Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 3898 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to Site RED to UTM stopped working

JensStraten

While sorting out some HTTPS scanning configuration exceptions, I found that my Site to Site RED tunnel connecting my XG to a UTM stopped working.

Oddly enough the RED interface continues to show as connected on the server side. I can also see some traffic going from the LAN to RED, but I don't see any traffic going from RED to LAN.

The RED server log on the UTM shows the following:

2017:04:20-12:36:06 vpn red_server[6574]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="32155273a0eadcf" forced="0"
2017:04:20-12:36:06 vpn red_server[6574]: 32155273a0eadcf: PING remote_tx=0 local_rx=0 diff=0
2017:04:20-12:36:06 vpn red_server[6574]: 32155273a0eadcf: PONG local_tx=0
2017:04:20-12:36:07 vpn red_server[4150]: SELF: (Re-)loading device configurations
2017:04:20-12:36:22 vpn red_server[6574]: 32155273a0eadcf: command 'PING 7'
2017:04:20-12:36:22 vpn red_server[6574]: 32155273a0eadcf: PING remote_tx=7 local_rx=7 diff=0
2017:04:20-12:36:22 vpn red_server[6574]: 32155273a0eadcf: PONG local_tx=17
2017:04:20-12:36:39 vpn red_server[6574]: 32155273a0eadcf: command 'PING 15'
2017:04:20-12:36:39 vpn red_server[6574]: 32155273a0eadcf: PING remote_tx=15 local_rx=16 diff=-1
2017:04:20-12:36:39 vpn red_server[6574]: 32155273a0eadcf: PONG local_tx=31
2017:04:20-12:36:55 vpn red_server[6574]: 32155273a0eadcf: command 'PING 28'
2017:04:20-12:36:55 vpn red_server[6574]: 32155273a0eadcf: PING remote_tx=28 local_rx=28 diff=0
2017:04:20-12:36:55 vpn red_server[6574]: 32155273a0eadcf: PONG local_tx=44
2017:04:20-12:37:11 vpn red_server[6574]: 32155273a0eadcf: command 'PING 41'
2017:04:20-12:37:11 vpn red_server[6574]: 32155273a0eadcf: PING remote_tx=41 local_rx=41 diff=0
2017:04:20-12:37:11 vpn red_server[6574]: 32155273a0eadcf: PONG local_tx=60
2017:04:20-12:37:16 vpn red_server[6849]: SELF: New connection from 73.x.y.z with ID 32155273a0eadcf (cipher AES128-SHA256), rev1<30>Apr 20 12:37:16 red_server[6849]: 32155273a0eadcf: already connected, releasing old connection.
2017:04:20-12:37:16 vpn red_server[6574]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="32155273a0eadcf" forced="1"
2017:04:20-12:37:16 vpn red_server[6574]: 32155273a0eadcf is disconnected.
2017:04:20-12:37:16 vpn red_server[4150]: SELF: (Re-)loading device configurations
2017:04:20-12:37:17 vpn redctl[6872]: key length: 32
2017:04:20-12:37:17 vpn redctl[6876]: key length: 32
2017:04:20-12:37:17 vpn red_server[6849]: 32155273a0eadcf: connected OK, pushing config
2017:04:20-12:37:18 vpn red_server[6849]: 32155273a0eadcf: command 'PING 0'
2017:04:20-12:37:18 vpn red_server[6849]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="32155273a0eadcf" forced="0"
2017:04:20-12:37:18 vpn red_server[6849]: 32155273a0eadcf: PING remote_tx=0 local_rx=1 diff=-1
2017:04:20-12:37:18 vpn red_server[6849]: 32155273a0eadcf: PONG local_tx=1
2017:04:20-12:37:18 vpn red_server[4150]: SELF: (Re-)loading device configurations
 
 
It seems that that the UTM receives the RED connection request from the XG, but I guess the XG never receives the "handshake" to confirm the connection.
 
I am puzzled. This has been working for quite some time and I haven't touched the RED interfaces at all.
 
What could be wrong? Thank you!


This thread was automatically locked due to age.