Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 7 subscribers
  • Views 2045 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upload Home License from CLI

garpace

Hi,

  Is it possible to upload a home license from the CLI?

  For family members, I built and admin a few Sophos UTM boxes (custom hardware, home licenses) - like, my parents and sister.  I usually have IPSec tunnels up.  I missed a license expiration for my parents, and unfortunately my parents are actually at my sister's...and wondering why they can't access certain things at home (IPsec tunnels usually link us all - they were saying "x" is down, but X is up...the tunnel is down!).

  I walked them through getting a new home license...but  they can't install it unless they go home, right?  Can I install it via CLI (I have SSH access).  The Webadmin is not exposed to the internet, only the LAN and other networks via IPSec tunnels (which are down).  Is the only thing I can do is wait until someone is on the LAN (I don't have a way to remotely access that network other than the UTM!).

  What happens if I reboot the UTM; will it switch to a trial license?  I just need the site to site VPN to come up, and then I can access the webadmin!

  Thanks for your help!



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to garpace

    If you can access WebAdmin, you can upload the license file.  I've never known a way to install a license via CLI, but I am not all that great with the CLI for Sophos anyways.  ;)  

    If you had a SUM up and running to manage your UTMs, you could have done it that way. 

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to garpace

    One of the things I always include in Allowed Networks is "BAlfson(User Network)" so that I can connect via remote access from anywhere to access WebAdmin at the IP of the UTM's VPN server - https://10.242.12.1:4444/ for the SSL VPN.  You can add this at the command line with:

         cc set webadmin allowed_networks 'REF_NetAaaBalfsUserNetwo'

    Just substitute the first 5 letters of your username for mine.  First letter must be upper case in the REF_ like 'REF_NetAaaGarpaUserNetwo' for user garpace.

    I know a command to upload the license at the command line, but I've never tried it even in my lab.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob.  I didn't have the SSL VPN set up (just sites to site), but I was able to add "Any" temporarily to webadmin allowed_networks, pop in, upload the license file, bring back the site to sites, and get rid of "any".  Thank for all your guidance on this and other posts.

Unfiltered HTML