Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 4524 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Red what does the command PING mean? Different values for red10 and red15?

ITSupport7

Hi,

we have 2 Red in use, a red 10 (ending with 87C being at a distance of around 14.000KM working very well with VoIP and virtual desktops) and a RED15 (at a distance of 300km within Germany ending with C85 where the telephones always disconnect). Since the update to 9.408-4 the red15 looked stable in the logs, but it always disconnected the VoIP-Telephones every 30 to 90 Minutes. We tried a downgrade to 9.407-3, but it didn´t solve the problem. Searching for the problem, I found out, that the Red10 and the Red15 get different command 'PING' in the red-log, see for your self (red10, stable, ending with 87C distance app. 14.000km, red15, unstable, ending with C85, distance app. 300km):

2016:12:07-20:02:22 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:02:22 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:02:22 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
2016:12:07-20:02:37 vezengw01 red_server[29585]: A3200CA1E64587C: command 'PING 205 uplink=WAN'
2016:12:07-20:02:37 vezengw01 red_server[29585]: A3200CA1E64587C: PING remote_tx=205 local_rx=205 diff=0
2016:12:07-20:02:37 vezengw01 red_server[29585]: A3200CA1E64587C: PONG local_tx=195
2016:12:07-20:02:37 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:02:37 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:02:37 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
2016:12:07-20:02:52 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:02:52 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:02:52 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
2016:12:07-20:02:53 vezengw01 red_server[29585]: A3200CA1E64587C: command 'PING 206 uplink=WAN'
2016:12:07-20:02:53 vezengw01 red_server[29585]: A3200CA1E64587C: PING remote_tx=206 local_rx=206 diff=0
2016:12:07-20:02:53 vezengw01 red_server[29585]: A3200CA1E64587C: PONG local_tx=196
2016:12:07-20:03:07 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:03:07 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:03:07 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
2016:12:07-20:03:09 vezengw01 red_server[29585]: A3200CA1E64587C: command 'PING 210 uplink=WAN'
2016:12:07-20:03:09 vezengw01 red_server[29585]: A3200CA1E64587C: PING remote_tx=210 local_rx=210 diff=0
2016:12:07-20:03:09 vezengw01 red_server[29585]: A3200CA1E64587C: PONG local_tx=202
2016:12:07-20:03:23 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:03:23 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:03:23 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
2016:12:07-20:03:25 vezengw01 red_server[29585]: A3200CA1E64587C: command 'PING 212 uplink=WAN'
2016:12:07-20:03:25 vezengw01 red_server[29585]: A3200CA1E64587C: PING remote_tx=212 local_rx=212 diff=0
2016:12:07-20:03:25 vezengw01 red_server[29585]: A3200CA1E64587C: PONG local_tx=203
2016:12:07-20:03:37 vezengw01 red_server[7113]: A350193CEC71C85: command 'PING 0 uplink=WAN'
2016:12:07-20:03:37 vezengw01 red_server[7113]: A350193CEC71C85: PING remote_tx=0 local_rx=0 diff=0
2016:12:07-20:03:37 vezengw01 red_server[7113]: A350193CEC71C85: PONG local_tx=0
 
The tunnel says its always up, but the telefones on the red15 still disconnect from time to time (between 30 Minutes and 90 minutes). We tried with different internet connections on the red (different providers), any idea what this could be? Does anyone know the syntax of the PING command?
 
Thanks a lot in advance and best regards,
 
Michael Hess


This thread was automatically locked due to age.
  • 0

    Hi, Michael, and welcome to the UTM Community!

    Does #1 in Rulz help you find the problem?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

     

    thanks for the answer. I have defined exceptions on all the IPS stuff (all I can tick) and I do not see anything in the logs. Also I have defined QoS equal for both devices but the problem still exists with the RED15 (the connection of the telephone is lost from time to time). The RED10 works fine and I do not have any problem with that. The only difference I have found is the PING commands, that one red always counts up the PINGs an the other always sends PING 0.

    Do you know if there is any way that I can flash a RED back to an older version? I would like to flash it with the version of UTM 9.407-3 as with that version everything was okay. I downgraded the UTM, but does this downgrade the RED as well?

    Best regards,

     

    Michael

  • 0 in reply to ITSupport7

    hi Michael,

    If the RED tunnels are UP and if you see no suspicious logs after following Bob's guide then I suspect that the issue is from the UTM's end.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Unfiltered HTML