Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 6 subscribers
  • Views 19335 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exceeding 110% of user count

SnurrDass
monday i goth this email from my utm.

i, running static addresses and have currently 20 active devices.
why does the UTM think i have 253 devices?




[CRIT-026] License usage: EXCEEDING 110% OF USER COUNT on Sophos UTM

his email was sent by your Sophos UTM software to notify 
you that you have exceeded 110% of the user count for your license!

Licensed Users/IPs: 50
Counted  Users/IPs: 253

All additional users/ips except the ones listed below will be blocked.
A 10% tolerance has already been deducted.

Please contact your Sophos Partner or Sophos to upgrade your license.

Thank you,

   Sophos
        
-- System Uptime : 3 days 7 hours 29 minutes System Load : 0.78 System Version : Sophos UTM 9.307-6 Please refer to the manual for detailed instructions.


active.SDrtlA.txt

192.168.0.164
192.168.0.90
192.168.0.232
192.168.0.253
192.168.0.152
192.168.0.143
192.168.0.250
192.168.0.66
192.168.0.237
192.168.0.118
192.168.0.120
192.168.0.204
192.168.0.123
192.168.0.9
192.168.0.187
192.168.0.130
192.168.0.172
192.168.0.83
192.168.0.190
192.168.0.147
192.168.0.4
192.168.0.153
192.168.0.25
192.168.0.246
192.168.0.70
192.168.0.60
192.168.0.180
192.168.0.29
192.168.0.205
192.168.0.146
192.168.0.74
192.168.0.221
192.168.0.207
192.168.0.40
192.168.0.84
192.168.0.230
192.168.0.210
192.168.0.216
192.168.0.42
192.168.0.95
192.168.0.98
192.168.0.197
192.168.0.119
192.168.0.211
192.168.0.224
192.168.0.111
192.168.0.121
192.168.0.114
192.168.0.38
192.168.0.174
192.168.0.135
192.168.0.140
192.168.0.160
192.168.0.81
192.168.0.18
192.168.0.51


This thread was automatically locked due to age.
Parents
  • 0
    Dan, it looks like someone ran an IP scan that went through the UTM.  It's been documented here before, so I don't feel badly about telling you how you can reset:

    cc set licensing active_ips =[]
    cc set licensing user_limit_exceeded 0


    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Bob,

    Hi. How do you execute those two commands? 

    Thanks,
    Jason

  • 0 in reply to JasonTorrey

    In the shell of course.

    Enable it and set passwords at Management --> System Settings --> Shell Access

  • 0 in reply to itsfruity

    Thanks. This is the first time that I have used the Shell to make changes. Exciting times!

    I set up a loginuser password, logged in via SSH, and attempted to run the commands but was told that I didn't have the right permissions:

    loginuser@asg:/home/login > cc set licensing active_ips =[]

    -bash: /usr/local/bin/confd-client.plx: Permission denied

    loginuser@asg:/home/login > cc set licensing user_limit_exceeded 0

    -bash: /usr/local/bin/confd-client.plx: Permission denied

    What's the next step from here?

  • 0 in reply to JasonTorrey

    Set a password for the "Root" user as well.

    Type: su -

    Then type the root password. You're now logged in as root! Re-type the commands. 

  • 0 in reply to itsfruity

    Thank you.  Very nice.  Is the following the expected normal output for these commands?

    loginuser@asg:/home/login > su -

    Password: 

    asg:/root # cc set licensing active_ips =[]

    0

    {

              'Nattrs' => [

                            'nodelist'

                          ],

              'attrs' => [],

              'check' => 'input',

              'datatype' => 'ARRAY',

              'fatal' => 1,

              'format' => 'The %_N requires %_d.',

              'msgtype' => 'INCOMPATIBLE_DATA',

              'name' => 'The active IP address list requires a Perl array.',

              'never_hide' => 0,

              'nodelist' => 'licensing->active_ips',

              'value' => '=[]'

            }

    asg:/root # cc set licensing user_limit_exceeded 0

    1

    asg:/root #

  • 0 in reply to JasonTorrey

    Hi, Jason, and welcome to the UTM Community!

    What do you get now when you run:

    /usr/local/bin/count_active_ip.plx --showcount

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Bob,

    Thanks.  This is the result:

    Totals: IPv4: 90 IPv6: 0

    It would appear that something didn't work, yes?

    Jason

Reply Children
  • 0 in reply to JasonTorrey

    Yes, it appears that Sophos decided that allowing resets was resulting in too much fraudulent use of their software.  I don't know if there's a new way to clear the IP list.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks, Bob, for your assistance with this.

    It took about a week for the Sophos box to come back to its senses and report the correct amount (below the 50 limit).  Why it takes that long and why you cannot influence this correction, I am left to wonder.

    Jason

Unfiltered HTML