Cannot register with Sophos Central

Hello Carlo,

Thank you for reaching out to the community, you can follow the following steps via CLI Menu > Press 5 for the device management > Press 3 for advance shell: 

>  To find out the status: central-register --status  
>  To de-register: central-register --unregister

And then try to re-register the appliance with the Sophos Central with the following KBA - https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/SophosCentral/HowToArticles/CentralRegisterOTP/index.html

XGS2100_RL01_SFOS 19.0.0 GA-Build317# central-register --register -u username -p password
Use of uninitialized value in concatenation (.) or string at /lib32/perl/site_perl/5.20.1/SFOS/Common/Central/API.pm line 82.
{"message":"The operation timed out, please try again later.","error":"ETIMEOUT"}
{"error":"EAGAIN","message":"Temporary error while accessing Sophos Central or Sophos Central indentity could not be verified."}
XGS2100_RL01_SFOS 19.0.0 GA-Build317#

Logs

LWP::Protocol::https::Socket: Bad hostname 'utm.cloud.sophos.com' at /lib32/perl/site_perl/5.20.1/LWP/Protocol/http.pm line 47.

2022-07-23 15:55:26Z INFO API.pm[3334]:120 SFOS::Common::Central::API::send_request - HTTP::Request failed due to a SSL verification error
2022-07-23 15:55:26Z INFO central-register[3334]:180 main::_register - Connecting to Sophos Central HUB [https://utm.cloud.sophos.com/api/utm] failed for the 2 time. Retry in a second.
2022-07-23 15:55:37Z ERROR Tools.pm[3334]:97 SFOS::Common::Central::Tools::report_status - ETIMEOUT: The operation timed out, please try again later.
2022-07-23 15:55:37Z DEBUG API.pm[3334]:113 SFOS::Common::Central::API::send_request - HTTP code: [500]
2022-07-23 15:55:37Z WARN API.pm[3334]:119 SFOS::Common::Central::API::send_request - 500 Can't connect to utm.cloud.sophos.com:443 (Bad hostname)
Content-Type: text/plain
Client-Date: Sat, 23 Jul 2022 15:55:37 GMT
Client-Warning: Internal response

Can't connect to utm.cloud.sophos.com:443 (Bad hostname)

LWP::Protocol::https::Socket: Bad hostname 'utm.cloud.sophos.com' at /lib32/perl/site_perl/5.20.1/LWP/Protocol/http.pm line 47.

2022-07-23 15:55:37Z INFO API.pm[3334]:120 SFOS::Common::Central::API::send_request - HTTP::Request failed due to a SSL verification error
2022-07-23 15:55:37Z INFO central-register[3334]:185 main::_register - Connecting to Sophos Central HUB [https://utm.cloud.sophos.com/api/utm] failed 3 times. Exiting
2022-07-23 15:55:37Z ERROR Tools.pm[3334]:97 SFOS::Common::Central::Tools::report_status - EAGAIN: Temporary error while accessing Sophos Central or Sophos Central indentity could not be verified.

Interesting enough, does a nslookup work? It seems like the sub system is not able to successfully resolve this IP. 

XGS2100_RL01_SFOS 19.0.0 GA-Build317# nslookup utm.cloud.sophos.com
;; connection timed out; no servers could be reached

XGS2100_RL01_SFOS 19.0.0 GA-Build317#

What about nslookup utm.cloud.sophos.com 8.8.8.8 

Does this work? 

Yes. 

XGS2100_RL01_SFOS 19.0.0 GA-Build317# nslookup utm.cloud.sophos.com 8.8.8.8
Domain Name Server#  8.8.8.8
Domain Name       #  utm.cloud.sophos.com
Resolved Address 1#  hub-nsg-cloudhub-eu-west-1.prod.hydra.sophos.com.
Resolved Address 1#  hub-spinnaker-278430500.eu-west-1.elb.amazonaws.com.
Resolved Address 1#  34.243.182.71
Resolved Address 2#  52.17.171.245
Resolved Address 3#  54.77.73.158
Total query time  #  104.72 msec

Could you change your DNS Server in SFOS to something else and try again? 

Same result after changing DNS to obtain from PPPoE

This is related to pppoe connection. When I configure port3 as wan port from other isp, and set pppoe gw as backup I can register with sophos central and also run nslookup command 

Hi Carlo 

Please set static DNS 8.8.8.8, 1.1.1.1 and 4.2.2.2 and try again to resolve the DNS on Sophos XG and share the output again : 

All the DNS set should be able to resolved the domain

Thanks 

I can resolve from GUI but not from shell

I can resolve from GUI but not from shell