This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro Red 10 (rev 2) not working after UTM upgrade

We recently upgraded from an Astaro ASG 220 to a Sophos SG 230. An attached Astaro RED 10 (rev 2) had been working. The RED was deployed on the SG 230 in standard/unified mode using the old unlock code and was accepted by the UTM. I applied the correct firewall rule (no Masquarading rule needed). The blink codes on the RED indicate a normal boot state all the way to a solid Internet  light ("Internet reachable, establishing a tunnel") then just keeps rebooting. This is the live log:

2016:07:06-12:09:27 gblasg red_server[30437]: SELF: Overlay-fw has been updated ...
2016:07:06-12:09:27 gblasg red_server[30608]: UPLOAD: Uploader process starting
2016:07:06-12:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:09:27 gblasg red_server[30437]: XXXXXXXXXXXXXXXX: New device
2016:07:06-12:09:27 gblasg red_server[30437]: XXXXXXXXXXXXXXXX: Staging config for upload
2016:07:06-12:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:09:38 gblasg red_server[30608]: UPLOAD: [XXXXXXXXXXXXXXXX] Uploaded config to registry service
2016:07:06-12:45:11 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:57:50 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-14:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations

I set the firewall rule to log traffic but do not see any, yet I can ping the RED IP address with no drops. The RED is located in FL and I had heard that there may be an issue with Comcast & REDs. I tried a power off/on to no avail. Anything?

Thanks... Tom



This thread was automatically locked due to age.
Parents
  • Hi Tom,

    Make sure UDP port 3400 is open, which is the communication port for RED 30. To verify, take SSH to UTM and type "tcpdump -nei any port 3400".

    Drop a mail to support team (support@sophos.com) to get the unlock code for RED. 

    Turn off RED globally on UTM and redeploy the server configuration.

    Hope that helps.

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • • Port 3400 TCP/UDP was open

    • I had a valid unlock code

    • I Tried re-deploying the RED 10 and got the following live log (ID blocked):

    2016:07:07-16:16:03 gblasg redctl[27104]: 10.254.254.254
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev1 version set to 14
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev2 version set to 2005R2
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev2 local version set to 5023aR2
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED15 fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED15w fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED50 fw version set to 2005
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED50 local fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: IO::Socket::SSL Version: 1.953
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: Startup - waiting 15 seconds ...
    2016:07:07-16:16:18 gblasg red_server[27295]: UPLOAD: Uploader process starting
    2016:07:07-16:16:18 gblasg red_server[27128]: SELF: (Re-)loading device configurations
    2016:07:07-16:16:18 gblasg red_server[27128]: XXXXXXXXXXXXXXXX: New device
    2016:07:07-16:16:18 gblasg red_server[27128]: XXXXXXXXXXXXXXXX: Staging config for upload
    2016:07:07-16:16:18 gblasg red_server[27128]: SELF: (Re-)loading device configurations
    2016:07:07-16:16:24 gblasg red_server[27295]: UPLOAD: [XXXXXXXXXXXXXXXX] Uploaded config to registry service

    The UTM dashboard shows - State: up  Link: Down - and I can still ping the RED with no problem. Things are basically the same as my original post and the RED keeps rebooting just as it's about to establish a tunnel.

    Do you think that port 3400 may be blocked on the RED side? I don't see how it would be since it's a residence (home office) with no special firewall in place.

    Tom

Reply
  • • Port 3400 TCP/UDP was open

    • I had a valid unlock code

    • I Tried re-deploying the RED 10 and got the following live log (ID blocked):

    2016:07:07-16:16:03 gblasg redctl[27104]: 10.254.254.254
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev1 version set to 14
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev2 version set to 2005R2
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED10rev2 local version set to 5023aR2
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED15 fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED15w fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED50 fw version set to 2005
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: RED50 local fw version set to 5023a
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: IO::Socket::SSL Version: 1.953
    2016:07:07-16:16:03 gblasg red_server[27128]: SELF: Startup - waiting 15 seconds ...
    2016:07:07-16:16:18 gblasg red_server[27295]: UPLOAD: Uploader process starting
    2016:07:07-16:16:18 gblasg red_server[27128]: SELF: (Re-)loading device configurations
    2016:07:07-16:16:18 gblasg red_server[27128]: XXXXXXXXXXXXXXXX: New device
    2016:07:07-16:16:18 gblasg red_server[27128]: XXXXXXXXXXXXXXXX: Staging config for upload
    2016:07:07-16:16:18 gblasg red_server[27128]: SELF: (Re-)loading device configurations
    2016:07:07-16:16:24 gblasg red_server[27295]: UPLOAD: [XXXXXXXXXXXXXXXX] Uploaded config to registry service

    The UTM dashboard shows - State: up  Link: Down - and I can still ping the RED with no problem. Things are basically the same as my original post and the RED keeps rebooting just as it's about to establish a tunnel.

    Do you think that port 3400 may be blocked on the RED side? I don't see how it would be since it's a residence (home office) with no special firewall in place.

    Tom

Children
No Data