SD-RED 60 connected but no traffic, possibly DHCP issue

We have a Sophos XG 210 running firmware 18.0.4 MR-4 with quite a few VPN tunnels and so far 8 RED devices attached running firmware 3.0.004. The REDs are working well unless we have the machines behind the RED configured with DHCP. This is a guess at this point because we're struggling getting to the bottom of the issue. Below is the log.

We do know that pulling the power on the RED fixes the issue even though it appears to be connected prior to the power reset. We've since added email alerts on a disconnected RED, but I suspect the connection is there but it's not allowing some traffic through.

The REDs are all bridged into a single interface, so a single DHCP pool serves all the devices. The REDs themselves are configured with a static public IP address and we only have 2-3 devices behind each one.

Has anyone else had DHCP problems with RED devices? 

Fri Feb 19 18:04:25 2021 REDD INFO SerialNumber/LocationName transfered bytes TX: 9235344 RX: 2165780
Fri Feb 19 18:04:33 2021 REDD INFO command '{"data":{"seq":7922},"type":"PING"}'
Fri Feb 19 18:04:33 2021 REDD INFO Sending json message {"type":"PONG","data":{"seq":7922}}
Fri Feb 19 18:09:26 2021 REDD INFO SerialNumber/LocationName transfered bytes TX: 19535120 RX: 4083252
Fri Feb 19 18:09:37 2021 REDD INFO command '{"data":{"seq":7941},"type":"PING"}'
Fri Feb 19 18:09:37 2021 REDD INFO Sending json message {"data":{"seq":7941},"type":"PONG"}
Fri Feb 19 18:14:09 2021 REDD INFO Sending json message {"data":{"seq":7958},"type":"PONG"}
Fri Feb 19 18:14:27 2021 REDD INFO SerialNumber/LocationName transfered bytes TX: 144096 RX: 39916
Fri Feb 19 18:19:27 2021 REDD INFO command '{"data":{"poe_chip_status":{"type":"chip","id":46,"totalPower":0,"totalPowerReg":0,"temperature":57.48,"volt":53.46027,"totalPowerCalc":0,"maxTotalPower":34,"firmware":12}},"type":"STATUS"}'
Fri Feb 19 18:19:28 2021 REDD INFO SerialNumber/LocationName transfered bytes TX: 194240 RX: 39984
Fri Feb 19 18:21:51 2021 REDD INFO command '{"data":{"key_active":1,"key0":"Very_Long_Key"},"type":"SET_KEY_REQ"}'
Fri Feb 19 18:21:51 2021 REDD INFO Sending json message {"type":"SET_KEY_REP","data":{}}
Fri Feb 19 20:12:21 2021 REDD INFO No ping for 30 seconds, exiting.
Fri Feb 19 20:12:21 2021 REDD INFO SerialNumber/LocationName is now disconnected
Fri Feb 19 20:12:21 2021 REDD INFO device is disconnected.
Fri Feb 19 20:14:36 2021 REDD INFO server: New connection from IP_Number (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
Fri Feb 19 20:14:37 2021 REDD INFO connected OK, pushing config
Fri Feb 19 20:14:37 2021 REDD INFO command '{"data":{"version":"0"},"type":"INIT_CONNECTION"}'
Fri Feb 19 20:14:37 2021 REDD INFO Initializing connection running protocol version 0
Fri Feb 19 20:14:37 2021 REDD INFO Sending json message {"data":{},"type":"WELCOME"}
Fri Feb 19 20:14:38 2021 REDD INFO command '{"data":{"poe_port1_status":{"current":0,"FETok":true,"detectionOn":false,"pdstate":0,"port":1,"pdclass":-3,"classificationOn":false,"classFail":false,"TPPL":0,"good":false,"type":"port","prio
rity_str":"high","PMoff":false,"MSCCcap":false,"priority":0,"mode":0,"pdstate_str":"unknown","volt":0,"PPL":0,"pdclass_power_limit":0,"FEToverTemp":false,"isAT":false,"power":false,"watt":0,"mode_str":"shutdown"},"poe_port2_status":{"cu
rrent":0,"FETok":true,"detectionOn":false,"pdstate":0,"priority_str":"low","pdclass":-3,"classificationOn":false,"classFail":true,"TPPL":0,"good":false,"type":"port","port":2,"PMoff":false,"MSCCcap":false,"watt":0,"power":false,"PPL":0,
"FEToverTemp":false,"isAT":false,"pdclass_power_limit":0,"volt":0,"pdstate_str":"unknown","mode":0,"priority":2,"mode_str":"shutdown"},"poe_chip_status":{"type":"chip","id":46,"totalPower":0,"totalPowerReg":0,"temperature":52.68,"volt":
53.4486,"totalPowerCalc":0,"maxTotalPower":34,"firmware":12}},"type":"STATUS"}'
Fri Feb 19 20:14:39 2021 REDD INFO command '{"data":{},"type":"CONFIG_REQ"}'
