Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 815 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SD-RED 20 CONNECT AND DISCONNECT

support support18

Hi 

I've set up 2 reds in different branches , from sophos xg i can see the reds link going  UP for few time around 5min and it goes Down .
See in attachemernt 
Any help please how to approch this problem



This thread was automatically locked due to age.
  • 0

    Hi,

    Thank you for reaching out to Sophos Community.

    Can you check the red.log to see if there might be any information that might assist us to further check. 

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Erick Jan

    XG135_XN03_SFOS 19.0.0 GA-Build317# tail -f /log/red.log
    Wed Dec 28 12:59:51 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 12:59:53 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:00:21 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:00:23 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:00:36 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:00:38 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:01:07 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:01:09 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:01:23 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:01:24 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:01:25 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    execute_command_tcp: read(): Interrupted system call
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:02:42 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:02:44 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:03:26 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:03:27 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:03:28 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:03:30 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:04:12 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:04:14 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:04:15 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:04:17 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:04:57 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:06:11 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:06:13 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:06:26 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    Wed Dec 28 13:06:36 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:06:37 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:06:54 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:06:56 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:07:22 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:07:24 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:07:40 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:08:20 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:08:22 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:09:20 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:09:22 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:10:06 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:10:08 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:10:28 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:10:30 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:10:52 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:10:53 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:11:14 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:11:16 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:11:27 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    Wed Dec 28 13:11:36 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:11:38 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:12:54 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:12:56 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:13:40 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:13:41 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:13:42 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:13:43 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:14:26 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:14:26 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:14:27 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:14:28 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:15:12 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:15:14 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:16:20 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:16:22 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:16:28 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    Wed Dec 28 13:16:37 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:16:40 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:17:11 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:17:13 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:17:24 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:17:26 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:17:58 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:18:00 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:18:44 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:18:46 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:19:19 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:19:21 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:20:04 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:20:06 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:20:44 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:20:46 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:20:51 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:20:53 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:21:29 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    Wed Dec 28 13:21:30 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:21:32 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:22:15 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:22:17 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:22:45 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:22:47 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:23:32 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:23:34 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:24:15 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:24:17 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Wed Dec 28 13:24:18 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:24:19 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:25:01 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:25:41 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:25:43 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:26:16 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:26:18 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:26:30 2022Z REDD INFO: Red devices: Connected: 0 Disconnected 2 En
    abled: 2 Disabled: 0
    Wed Dec 28 13:26:39 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:26:41 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:27:25 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:27:27 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:27:41 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:27:43 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:28:27 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:28:29 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:29:12 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.117.90.115': SSL accept attempt failed
    Wed Dec 28 13:29:14 2022Z REDD INFO: server: New connection from 196.117.90.115
    with ID R20003XFP9R32B3 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Wed Dec 28 13:29:24 2022Z REDD ERROR: server: Can not do SSL handshake on Socket
    accept from '196.70.26.10': SSL accept attempt failed
    Wed Dec 28 13:29:26 2022Z REDD INFO: server: New connection from 196.70.26.10 wi
    th ID R20003XQHDFWBD4 (cipher ECDHE-RSA-AES256-GCM-SHA384), rev1
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:
    Reading REDv2 key from STDIN:

  • 0 in reply to support support18

    is your red firmware on XG up2 date?

    Please post SFOS Version and current RED Firmware.

    Can not do SSL handshake sounds like one side is not accepting the Cipher ECDHE-RSA-AES256-GCM-SHA384 or Hostname

    I would dump the connection attempt:

    tcpdump -i any host 196.117.90.115 -n -w /tmp/red.pcap

    download the file from XG with scp tools and and analyze that file in wireshark

    I suggest, you remove some company details from your screenshots.

  • 0 in reply to support support18

    Hey  , Please share us the syslog.log !

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML