Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 782 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall and RED 50 Gateway Change

nidz

Hi,

Good day... We have 3 Gateway in our Sophos XG Firewall, as shown in the attach picture. Now we are planning to cancel the current link which is Port2. Now we are planning to slowly move the existing RED 50 connection to other Gateway interface which would Port 8. We tried changing before but no luck. After we change the Gateway it displays only Got New Config in the RED 50 then it keeps on restarting only and cannot connect to the new Gateway.

Please we need you support.

STC-GW-40MB - Current RED 50 connected from branches

STC-GW-30MB - Proposed new connection for RED 50.

Thanks and Best Regards,

Nidzpar Mohammad Sali



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Have you tried to delete the configuration with the old gateway and re-configure it with the new one? 

    What do you see in the red logs? 

    Thanks,

  • 0 in reply to FormerMember

    Hi H_Patel,

    I already did that. Delete the RED 50 from the XG firewall then start adding it again. I even ask for the unlock code from the SOPHOS Support and they gave me the same that i have. After configuring the RED 50 with  the other IP ADDRESS of the Firewall it will just show me the message GOT NEW CONFIG from the RED Display then after that it will just do the  restart loop. But if i put the Previous IP of the Firewall RED 50 will connect immediately.

    How to check for the RED Logs?

    Thanks,

    Nidzpar

  • FormerMember
    +1 FormerMember in reply to nidz

    Hi ,

    Thank you for the update. 

    Check out the following document for more information:

    It might be possible that the ISP from the new gateway is blocking the UDP port 3400 or 3410, and the new configuration isn't pushed to the provisioning server. 

    Thanks,

  • 0 in reply to FormerMember

    Hi H_Patel,

    Thanks for the support. I just tried to change the connection of one of our RED 50 and check the log now.

    This is what shows in red.log

    Wed Jun 23 00:35:23 2021 REDD INFO: server: (Re-)loading device configurations
    Wed Jun 23 00:35:43 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Jun 23 00:36:29 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 00:40:34 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Jun 23 00:41:30 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 00:42:51 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Jun 23 00:45:05 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Jun 23 00:46:31 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 00:47:22 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:

    Thanks,

    Nidzpar

  • 0 in reply to FormerMember

    Hi H_Patel,

    Just for added information. I tried again this morning deleted the configuration for that certain RED.

    Here's the log.

    XG330_WP02_SFOS 18.0.5 MR-5-Build586# tail -f /log/red.log
    Reading REDv2 key from STDIN:
    Wed Jun 23 07:52:59 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 07:54:18 2021 REDD INFO: server: (Re-)loading device configurations
    Wed Jun 23 07:54:53 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:54:53 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:55:21 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:55:21 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:56:39 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:56:39 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:57:01 2021 REDD INFO: server: (Re-)loading device configurations
    Wed Jun 23 07:57:07 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:57:07 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:58:00 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 07:58:23 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:

    Thanks,

    Nidzpar

Reply
  • 0 in reply to FormerMember

    Hi H_Patel,

    Just for added information. I tried again this morning deleted the configuration for that certain RED.

    Here's the log.

    XG330_WP02_SFOS 18.0.5 MR-5-Build586# tail -f /log/red.log
    Reading REDv2 key from STDIN:
    Wed Jun 23 07:52:59 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 07:54:18 2021 REDD INFO: server: (Re-)loading device configurations
    Wed Jun 23 07:54:53 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:54:53 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:55:21 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:55:21 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:56:39 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:56:39 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:57:01 2021 REDD INFO: server: (Re-)loading device configurations
    Wed Jun 23 07:57:07 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Jun 23 07:57:07 2021 REDD INFO: server: no such client: A3400ED19460D26
    Wed Jun 23 07:58:00 2021 REDD INFO: Red devices: Connected: 24 Disconnected 2 Enabled: 26 Disabled: 0
    Wed Jun 23 07:58:23 2021 REDD INFO: server: New connection from 95.184.10.112 with ID A3400ED19460D26 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:

    Thanks,

    Nidzpar

Children
No Data