Fri Feb 19 20:14:39 2021 REDD INFO Sending json message {"type":"CONFIG_REP","data":{"manual2_address":"","poe_port2":0,"htp_port":"4444","hub_hostname":"HUB_IP","uplink_mode":"manual","unlock_code":"46ctci38","lanport_mode":"swi
tch","red_id":"SerialNumber","lan4_mode":"unused","tunnel_id":9,"manual2_dns":"","manual_defgw":"RED_IP","tunnel_compression":0,"lan1_vids":"","htp_server":"HUB_IP","lan3_mode":"unused","hub2_hostname":"","mobile_netwo
rk":"gsm","apn":"","fullbr_dns":"","prev_unlock_code":"","manual2_defgw":"","debug_level":0,"route_mode":"default","asg_ca":"[removed]","asg_key":"[removed]","manual_address":"IP_Number","bridge_proto":"none","lan2_vids":"","lan2_m
ode":"unused","redinterface":"reds9","manual_dns":"DNS_IP","responsivity":"low","bridge_netmask":24,"pin":"NULL","bridge_address":"0.0.0.0","mac":"MAC_ADDRESS","split_networks":"1.2.3.4","tunnel_compression_algorithm":"lzo",
"version_ng_red60":"1-1117-3aa1e7992-fda4803","asg_cert":"[removed]","branchname":"LocationName","fullbr_domains":"","lan4_vids":"","uplink_balancing":"failover","lan3_vids":"","manual2_netmask":"","password":"","version_red60":"1-1117-3a
a1e7992-fda4803","activate_modem":0,"hostname_balancing":"failover","poe_port1":0,"mac_filter_list":"","mac_filter_type":"none","manual_netmask":27,"dial_string":"*99#","username":"","deployment_mode":"online","lan1_mode":"unused","upli
nk2_mode":"dhcp","type":"red60"}}
Fri Feb 19 20:14:42 2021 REDD INFO command '{"data":{"key1":"Very_Long_Key","key0":"Very_Long_Key","key_active":0},"type":"SET_KEY_REQ"}'
Fri Feb 19 20:14:42 2021 REDD INFO Sending json message {"data":{},"type":"SET_KEY_REP"}
Fri Feb 19 20:14:43 2021 REDD INFO command '{"data":{"seq":0},"type":"PING"}'
Fri Feb 19 20:14:43 2021 REDD INFO SerialNumber/LocationName is now re-connected after 173000 ms
Fri Feb 19 20:14:43 2021 REDD INFO Sending json message {"type":"PONG","data":{"seq":0}}
Fri Feb 19 20:14:44 2021 REDD INFO command '{"data":{"switch_port_status_v2":{"lan3":"1Gb\/s","lan1":"Down","lan4":"1Gb\/s","lan2":"1Gb\/s"},"wan1_ip":"IP_Number","uplink":"WAN1","uplink_state":"0"},"type":"STATUS"}'
Fri Feb 19 20:14:51 2021 REDD INFO SerialNumber/LocationName transfered bytes TX: 405280 RX: 171756
Fri Feb 19 20:14:59 2021 REDD INFO command '{"data":{"seq":1},"type":"PING"}'
Fri Feb 19 20:14:59 2021 REDD INFO Sending json message {"data":{"seq":1},"type":"PONG"}
Fri Feb 19 20:15:08 2021 REDD INFO command '{"data":{"poe_chip_status":{"type":"chip","id":46,"totalPower":0,"totalPowerReg":0,"temperature":54.6,"volt":53.477775,"totalPowerCalc":0,"maxTotalPower":34,"firmware":12}},"type":"STATUS"}'
Fri Feb 19 20:15:15 2021 REDD INFO command '{"data":{"seq":2},"type":"PING"}'
Fri Feb 19 20:15:15 2021 REDD INFO Sending json message {"type":"PONG","data":{"seq":2}}
Fri Feb 19 20:15:31 2021 REDD INFO command '{"data":{"seq":3},"type":"PING"}'
Fri Feb 19 20:15:31 2021 REDD INFO Sending json message {"type":"PONG","data":{"seq":3}}



Edited TAGs
[edited by: emmosophos at 7:42 PM (GMT -8) on 22 Feb 2021]
Parents
  • Hello Brandon,

    Thank you for contacting the Sophos Community.

    What mode is the RED deployed?

    Depending on your above answer, does the traffic stops even for traffic directed to the internet or only to resources on the XG side?

    Can you share a screenshot of your Bridge RED configuration?

    If you a Packet Capture on the GUI og the XG when the issue is present, do you see traffic arriving to the XG?

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • Hello Brandon,

    Thank you for contacting the Sophos Community.

    What mode is the RED deployed?

    Depending on your above answer, does the traffic stops even for traffic directed to the internet or only to resources on the XG side?

    Can you share a screenshot of your Bridge RED configuration?

    If you a Packet Capture on the GUI og the XG when the issue is present, do you see traffic arriving to the XG?

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children