Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Zero Touch troubleshooting

For every new XGS appliance i'm preparing for customer, i'm trying to use new zero touch.

Unfortunately every 2-3 appliances that process fails and needs further investigation.
So currently i'm not confident enough to send appliance directly to customer and rely on successfull zero touch.

Yesterday i got an XGS108 with V20.0MR1. No Success.
Removed from central and re-added, reimaged with V21 - still no success.
Today, another reboot without any other changes - success.

NTP was fine, nslookup utm.cloud.sophos.com fine, DHCP/WAN ok - no issues in status.sophos.com.
Is there anything i can provide to improve zero touch and make this more stable for future deployments?

Can you provide a more detailed troubleshooting-guide for zero touch? (docs.sophos.com/.../index.html)

{"error":{"code":"FORBIDDEN"}}
2024-12-09 14:56:21 INFO czt-hub-connect[11208]:347 main::_tzt_post_signed_data - [TZT]: Connecting to Sophos Central HUB [https://utm.cloud.sophos.com/api/utm] failed 3 times. Exiting 
2024-12-09 14:56:21 ERROR Tools.pm[11208]:97 SFOS::Common::Central::Tools::report_status - EAGAIN: Temporary error while accessing Sophos Central or Sophos Central indentity could not be verified. 
2024-12-09 14:56:07Z [TZT] tzt_get_uri: Empty url or correlation id received, Exiting..
[ ZeroTouch ] opcode: reset_zerotouch_flags: Reset necessary nvram flags
2024-12-09 14:56:07Z [TZT] on_config_file_download_fail: Error occured, cleaning up..
2024-12-09 14:56:07Z [TZT] on_config_fail Error Occured, cleaning up..

Case #02071778.



Added TAGs
[edited by: Raphael Alganes at 10:17 AM (GMT -8) on 10 Dec 2024]