This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Xg - Red connection issue between sites

Hello community,

we use the red connection to make the connection between our main Sophos XG 330 and other Sophos XG 105 for small site. For a particular site in Morocco we use a XG 106 but the red is very instable, there are many problem of connection. It's strange because the RED connection is UP but for unknown reason, no traffic pass (no denied). I created a drop rules top down of all rules to see all denied access.

For all site, we don't need to open any ports to establish the red connection, is it possible that the connection is UP but no traffic due to port issue??

NO error in the log on each Firewall from site A or B :(

Thank you !

This thread was automatically locked due to age.

Parents

0 LuCar Toni over 4 years ago

There could be different issues.

One: The routing is not correct and XG is not sending the traffic through the routing interface.

Two: There is a issue with a Firewall rule and the traffic is dropped

third: there could be a configuration issue with the RED tunnel.

Check 1-2 with board tools as you check packet capture etc.

If you want to check 3:

Try to: Disable RED Compression on both XGs.

Do you use V18 on this Firewalls? Try to disable firewall-acceleration on console.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 LuCar Toni over 4 years ago

There could be different issues.

One: The routing is not correct and XG is not sending the traffic through the routing interface.

Two: There is a issue with a Firewall rule and the traffic is dropped

third: there could be a configuration issue with the RED tunnel.

Check 1-2 with board tools as you check packet capture etc.

If you want to check 3:

Try to: Disable RED Compression on both XGs.

Do you use V18 on this Firewalls? Try to disable firewall-acceleration on console.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Julian Cast over 4 years ago in reply to LuCar Toni

Hi !

Routing and rules is correct => I created drop rules in the top down and i see all dropped packet.

The strange behavior is it's working during many days and it's stopped for unknown reason.

I found this link https://support.sophos.com/support/s/article/KB-000036699#RED-ports and i open the port 3400 TCP/UDP and 3410 UDP.

Actually it's working fine. I will closely follow it.

Yes V18 all firewall are up to date.

THank you for your reply !
Cancel
Vote Up 0 Vote Down

Cancel