the RED server off/on, did you try my suggestion above to edit the server definition and then save it?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Yes I have tried to edit the Server Definition and save it but it only works for the RED Device that I have not delete. But the other one I have delete and add new in the RED Management your solutions (edit & Save) doesn´t work.

    I have do hard reset the SD RED 20 with the Button (reset Button). And then it works fine (also with my RED Server / Management Configuration on the UTM!)

    For all others with the same Problem:

    Do not delete existing units if you no longer connect after an update! Only edit the edit the server definition and then save it

    Sorry for my bad english