Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 8 replies
  • Subscribers 6 subscribers
  • Views 31298 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED15 reconfiguring

BjoernStoehr

Hi,

i have little problem in reconfiguring our RED15 device. It is the first RED device we have.

I configured it for testing purposes for my home network. At home i have no DHCP Server, so i configured a static ip like (192.168.179.20/24) and used the "manual per USB". At home plugged in the usb stick and everything works fine. The RED tunnel is up and i can connect to the company site.

Now i want to reconfigure the RED for another location. What i´ve done is to delete the red and configured it again with another static ip. (i used the unlock code which is generated the first time) Downloaded the file and put it on the usb stick. Booted the RED but it can´t reach the router. Hmm, tried another usb stick. Nothing. Took the RED back to my home and there it works again. It would not update the config with the new ip for new location. Ok, then i tried it without an unlock code (only needed when connecting to a new utm?) nothing. It won´t work with a new config file.

I deleted the RED again and made an new config, therefore i got a new unlock code. Which code is now active, because the config is the first config never updated, but in utm i have now the 3rd config?

Now i am a little confused.

Thanks a lot

Bjoern

PS: is there a way to get output from the console port? logging or something?



This thread was automatically locked due to age.

  • Hi Bjoern,

    You downloaded a file? - this can only be achieved when setting up the UTM as a red device.

    When you want at RED to use static ip, configure it on the UTM and plugin the red on a place where there is a DHCP server, and let it get it's firmware and config, after that, it will disconnect and try to use the static IP. You can see the first thing if you press the Live Log under RED.

    Read more here:
    www.sophos.com/.../116573.aspx

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v19 Architect

  • When using RED with USB config, you MUST put it back into standard config mode (provisioning server) before moving it or it will not be able to reach the provisioning server to get the new config for the new location and will be nothing but a brick. Use a config backup from when you were using USB config and get the RED back to a location where it can connect with this config. Then you can change it to provisioning server config and make your changes.

    @Twister:  "You downloaded a file? - this can only be achieved when setting up the UTM as a red device"  Negative, there is a USB config option under advanced.  Definitely not recommended, as it's a bit of a nightmare to move afterwards.  I played with this once, forgot about it, then shipped the RED several thousand miles away to connect to a different UTM.  I was able to fix it via some DNS fakery to get the RED connected again to the original UTM, so it could be changed back to provisioning server mode.  Not a lot of fun.

    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • Hi,

    ok, now i have it back in provisioning mode. All works fine now with a dhcp server. Then we changed to static ip for testing purposes. The RED was connected with dhcp, got it´s static ip and after a restart it has used the static ip but won´t got into the internet. The static ip is right. We tried with a laptop. The lights told us that the red reaches the router but not the internet. If we turn on the dhcp server (same ip range, gateway etc.) it connects immediately.
    Hmm, then we tried with our other internet connection. Same here. DHCP ok, but static ip not.
    In wireshark the RED connects to internet servers with static ip but then blocks the rest.
    Any ideas we could do?

    I got no emails when i got replies to my thread...

    Thanks a lot
    Bjoern

  • I have the same problem. I've now tried to configure three RED 15s with static IPs at 3 locations with the same unfortunate result.

    1.) add RED 15 to UTM on DHCP network - works normally.
    2.) change DHCP config to Static - tunnel drops, red reboots, comes ALL THE WAY up. All lights solid and UTM shows it's up but it won't pass traffic.
    3.) Move RED 15 to connection where the static IP is valid - Boots to Router, then Internet & Red System lights blink and it reboots, over and over.

    This appears to be a bug. I've asked my vendor to open a ticket with Sophos.

  • in reply to simulant
    I have similar issues to the one outlined by simulant. Anytime I'm using a RED15 in a static IP setting, it eventually ends with red system blinking, green Internet also blinking, router solid green...and a reboot.
  • @Ronald, hopefully you haven't used the USB configuration option, for the reasons I've outlined in my replies within this thread.

    What you've described is the process the RED will go through when it cannot connect to the internet, so cannot get to the configuration servers.

    When you use a RED for the first time, it MUST be used on a DHCP network. This is the only way for the RED to connect to the configuration servers. Once this connection is made and it can get the configuration that was set on the UTM, then you can change the UTM config to static and the RED will be able to get it.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
  • in reply to Scott_Klassen


    I've tried RED15's after both fashions. I've got a brand new fresh RED15 that I configured today for the first time, used the deployment helper and set it for DHCP. It successfully connects, sends me the unlock code, and downloads the firmware/configuration (the four lights do the roll back and forth). After that it reboots and falls into the error code of System blinking red, Router stays solid green, Internet blink green, and then resets itself. The configuration hasn't changed, I'm not trying to upload a static IP configuration to it, it's staying DHCP.

    It's the same thing the other RED15 did when configured for static. There *is* a route to the internet, it does contact the mother ship, and then it loses it's mind. And yet I've got another RED15 box configured the same way that has worked perfectly.

    I went from being really happy about the hardware boxes to being very skeptical. While I'd love to turn my one working RED connection into a static IP setup, I don't dare touch it for fear it will fall over and die.
  • in reply to RonaldRobertson
    have you tried to use the "broken" red 15 from a working red 15 location?
    All issues we are seeing is that ISP's are blocking UPD port 3410 in IPS.
    So maybe trying moving the RED 15 to a place were you already have a RED 15 working - could be "funny" to see if that changes anything?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v19 Architect

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?