Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 6796 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro Red 10 (rev 2) not working after UTM upgrade

TomMorgan

We recently upgraded from an Astaro ASG 220 to a Sophos SG 230. An attached Astaro RED 10 (rev 2) had been working. The RED was deployed on the SG 230 in standard/unified mode using the old unlock code and was accepted by the UTM. I applied the correct firewall rule (no Masquarading rule needed). The blink codes on the RED indicate a normal boot state all the way to a solid Internet  light ("Internet reachable, establishing a tunnel") then just keeps rebooting. This is the live log:

2016:07:06-12:09:27 gblasg red_server[30437]: SELF: Overlay-fw has been updated ...
2016:07:06-12:09:27 gblasg red_server[30608]: UPLOAD: Uploader process starting
2016:07:06-12:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:09:27 gblasg red_server[30437]: XXXXXXXXXXXXXXXX: New device
2016:07:06-12:09:27 gblasg red_server[30437]: XXXXXXXXXXXXXXXX: Staging config for upload
2016:07:06-12:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:09:38 gblasg red_server[30608]: UPLOAD: [XXXXXXXXXXXXXXXX] Uploaded config to registry service
2016:07:06-12:45:11 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-12:57:50 gblasg red_server[30437]: SELF: (Re-)loading device configurations
2016:07:06-14:09:27 gblasg red_server[30437]: SELF: (Re-)loading device configurations

I set the firewall rule to log traffic but do not see any, yet I can ping the RED IP address with no drops. The RED is located in FL and I had heard that there may be an issue with Comcast & REDs. I tried a power off/on to no avail. Anything?

Thanks... Tom



This thread was automatically locked due to age.
Parents
  • 0

    I performed some tests on the remote end. Bypassing the RED, I can ping the provisioning server and the RedAlert utility is also able to connect on port 3400. But once we put the RED in the mix, there is no internet connection/no ping and RedAlert gives us this:

    Unable to locate RED provisioning server.

    Unable to resolve hostname.

    Socket Exception 10051: A socket operation was attempted to an unreachable network 184.72.39.13:3400

    Unable to Connect to RED service on host. (port 3400)

    There modem/router is an Arris TG162G supplied by Comcast. So now I'm wondering why will the modem/router allow connection to the provisioning server with the RED removed, then block it when the RED is attached? Do I need to forward 3400 TCP/UDP to the RED IP?  How else can I test this?

  • 0 in reply to TomMorgan

    Solution: The Hostname of the UTM was apparently not being recognized somewhere across the internet... I changed it to the external IP address and the RED suddenly became very chatty. A tunnel was established within 5+ minutes. No port forwarding on remote end or other changes necessary.

Reply
  • 0 in reply to TomMorgan

    Solution: The Hostname of the UTM was apparently not being recognized somewhere across the internet... I changed it to the external IP address and the RED suddenly became very chatty. A tunnel was established within 5+ minutes. No port forwarding on remote end or other changes necessary.

Children
No Data
Unfiltered HTML