Fusionhub on AWS: 8.0.2 was deployed, upgrade to 8.4.0 killed all SF tunnels

I deployed FusionHub on AWS from the AMI (which was 8.0.2 when deployed). After deployment I created a tunnel to verify functionality. Today, I upgraded from InControl to 8.4.0 and after the upgrade finished, the WAN connection shows down (despite me being able to access it) and speed fusion tunnels won’t connect.

It will say “establishing tunnel” and then go back to “starting.” I can see in the SpeedFusion VPN log that it’s accepting connections from the remote devices but it they will never connect. I get a failure status of “Not Available - Link Failure No Data Received.”

I validated the AWS configuration, ports, etc. and nothing stands out. Any ideas?

A shot in the dark, did you try releasing the fusionhub licence to let it reregister?

Going from 8.0 to 8.4 is a big jump, you could roll back a previous image and go 8.1 then 8.3. then 8.4, it doesnt take long.

So, I actually did a bunch of tearing down and rebuilding instances today. It is caused by an IPSec tunnel being alive on the box. If I remove the active IPSec tunnel and reboot, the SF tunnels come right up. I may add another interface (it’s in AWS) and elastic IP and route the IPSec tunnel via a separate WAN uplink.

a private ip conflict maybe?

Nope, no conflicts For now I’ve just disabled the IPSec link with the Cisco/Meraki box (which works fine, just prevents the SF tunnels from coming up. I’ll file a ticket and see what happens.