Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 13 replies
  • Subscribers 41 subscribers
  • Views 16852 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why does sophos XG not recognise that I have a connection

Ashruf Rodrigues

I have been using sophos XG for about a week now but have yet to register the product. I have tried everything from reinstalling to swapping nics in my server but still get the following error.
None of the other suggestion on this topic seems to work for me. I am using the default config and all connected client can connect. What is my way forward as I can clearly ping the sophos servers? 

 



This thread was automatically locked due to age.
Parents
  • +1

    Hi Ashruf,

     

    SSH into the XG -- go to option 5 then 3. 

    Run the command tail -f /log/licensing.log 

    Reproduce the synchronization and it will tell you where it is failing. 

    I would recommend opening a support case for this as well. 

  • 0 in reply to MasterRoshi

    Thanks,

    The log revealed the following

    INFO Jan 02 09:46:11 [0]: --requestType = 1
    INFO Jan 02 09:46:11 [0]: --serial = C01001Y7K2P42CC
    INFO Jan 02 09:46:11 [0]: --deviceid = 566c840b-f906-4655-8f32-1afc770ed7df
    INFO Jan 02 09:46:11 [0]: --model = SF01V
    INFO Jan 02 09:46:11 [0]: --vendor = SO01
    INFO Jan 02 09:46:11 [0]: --upgradedFrom = 0
    INFO Jan 02 09:46:11 [0]: --fwversion = 17.5.1.347
    INFO Jan 02 09:46:11 [0]: --cert = /_conf/certificate/licensing/mfgr_vendor_SO.pem
    INFO Jan 02 09:46:11 [0]: --token = Token-Id:SO-D5C052A8
    INFO Jan 02 09:46:11 [0]: --key = /_conf/certificate/licensing/mfgr_vendor_SO.key
    INFO Jan 02 09:46:11 [0]: URL : eu-prod-utm.soa.sophos.com/.../applianceactivation
    INFO Jan 02 09:46:11 [0]: request : { "serialNumber": "C01001Y7K2P42CC", "deviceId": "566c840b-f906-4655-8f32-1afc770ed7df", "model": "SF01V", "deviceFirmwareVersion": "17.5.1.347", "vendorCode": "SO01" }
    ERROR Jan 02 09:46:12 [0]: curl_easy_perform(60) failed: Peer certificate cannot be authenticated with given CA certificates
    ERROR Jan 02 09:46:12 [0]: licensing_do_activation() : Problem in contacting Server
    { "statusmessage": "Operation failed due to an unknown error. Please contact Support.", "status": "510" }

     

    I applied the workaround at https://community.sophos.com/kb/en-us/132458 but the error stays the same.

  • 0 in reply to Ashruf Rodrigues

    Perhaps try rebooting and if the issue persists, try the KB steps once more.

    If that does not resolve things and the logs are the same, I would suggest opening a support ticket to investigate what is going on at a deeper level. 

  • 0 in reply to MasterRoshi

    Is there any HTTPs Inspection between XG WAN and the Internet? 

    Any Kind of Proxy? 

    __________________________________________________________________________________________________________________

Reply Children
Unfiltered HTML