Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 1204 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED Devices not working any longer

BerndFeist

Hello,

we are investigating issues with our RED devices which are used in occasionally projects. They used to work a couple of months ago.

2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: SELF: New connection from 178.197.221.139 with ID xxxx19055AA454B (cipher AES256-GCM-SHA384), rev1
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Device config was not yet uploaded with the current firmware version '1-501-bb7bd1013-b1551d2'
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Connection is refused as device config was not yet uploaded.
2022:07:27-13:44:40 xxxx-zrh-fw01 red_server[21472]: xxxx9055AA454B: Sending json message {"data":{},"type":"DEVICE_CONFIG_NOT_YET_UPLOADED_TO_PROV"}
2022:07:27-13:45:41 xxxx-zrh-fw01 red_server[21769]: SELF: Cannot do SSL handshake on socket accept from '10.20.5.108': SSL connect accept failed because of handshake problems
2022:07:27-13:45:41 xxxx-zrh-fw01 red_server[21770]: SELF: Cannot do SSL handshake on socket accept from '10.20.5.108': SSL connect accept failed because of handshake problems
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: SELF: New connection from 10.20.5.108 with ID A35019025674335 (cipher AES256-GCM-SHA384), rev1
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: xxxx9025674335: Device config was not yet uploaded with the current firmware version '1-501-bb7bd1013-b1551d2'
2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: xxxx9025674335: Connection is refused as device config was not yet uploaded. 2022:07:27-13:45:43 xxxx-zrh-fw01 red_server[21775]: A35019025674335: Sending json message {"data":{},"type":"DEVICE_CONFIG_NOT_YET_UPLOADED_TO_PROV"}

The system is booting into system - router both green and go then to system (red flashing) - router (green) - internet (green flashing) 
and then starting with an earlier stage.

Thanks.



This thread was automatically locked due to age.
Parents
  • 0

    I have a similar Problem like Bernd, I update an SG 115 UTM to 9.711-5. After Reboot the UTM my two SD RED 20 are disconnected. I have try to delete

    one and readd but no victory. This is show the Log the RED Live log:

    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23126]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Connection is refused as this device is deactivated.
    2022:08:01-08:06:13 xxx-xxx-gw00 red_server[23127]: xxxx2MCX96MT4B: Sending json message {"data":{},"type":"DEVICE_DEACTIVATED"}
    2022:08:01-08:07:34 xxx-xxx-gw00 red_server[232xx]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-08:07:36 xxx-xxx-gw00 red_server[23290]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1

    For the second RED i read this post an It works  "do changed the tunnel compression and back and saved the config. This helped"

    But The first one I have delete, the solutions doesn´t work.

    I there any possibiltiy to get the First One also online

    Sorry for my bad englisch

  • 0 in reply to Holger Cedl1

    Hi Holger,

    are you sure, that the RED-configuration is enabled? Check in RED Management->[Server] Client Management if the switch on the device xxxx2MCX96MT4B is green.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • 0 in reply to JosefBergmann

    Thanks for the fast Reply, I Check this the Switch is green under RED Management->[Server] Client Management.

    But I have turn off and on, Bellow the Live Log

    2022:08:01-11:17:10 xxx-xxx-gw00 red_server[28292]: SELF: IO::Socket::SSL Version: 1.953
    2022:08:01-11:17:10 xxx-xxx-gw00 red_server[28292]: SELF: Startup - waiting 15 seconds ...
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28512]: UPLOAD: Uploader process starting
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: SELF: (Re-)loading device configurations
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2H8943W63F: New device
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2H8943W63F: Staging config for upload
    2022:08:01-11:17:25 xxx-xxx-gw00 red_server[28292]: xxxx2MCX96MT4B: New device
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28292]: xxxx2MCX96MT4B: Staging config for upload
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28512]: [xxxx2MCX96MT4B] Config has not changed, no need to upload to registry service
    2022:08:01-11:17:26 xxx-xxx-gw00 red_server[28512]: [xxxx2H8943W63F] Config has not changed, no need to upload to registry service
    2022:08:01-11:18:20 xxx-xxx-gw00 red_server[28601]: SELF: Cannot do SSL handshake on socket accept from 'xx.130.153.57': SSL connect accept failed because of handshake problems
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: SELF: New connection from xx.130.153.57 with ID xxxx2MCX96MT4B (cipher AES256-GCM-SHA384), rev1
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: xxxx2MCX96MT4B: Connection is refused as this device is deactivated.
    2022:08:01-11:18:22 xxx-xxx-gw00 red_server[28603]: xxxx2MCX96MT4B: Sending json message {"data":{},"type":"DEVICE_DEACTIVATED"}

  • 0 in reply to Holger Cedl1

    Hi Holger,

    it's strange, according to the logs, there is no connection configuration for the RED xxxx2MCX96MT4B.

    I would try to delete the existing config and make it new. If that doesn't help, open a ticked at Sophos support.

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • 0 in reply to Holger Cedl1

    Hallo Holger and welcome to the UTM Community!

    Instead of simply toggling the RED server off/on, did you try my suggestion above to edit the server definition and then save it?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Yes I have tried to edit the Server Definition and save it but it only works for the RED Device that I have not delete. But the other one I have delete and add new in the RED Management your solutions (edit & Save) doesn´t work.

    I have do hard reset the SD RED 20 with the Button (reset Button). And then it works fine (also with my RED Server / Management Configuration on the UTM!)

    For all others with the same Problem:

    Do not delete existing units if you no longer connect after an update! Only edit the edit the server definition and then save it

    Sorry for my bad english

Reply
  • 0 in reply to BAlfson

    Yes I have tried to edit the Server Definition and save it but it only works for the RED Device that I have not delete. But the other one I have delete and add new in the RED Management your solutions (edit & Save) doesn´t work.

    I have do hard reset the SD RED 20 with the Button (reset Button). And then it works fine (also with my RED Server / Management Configuration on the UTM!)

    For all others with the same Problem:

    Do not delete existing units if you no longer connect after an update! Only edit the edit the server definition and then save it

    Sorry for my bad english

Children
No Data
Unfiltered HTML