This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED estimates tunnel but no traffic throuh tunnel

Hi guys,

We´re using UTM220 Cluster and for testing issues an UTM Software with 9.103-5.

Now we want to use RED devices for smaller remote sites. Having a RED Config set up and connected the RED on an external line. The RED came up, connected to the UTM Software, got a Firmware Update from the UTM, and build up the tunnel. All 4 LEDs are green.

But i cant establish a link to a device beyond the RED. The Astaro/Sophos partner, where we bought the RED, said that the config is ok and should work.

After a while, the RED disconnects the tunnel and build it up again. This happens then every few minutes
So the questions:

1) Is there a mangle of having the correct licenses? (we have all except basic guard). But if its a mangle, why the UTM allows activating RED
2) Could it be that a second firewall (packet filter) between the provider router and the UTM blocks something. But why connect the RED to the UTM?


Regards
Thomas


This thread was automatically locked due to age.
Parents
  • Firebear,

    How about showing us the Wireless Protection log after you power-cycle the RED until the disconnect/reconnect that blocks traffic?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi BAlfson,

    why the Wireless Protection Log? I think its the RED Log.


    2014:03:17-09:40:07 fw002 red_server[30850]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
    2014:03:17-09:40:07 fw002 red_server[30850]: A30000******xx: PING remote_tx=0 local_rx=0 diff=0
    2014:03:17-09:40:07 fw002 red_server[30850]: A30000******xx: PONG local_tx=0
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: command 'PING 1'
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: PING remote_tx=1 local_rx=0 diff=1
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: PONG local_tx=1
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: command 'PING 2'
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: PING remote_tx=2 local_rx=0 diff=2
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: PONG local_tx=2
    2014:03:17-09:41:01 fw002 red_server[30850]: A30000******xx: No in-tunnel frame for 60 seconds, exiting.
    2014:03:17-09:41:01 fw002 red_server[30850]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A30000******xx" forced="0"
    2014:03:17-09:41:01 fw002 red_server[30850]: A30000******xx is disconnected.
    2014:03:17-09:41:07 fw002 red_server[30954]: SELF: New connection from ***.***.***.*** with ID A30000******xx (cipher RC4-SHA), rev1
    2014:03:17-09:41:07 fw002 redctl[30956]: key length: 32
    2014:03:17-09:41:07 fw002 redctl[30957]: key length: 32
    2014:03:17-09:41:07 fw002 red_server[30954]: A30000******xx: connected OK, pushing config
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: command 'PING 0'
    2014:03:17-09:41:15 fw002 red_server[30954]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: PING remote_tx=0 local_rx=0 diff=0
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: PONG local_tx=0
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: command 'PING 1'
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: PING remote_tx=1 local_rx=0 diff=1
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: PONG local_tx=1
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: command 'PING 2'
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: PING remote_tx=2 local_rx=0 diff=2
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: PONG local_tx=2
    2014:03:17-09:42:08 fw002 red_server[30954]: A30000******xx: No in-tunnel frame for 60 seconds, exiting.
    2014:03:17-09:42:08 fw002 red_server[30954]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A30000******xx" forced="0"
    2014:03:17-09:42:08 fw002 red_server[30954]: A30000******xx is disconnected.
    2014:03:17-09:42:14 fw002 red_server[31026]: SELF: New connection from ***.***.***.*** with ID A30000******xx (cipher RC4-SHA), rev1
    2014:03:17-09:42:14 fw002 redctl[31028]: key length: 32
    2014:03:17-09:42:14 fw002 redctl[31029]: key length: 32
    2014:03:17-09:42:14 fw002 red_server[31026]: A30000******xx: connected OK, pushing config
    2014:03:17-09:42:22 fw002 red_server[31026]: A30000******xx: command 'PING 0'
    2014:03:17-09:42:22 fw002 red_server[31026]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
Reply
  • Hi BAlfson,

    why the Wireless Protection Log? I think its the RED Log.


    2014:03:17-09:40:07 fw002 red_server[30850]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
    2014:03:17-09:40:07 fw002 red_server[30850]: A30000******xx: PING remote_tx=0 local_rx=0 diff=0
    2014:03:17-09:40:07 fw002 red_server[30850]: A30000******xx: PONG local_tx=0
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: command 'PING 1'
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: PING remote_tx=1 local_rx=0 diff=1
    2014:03:17-09:40:24 fw002 red_server[30850]: A30000******xx: PONG local_tx=1
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: command 'PING 2'
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: PING remote_tx=2 local_rx=0 diff=2
    2014:03:17-09:40:40 fw002 red_server[30850]: A30000******xx: PONG local_tx=2
    2014:03:17-09:41:01 fw002 red_server[30850]: A30000******xx: No in-tunnel frame for 60 seconds, exiting.
    2014:03:17-09:41:01 fw002 red_server[30850]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A30000******xx" forced="0"
    2014:03:17-09:41:01 fw002 red_server[30850]: A30000******xx is disconnected.
    2014:03:17-09:41:07 fw002 red_server[30954]: SELF: New connection from ***.***.***.*** with ID A30000******xx (cipher RC4-SHA), rev1
    2014:03:17-09:41:07 fw002 redctl[30956]: key length: 32
    2014:03:17-09:41:07 fw002 redctl[30957]: key length: 32
    2014:03:17-09:41:07 fw002 red_server[30954]: A30000******xx: connected OK, pushing config
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: command 'PING 0'
    2014:03:17-09:41:15 fw002 red_server[30954]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: PING remote_tx=0 local_rx=0 diff=0
    2014:03:17-09:41:15 fw002 red_server[30954]: A30000******xx: PONG local_tx=0
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: command 'PING 1'
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: PING remote_tx=1 local_rx=0 diff=1
    2014:03:17-09:41:31 fw002 red_server[30954]: A30000******xx: PONG local_tx=1
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: command 'PING 2'
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: PING remote_tx=2 local_rx=0 diff=2
    2014:03:17-09:41:47 fw002 red_server[30954]: A30000******xx: PONG local_tx=2
    2014:03:17-09:42:08 fw002 red_server[30954]: A30000******xx: No in-tunnel frame for 60 seconds, exiting.
    2014:03:17-09:42:08 fw002 red_server[30954]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A30000******xx" forced="0"
    2014:03:17-09:42:08 fw002 red_server[30954]: A30000******xx is disconnected.
    2014:03:17-09:42:14 fw002 red_server[31026]: SELF: New connection from ***.***.***.*** with ID A30000******xx (cipher RC4-SHA), rev1
    2014:03:17-09:42:14 fw002 redctl[31028]: key length: 32
    2014:03:17-09:42:14 fw002 redctl[31029]: key length: 32
    2014:03:17-09:42:14 fw002 red_server[31026]: A30000******xx: connected OK, pushing config
    2014:03:17-09:42:22 fw002 red_server[31026]: A30000******xx: command 'PING 0'
    2014:03:17-09:42:22 fw002 red_server[31026]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A30000******xx" forced="0"
Children
No Data