Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 1094 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED Devices WiFi not working

BeEf

Hi,

we are currently migrating some RED 15w devices from Sophos SG to Sophos XG.

Our setup is follows:

- Each RED Device is in a seperate /28 subnet

- On REDs with split tunnel I configured the magic Wifi IP 1.2.3.4

- A few REDs tunnel all neworks to the Sophos XG (no split tunnel)

- The DHCP Server is running on a Windows Server

- For each RED subnet there is an Option 234 configured which points to the default gateway of the small RED network i.E. the firewall IP in the network. (I don't think that this is really necessarry but I am not 100% sure. Maybe somebody knows ??

- Configured a relay agent on the Sophos XG to point to the windows DHCP server.

- The country of the WiFi channel is configured to Germany.


Status:

- All REDs are working on Cable/LAN side.

- But only a few work on the WiFi side. I can not figure out the setting that let some devices run and some not.

- The ones that are not running reserve an IP for the WLAN Controller on the DHCP Server of the windows server. However they can not be activated (should happen automatically i guess). Is this correct?

- If I delete the WLAN Controller it comes up in the section "Pending Access Point"  next time and can be accepted. It is accepted right after the configuration as well. Although there is an IP reserveration for the wifi controller and the lan is working the Wifi stays silent (I configured a group with WPA2 and WPA2 Enterprise - either both are working or none).

- A restart of  the access points do not help.

In the screenshot below the first Wifi is working. The second and the last ones are not. The third was online some hours ago.



I can not figure out why some Wifis are working and some not. Besides the networks in the standard/split tunnel (and standard/unified) mode (always containing the network of the DHCP servers) I find no other differences between the configuration.

I also tried this with a local DHCP and I see the same effects (some wifi working and some are not).

What is the issue here?
How can I get more Information for troubleshooting?


I also noticed some losses of pings (2-3) when I switch off or switch on one these REDs (although they all have a different networks and are not organised in bridge). Is this the normal behaviour?

Regards,
BeEf





This thread was automatically locked due to age.
  • 0

    Hello BeEf,

    Thank you for contacting the Sophos Community.

    Do the RED.log and CSC.log show something?

    Regards,

  • 0 in reply to emmosophos

    1) red.log (boot cycle of RED A36027AB0344C1A)

    Wed Apr 28 10:08:03 2021 REDD INFO: Red devices: Connected: 5 Disconnected 2 Enabled: 7 Disabled: 0
    Wed Apr 28 10:13:04 2021 REDD INFO: Red devices: Connected: 4 Disconnected 3 Enabled: 7 Disabled: 0
    Wed Apr 28 10:13:41 2021 REDD INFO: server: New connection from 87.123.167.60 with ID A36027AB0344C1A (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Apr 28 10:18:05 2021 REDD INFO: Red devices: Connected: 5 Disconnected 2 Enabled: 7 Disabled: 0
    Wed Apr 28 10:23:06 2021 REDD INFO: Red devices: Connected: 5 Disconnected 2 Enabled: 7 Disabled: 0
    Wed Apr 28 10:28:07 2021 REDD INFO: Red devices: Connected: 5 Disconnected 2 Enabled: 7 Disabled: 0

    2) csc.log

    The csc.log seems to be in some kind of debug mode. Loads of entries. How do I find what to switch off to get rid of these and how do I switch on the ones that are relevant for the problem?

  • 0 in reply to BeEf

    Hello BeEf,

    Thank you for the follow-up.

    By running this command, you can see if the CSC is in debug Mode:

    # grep Toggling csc.log | grep listener

    Unfortunately, this is the brain of the XG so all information passes through this log.

    Take a look at this KB, for the wireless part.

    I forgot to add 

    /log/syslog.log

    Is it possible for you to configure the XG as a DHCP server for one of the devices that is failing the wireless part?

    Regards,

  • 0 in reply to emmosophos

    Hello Emmanuel,

    thank you for your help:

    - I have working and non working RED APs and was not able to find out the relevant difference in config.

    - The command:

    grep Toggling csc.log | grep listener

    shows nothing. So we are NOT in Debug mode?

    However - there are Info and Debug lines ind the output of csc.log.

    ....
    DEBUG Apr 29 15:25:02 [listener:1998]: csc_socketpair called: biggest fd is 110
    DEBUG Apr 29 15:25:02 [listener:1998]: Realising worker 27842
    DEBUG Apr 29 15:25:02 [heartbeat_ipset:27840]: init_db_handle_pl: Initializing DBI DB handle
    INFO Apr 29 15:25:02 [heartbeat_ipset:27840]: creating json object
    INFO Apr 29 15:25:02 [heartbeat_ipset:27840]: TRYLOCK: 1
    ...

    How can / should we switch the mode?

    - Thanks for the link to the document. I did not know that (instead of that some community threads with single topics). It's lenghty and I will check all points for a working and nonworking RED WiFi next week.

    - I tried this with DHCP Forwarding and local DHCP. If the AP is not working it is not working in both cases. Also Standard/Split and Standard/Unified seems not to be the difference.

    Regards,
    BeEf

  • 0 in reply to BeEf

    Hello BeEF,

    To enable debug mode run

    #csc custom debug

    Regards,