Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 2799 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Register Device to Sophos Central As a Partner

Daniel Klose

Hi,

We are a Sophos Partner. A client purchased a Sophos XG136 through us. We have created a Sophos ID for the client which we used to activate the firewall (register licenses). Now we would like to manage the firewall through Sophos Central partner Dashboard. We have already approved management of the firewall for us.

The last step for us is now to activate Sophos Central on the device using the Sophos Central Registration button shown here: http://b3.ms/NgqnVxWdL9Bw

We are wondering why can't we register the device to the clients Sophos ID? When we try to do this we get an error that email and password are incorrect. When we try to signup to Sophos Central via https://www.sophos.com/en-us/products/sophos-central/free-trial using the clients Sophos ID, the ID receives an email that it can't be registered because the email address is already used for the Sophos account.

Of course we can use our Central Partner Dashboard account to register the device, but is this really the correct workflow? I would assume the device is registered to the clients central dashboard and we as a partner have the rights to manage it. So basically the client has his central dashboard credentials to manage the firewall and we as a partner have our own to manage via Central.

Does this make sense? Anyone can explain their workflow in this situation?

Thanks
Daniel



This thread was automatically locked due to age.
Parents
  • 0

    Sophos ID is your unified system credentials for all services within Sophos. 

    A Sophos ID can be a Central Admin Superadmin. So a Superadmin Email can be used for Sophos Central Admin. 

    Registration is not the same as Sophos Central Admin. 

    You need to have a Sophos Central Admin Account. You can start this from Partner Portal, if you dont have a account yet for your internal IT.

    Then you need to create a SuperAdmin. Or you wait some time for V18.5 MR2. It will enable a OTP Enablement. See: www.youtube.com/watch

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi Toni,

    Thanks for your response. I think our issue is slightly different than what you described even tho OTP would work. However, our situation is as follows. We have central partner dashboard using our email admin@ourcompany.com.

    We register the new device using the email address client@clientcompany.com and setup a Sophos ID for client@clientcompany.com. We then approve management for us.

    After that we want to add the configured firewall to central partner dashboard. When we want to register the device to central it asks us to use a central dashboard account. If we provide client@clientcompany.com it say it's not registered with central. If we want to register client@clientcompany.com at central, Sophos tells us it's not possible because the email address is already used for the Sophos account.

    Our only option would then be to register the device in central using our credentials admin@ourcompany.com. Is this the correct workflow? How would the client access central dashboard then?

    Thanks
    Daniel

  • 0 in reply to Daniel Klose

    You need a Central instance in the first place. Registration of the Appliance (the license part) has no relationship to the central Admin.

    Central Admin is the management platform for the customer and for you as a partner for your internal IT. If you want to use Sophos Endpoint and other products as a NFR, you need to register a own Central Admin. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi Toni,

    I understand this, but why can't I register client@clientcompany.com as the central admin? This makes no sense to me. Why would I need an additional client email address to be used for the central admin?

  • 0 in reply to Daniel Klose

    Because somebody already tried this? Try to reset a Email for Central. This should essentially possible or somebody tried this already. (Maybe the Customer tried this?) 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Definitely not. We handle the client email address right now. When we login to the Sophos Profile as the client. We see a link at the bottom to signup for Central. When we then fill out the form it sends it through and we get an error email saying it's not possible because the email address is already used for a Sophos account. It suggests to use a different email address... So I guess this is a bug then?


    If we register the device to central using our partner central credentials (admin@ourcompany.com), will the client still be able to access the firewall via central at a later stage when he registers to central with his own account?

  • 0 in reply to Daniel Klose

    Central will be started here: https://www.sophos.com/de-de/products/sophos-central/free-trial

    But essentially i would recommend to create Central Accounts in the Partner Dashboard. This should not require a Email. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni
    LuCar Toni said:
     https://www.sophos.com/de-de/products/sophos-central/free-trial

    This is where we get the error as explained above (email already in use for sophos account).

    LuCar Toni said:
    But essentially i would recommend to create Central Accounts in the Partner Dashboard. This should not require a Email. 

    Where would I create a Central Account in the Partner Dashboard. I can only find the option here to create a Partner account?

Reply Children
Unfiltered HTML