Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 35 replies
  • Subscribers 50 subscribers
  • Views 353700 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Not able to sync home license

ThomasLichtenstern1

Hi,

I get this in the Messages of my Home XG:

------------------

Your device is not able to connect with the Customer My Account server since the last 77 days. If the device fails to synchronize for 13 more day(s), it will be deactivated. Please  {vrclicklink}  to synchronize manually.

-----------------

I also wrote to support@sophos.com, but I did not get response.

 

Any Ideas how to solve it?

 

Thanks
Tom




[locked by: SupportFlo at 4:02 PM (GMT -7) on 5 Oct 2018]
Parents
  • 0

    Hi All,

    We did some investigation and in instances where the XG Home licenses are unable to sync, we request you to take a backup and reimage the hardware. We are investigating this issue and alongside, licensing team cannot be looped for Home license errors. Sophos community support will be the only point of contact.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply
  • 0

    Hi All,

    We did some investigation and in instances where the XG Home licenses are unable to sync, we request you to take a backup and reimage the hardware. We are investigating this issue and alongside, licensing team cannot be looped for Home license errors. Sophos community support will be the only point of contact.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
  • 0 in reply to sachingurung

    Do you know if this is resolved?

     

    As I am having the same issue.  I have two virtual appliances in HA and I see this:

    Alert
    1m ago
     
    Your device is not able to connect with the Customer My Account server since the last 82 days. If the device fails to synchronize for 8 more day(s), it will be deactivated. Please  {vrclicklink}  to synchronize manually.

    Yet when I tell it to synchronize I get this on the primary unit:

    Synchronization with server was successful.

    On the Secondary unit I get this:

    Synchronization with server failed

    Now if I reboot the primary then the secondary works but the alert never goes away.

  • 0 in reply to Michael Sennett

    Hi,


    Can you please check both appliances via Shell?

    tail -f /log/licensing.log

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Same issue here. I noticed it today. I changed the appliance hostname some days ago.

    In the logs I see some error messages when trying to synchronize the license.

    ERROR Apr 20 19:29:54 [0]: license_check failed : Authentication failed
    ERROR Apr 20 19:29:54 [0]: licensing_do_licensecheck() :parsing response failed...

    ERROR Apr 20 19:29:57 [0]: Certificate signing Failed : Device not found...:(
    ERROR Apr 20 19:29:57 [0]: certificate signing request() : parsing failed...

    ERROR Apr 20 19:29:58 [0]: curl_easy_perform(58) failed: Problem with the local SSL certificate
    ERROR Apr 20 19:29:58 [0]: licensing_do_applianceupdate() : Problem in contacting Server

     

    I already renewed the Default and CA Certificate. No success.

    Some Ideas? I'm really not in the mood to reinstall the whole thing.

  • 0 in reply to LuCar Toni

    Sorry for the late response but here is what each appliance shows:

     

    SF01V_SO01_SFOS 17.0.6 MR-6# tail -f /log/licensing.log
    INFO Apr 26 21:03:06 [0]: --requestType = 8
    INFO Apr 26 21:03:06 [0]: --serial = HAAUXC010017DKX
    INFO Apr 26 21:03:06 [0]: --fwversion = 17.0.6.181
    INFO Apr 26 21:03:06 [0]: --cert = /content/licensing/lic_csr.pem
    INFO Apr 26 21:03:06 [0]: --key = /content/licensing/lic_csr.key
    INFO Apr 26 21:03:06 [0]: --token = Token-Id:HAAUXC010017DKX
    INFO Apr 26 21:03:06 [0]: URL : eu-prod-utm.soa.sophos.com/.../appliance
    INFO Apr 26 21:03:06 [0]: licensing_do_applianceupdate : request : { "serialNumber": "HAAUXC010017DKX", "applianceAttributes": [ { "name": "firmwareVersion", "value": "17.0.6.181" } ] }
    ERROR Apr 26 21:03:06 [0]: curl_easy_perform(58) failed: Problem with the local SSL certificate
    ERROR Apr 26 21:03:06 [0]: licensing_do_applianceupdate() : Problem in contacting Server

     

    SFVH_SO01_SFOS 17.0.6 MR-6# tail -f /log/licensing.log
    INFO Apr 26 21:03:06 [0]: --haID = bc03c1b9-f637-4ca2-b60b-0f750deaadcf
    INFO Apr 26 21:03:06 [0]: --isActive = true
    INFO Apr 26 21:03:06 [0]: --haType = standby
    INFO Apr 26 21:03:06 [0]: --cert = /content/licensing/lic_csr.pem
    INFO Apr 26 21:03:06 [0]: --key = /content/licensing/lic_csr.key
    INFO Apr 26 21:03:06 [0]: --token = Token-Id:C010017DKXVB443
    INFO Apr 26 21:03:06 [0]: URL : eu-prod-utm.soa.sophos.com/.../appliance
    INFO Apr 26 21:03:06 [0]: licensing_do_applianceupdate : request : { "serialNumber": "C010017DKXVB443", "applianceAttributes": [ { "name": "firmwareVersion", "value": "17.0.6.181" }, { "name": "haID", "value": "bc03c1b9-f637-4ca2-b60b-0f750deaadcf" }, { "name": "isActive", "value": "true" }, { "name": "haType", "value": "standby" } ] }
    ERROR Apr 26 21:03:06 [0]: curl_easy_perform(58) failed: Problem with the local SSL certificate
    ERROR Apr 26 21:03:06 [0]: licensing_do_applianceupdate() : Problem in contacting Server

  • 0 in reply to Michael Sennett

    Hi Michael,

    I can only help from a purely licensing point of view.

    The serial starting HAAUX is not a valid serial number so will never be able to successfully contact the licensing system. You can get Home Use serial numbers from https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx

    The serial starting C010017 is activated/registered and the last successful contact with the licensing system was on 10-Jan-2018. You need a technical person to help diagnose this one as the only thing I can suggest is to take a backup of your config and re-install which I know is a pain. If you do re-install you can use the same serial and it should pick up the license when you start the WebAdmin.

    As an aside - I strongly recommend *not* revealing serial numbers on the forums and you should regard them as confidential to yourself - please send a private message if someone (you trust) offers to help you (or if you have raised a support case for a paid-for product then state the support case number - authorized people in Sophos will then be able to see the information in the case).

    Regards,

    Paul

  • 0 in reply to PaulWarren

    Hi,

     

    Would recommend you to do following:

    Do a Takeover to your C1 Appliance.

    Disable the HA.

    Perform a license Sync.

    Check the licensing.log

     

    Enable the HA, if everything seems to be fine.

     

    Cheers

    __________________________________________________________________________________________________________________

  • 0 in reply to PaulWarren

    So I just reinstalled and setup the first appliance, which is working, then I setup the second appliance and told it to be an HA from the initial setup window and it configured itself with another HAAUX serial number.

    It is syncing the license so all should be good hopefully.

Unfiltered HTML