SD-RED 60 (WLAN) und APX-320 - Wireless & Routing/Routen problem (2 Probleme)

hier noch die RED-Konfig

die war ich Euch noch schuldig ;-)

Hallo,

(Sorry, my German-speaking brain isn't creating thoughts at the moment. )

You're right, that all looks like it should work all the time.  Are you seeing any related blocks in the firewall log?  1.2.3.4? Ports 3400 or 3410?  What about the wireless log?

MfG - Bob (Bitte auf Deutsch weiterhin.)

Hi Bob,

I partially solved this problem till like 3am in the morning (tested 4 different RED-Devices on 3 different UTM-Firewalls)

Thanks for tip: I've checked the firewall log for anything. I didn't find any blocked Packets in the traces :-(

There are 5 more RED-Devices connected to this firewall. I even moved/provisioned this particular RED-Device to/at another UTM and compared the different behavior. Still no change in any tried option.

FUN-Fact - I found out how to make the internal WiFi-Access-Point usable:

One thing i found out about those new RED-Devices (in comparisson to other RED-Devices (I have a RED15, RED15w and a RED50 for testing here).

- You can use the internal AP by having an Ethernet-Interface (no VLAN) on the redsXX-Interface enabled
  (with internal DHCP and AP-registration allowed)
  Than the AP is appearing and you can provision it as usual

My Workaround for the customer now is very crude, but the RED-Device has to ship today :-(

1. I have an Ethernet-Interface (untagged) on the reds5 Interface in UTM (NOT on the RED-Config itself - just for the internal AP)
2. I have 3 VLAN-Interfaces (tagged) on the reds5-Interface in UTM (also in the RED-Provisioning-Config)
3. I use a Aruba-Switch to make use of those VLANs (on a single Uplink interface)
4. the external APX-320 runs now connected to one port of the aruba switch (DHCP & Registration allowed on VLAN-Interface)
5. After a reconnect i manually disable the VLAN-Interfaces and reactivate those to create the connected-routes on the reds5-Interface

Still one problem remains with me:

==> UTM does not create "connected"-routes for the RED-Device after a reconnect is happening

==> Hell: I even created static routes for those VLAN-Interfaces on the RED-Device, but it does not help as those do not start to work when the RED-Device reconnects :-(

I even tried using all Interfaces as VLANs in SD-RED-Switch-Mode (not VLAN-Mode) like you could do on a RED10 oder RED15(w) Device, but than NO packet runs on the RED-Tunnel to the SD-RED! There seems to be something like a VLAN-TAG-Filter...

- Is this now a software-bug in the red-devices or a problem with the UTM-Firmware (being incompatible with the SD-RED-Devices)?
- Is this happening on SD-RED 20 Devices as well?

I hope someone can clear some things for me up.
BTW: Sophos Case is opened (03****88) by use of the new Support-Portal, but noone has contacted me about that for more than 2 days. (not even a first contact, only the email .... thank you for contacting sophos bla bla bla ...) Case is on the 3rd day now.

Immer noch nichts von Sophos gehört?

MfG - Bob

Doch, vor ca. 2 Stunden sind "die" aufgewacht.

Habe dem Support geantwortet, dass ich morgen früh ab 8:00 im Büro bin und man mich anrufen soll.
Ich warte und bin bereit ;-)

Doch, vor ca. 2 Stunden sind "die" aufgewacht.

Habe dem Support geantwortet, dass ich morgen früh ab 8:00 im Büro bin und man mich anrufen soll.
Ich warte und bin bereit ;-)