licence error - home licence

Hi Christian: Based on error message it seems firewall cannot communicate with the license server. Since when you started observing this issue?  Are you running with 2 instances of SF-OS using the same serial number? Are you running with HA setup?  If yes then in past such issue has been reported due to such things. 

https://community.sophos.com/xg-firewall/f/discussions/93760/not-able-to-sync-home-license

If that is not the case here in your setup or deployment then you may check few more log lines from licensing.log and you may share it here to check the issue further.

Hi Vishal,

honestly i do not remember to have the same lcence used butit might be. I checked the logs and found post here more errors:

-----

INFO      Dec 04 22:30:26 [4154103232]: certificate_signing_request() : response : {"errorCode":"ITSERVICELAYER_DEVICE_NOTFOUND_ERROR","message":"Device not found","statusCode":404,"trackingId":"009dac34-b239-4fd8-930b-1d4155234988"}

ERROR     Dec 04 22:30:26 [4154103232]: Certificate signing Failed : Device not found...:(
ERROR     Dec 04 22:30:26 [4154103232]: certificate signing request() : parsing failed...
INFO      Dec 04 22:30:26 [4154148288]: --requestType = 8
INFO      Dec 04 22:30:26 [4154148288]: --serial =xxxxxxxxxxxxxxx
INFO      Dec 04 22:30:26 [4154148288]: --fwversion = 18.0.3.457
INFO      Dec 04 22:30:26 [4154148288]: --cert = /content/licensing/lic_csr.pem
INFO      Dec 04 22:30:26 [4154148288]: --key = /content/licensing/lic_csr.key
INFO      Dec 04 22:30:26 [4154148288]: --token = Token-Id:xxxxxxxxxxxxxx
INFO      Dec 04 22:30:26 [4154148288]: URL : eu-prod-utm.soa.sophos.com/.../appliance
INFO      Dec 04 22:30:26 [4154148288]: licensing_do_applianceupdate : request : { "serialNumber": "xxxxxxxxxxx", "applianceAttributes": [ { "name": "firmwareVersion", "value": "18.0.3.457" } ] }
ERROR     Dec 04 22:30:26 [4154148288]: curl_easy_perform(58) failed: Problem with the local SSL certificate
ERROR     Dec 04 22:30:26 [4154148288]: licensing_do_applianceupdate() : Problem in contacting Server
SFVH_VM01_SFOS 18.0.3 MR-3#

---------

What i recognized is tha i have no licence in im Licence portal but if i do  a search for the licence it has run with i can find it as an UTM licence with SFOS. Maybe the problem is that my licence portal is now running under a different email adress. the email address in the licence is not longer existing.

Christian

Did you, for some reason, reused this Serialnumber? Looks like you did.

Device not found is a indicator, that your current "device ID" which will be generated by registration, does not exists anymore. Frequently occur, if you re used this SN once again, while the old appliance is still in use. This will replace your current appliance. 

If you want to resolve this, the best way is to reinstall this XG and reinstall the old Serial. Then import your backup. 

Hello,

I only remember to have that Serial number none else. Can i import the backup only the for the configuration not for serial or licence key?

Christian

Just one additional question : I received a new serial number, could i register this device with that?

Yes you can but you will have to reinstall from an installation image which will completely wipe your installation.

However, you can take a backup first and then restore it. The new serial number will be kept, it isn't part of the backup.

Hi JasP, it means the interfce and routing configuraion as well? Just to be shure, as i then need to shutdown the old one first to avoid IP address conflicts.

Yes it will restore the interface and routing configuration as well. Make sure you use the backup/restore option not the import/export option.