This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Upload Home License from CLI

Hi,

  Is it possible to upload a home license from the CLI?

  For family members, I built and admin a few Sophos UTM boxes (custom hardware, home licenses) - like, my parents and sister.  I usually have IPSec tunnels up.  I missed a license expiration for my parents, and unfortunately my parents are actually at my sister's...and wondering why they can't access certain things at home (IPsec tunnels usually link us all - they were saying "x" is down, but X is up...the tunnel is down!).

  I walked them through getting a new home license...but  they can't install it unless they go home, right?  Can I install it via CLI (I have SSH access).  The Webadmin is not exposed to the internet, only the LAN and other networks via IPSec tunnels (which are down).  Is the only thing I can do is wait until someone is on the LAN (I don't have a way to remotely access that network other than the UTM!).

  What happens if I reboot the UTM; will it switch to a trial license?  I just need the site to site VPN to come up, and then I can access the webadmin!

  Thanks for your help!



This thread was automatically locked due to age.
Parents
  • One of the things I always include in Allowed Networks is "BAlfson(User Network)" so that I can connect via remote access from anywhere to access WebAdmin at the IP of the UTM's VPN server - https://10.242.12.1:4444/ for the SSL VPN.  You can add this at the command line with:

         cc set webadmin allowed_networks 'REF_NetAaaBalfsUserNetwo'

    Just substitute the first 5 letters of your username for mine.  First letter must be upper case in the REF_ like 'REF_NetAaaGarpaUserNetwo' for user garpace.

    I know a command to upload the license at the command line, but I've never tried it even in my lab.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Thanks Bob.  I didn't have the SSL VPN set up (just sites to site), but I was able to add "Any" temporarily to webadmin allowed_networks, pop in, upload the license file, bring back the site to sites, and get rid of "any".  Thank for all your guidance on this and other posts.

Reply
  • Thanks Bob.  I didn't have the SSL VPN set up (just sites to site), but I was able to add "Any" temporarily to webadmin allowed_networks, pop in, upload the license file, bring back the site to sites, and get rid of "any".  Thank for all your guidance on this and other posts.

Children
No Data