Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 1387 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED lost after failing update; if located behind mobile network router

Bib
Hi,
this could be related to some existing threads linked below... anyhow, as they seem closed, but we're still experience problems, I open a new one:

2 of our 10 REDs sit behind an mobile network router. The connection is quite good (HSPA/LTE) and everything is fine.
But, every time the main ASG pushes an update to these REDs, they obviously seem to fail to download it, and keep stucked in an endless loop (while showing the LED 'knight rider' theme)
The only way to fix this is to competely detach the RED, and move it to another site with a wired connection (DSL). There, the update is done within seconds, and the RED is healthy again.

We've seen this behaviour with the following version shifts:
9.201023 > 9.203003 > 9.205012 > 9.206035 

The log example shows long delays upon the transfer of the update files. Even if everything (4 files) seem being transferred, the RED keeps offline after its reboot. 

[UPDATE OF THE ASG at 05:00]

2014:09:13-05:04:36 fw-ffm-1 red_server[10528]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A32005F4D155752" forced="0"

2014:09:13-05:04:36 fw-ffm-1 red_server[9835]: SELF: killing client A32005F4D155752

2014:09:13-05:04:38 fw-ffm-1 red_server[10528]: A32005F4D155752 is disconnected.

2014:09:13-05:05:05 fw-ffm-2 red_server[7465]: A32005F4D155752: New device

2014:09:13-05:05:05 fw-ffm-2 red_server[7465]: A32005F4D155752: Staging config for upload

2014:09:13-05:05:07 fw-ffm-2 red_server[9205]: SELF: New connection from 37.83.190.35 with ID A32005F4D155752 (cipher RC4-SHA), rev1

2014:09:13-05:05:07 fw-ffm-2 red_server[9205]: A32005F4D155752: connected OK, pushing config

2014:09:13-05:05:07 fw-ffm-2 red_server[9081]: UPLOAD: [A32005F4D155752] Uploaded config to registry service

2014:09:13-05:05:38 fw-ffm-2 red_server[9205]: A32005F4D155752: No ping for 30 seconds, exiting.

2014:09:13-05:05:38 fw-ffm-2 red_server[9205]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A32005F4D155752" forced="0"

2014:09:13-05:05:38 fw-ffm-2 red_server[9205]: A32005F4D155752 is disconnected.

2014:09:13-05:17:10 fw-ffm-2 red_server[7465]: SELF: killing client A32005F4D155752

2014:09:13-05:17:31 fw-ffm-1 red_server[9738]: A32005F4D155752: New device

2014:09:13-05:17:31 fw-ffm-1 red_server[9738]: A32005F4D155752: Staging config for upload

2014:09:13-05:17:34 fw-ffm-1 red_server[10517]: UPLOAD: [A32005F4D155752] Uploaded config to registry service

2014:09:13-05:27:41 fw-ffm-1 red_server[12577]: SELF: New connection from 37.83.190.35 with ID A32005F4D155752 (cipher RC4-SHA), rev1

2014:09:13-05:27:41 fw-ffm-1 red_server[12577]: A32005F4D155752: connected OK, pushing config

2014:09:13-05:27:46 fw-ffm-1 red_server[12577]: A32005F4D155752: command 'FWUPDATE device=RED10R2 version=3056R2'

2014:09:13-05:27:46 fw-ffm-1 red_server[12577]: A32005F4D155752: Sending /usr/share/red-firmware/userland-v3056R2 to device 

[LONG DELAY UPON TRANSFERRING]

2014:09:13-17:32:22 fw-ffm-1 red_server[12577]: A32005F4D155752: Sending /usr/share/red-firmware/userland-v3056R2.md5sum to device

2014:09:13-17:32:22 fw-ffm-1 red_server[12577]: A32005F4D155752: Sending /usr/share/red-firmware/zImage-v3056R2 to device

[LONG DELAY UPON TRANSFERRING]

2014:09:13-23:51:29 fw-ffm-1 red_server[12577]: A32005F4D155752: Sending /usr/share/red-firmware/zImage-v3056R2.md5sum to device

2014:09:13-23:51:29 fw-ffm-1 red_server[12577]: A32005F4D155752: New firmware sent to device, wait for reconnect.

[FILES SEEM TRANSFERRED COMPLETELY ?]

2014:09:13-23:51:49 fw-ffm-1 red_server[12577]: id="4202" severity="info" sys="System" sub="RED" name="RED Tunnel Down" red_id="A32005F4D155752" forced="1"

2014:09:13-23:51:49 fw-ffm-1 red_server[12577]: A32005F4D155752 is disconnected. 

[RED STAYING OFFLINE, NO COMMUNICATION]



[TRANSFER TO ANOTHER SITE]

2014:09:17-22:12:52 fw-ffm-1 red_server[18561]: SELF: New connection from 84.167.100.125 with ID A32005F4D155752 (cipher RC4-SHA), rev1

2014:09:17-22:12:52 fw-ffm-1 red_server[18561]: A32005F4D155752: connected OK, pushing config

2014:09:17-22:12:57 fw-ffm-1 red_server[18561]: A32005F4D155752: command 'UMTS_STATUS value=OK'

2014:09:17-22:12:57 fw-ffm-1 red_server[18561]: A32005F4D155752: command 'PING 1 uplink=WAN'

2014:09:17-22:12:57 fw-ffm-1 red_server[18561]: id="4201" severity="info" sys="System" sub="RED" name="RED Tunnel Up" red_id="A32005F4D155752" forced="0" 

[SUCCESSFUL UPDATED]


Any ideas? 
Would it be possible, as a fallback behaviour, to continue a RED working without updating it? Or do REDs always necessarily need to update in that cases?

The following thread describe similar problems, but claim to have them already fixed in earlier updates...
https://community.sophos.com/products/unified-threat-management/astaroorg/f/52/t/29474
https://community.sophos.com/products/unified-threat-management/astaroorg/f/62/t/57366
https://community.sophos.com/products/unified-threat-management/astaroorg/f/52/t/28913


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Bib, and welcome to the User BB!

    Interesting - you seem to have uncovered a bug.  Unfortunately, no Sophos employee is paid to participate here.  To report this, please have your reseller open a ticket with Sophos Support.

    Cheers - Bob
Reply
  • 0
    Hi, Bib, and welcome to the User BB!

    Interesting - you seem to have uncovered a bug.  Unfortunately, no Sophos employee is paid to participate here.  To report this, please have your reseller open a ticket with Sophos Support.

    Cheers - Bob
Children
No Data