XG 18 MR3 - all features deactivated?

Deactivated means, you firewall could not communicate to the Licensing Backend for 90 Days.
Please take a look at the /log/licensing.log 

Hello Nitin,

Thank you for contacting the Sophos Community!

Please check the log Luca mentioned, the most common errors are:

curl_easy_perform(60) failed: Peer certificate cannot be authenticated with given CA certificates

curl_easy_perform(6) failed: Couldn't resolve host name

For the first error, check the CA and update it if necessary

For the second error, check if your DNS is able to resolve eu-prod-utm.soa.sophos.com and eu-prod-csr.soa.sophos.com.

Regards,

What Lucar and others have said is likely the case -- I did have an issue once where somehow the home user serial number had been used on more than one device that caused this same issue ... if you are running the same home user serial on more than one home device, you should provision another one for the other installations (in the case I'm thinking of, one of my customers ran it at home, then installed it on another family member's network using the same serial).

Hello

Looking at the licesing.log, I found the error -BUT its not one of the generic errors.

Here is the log

INFO Oct 13 22:43:37 [4153812416]: certificate_signing_request() : response : {"errorCode":"ITSERVICELAYER_DEVICE_NOTFOUND_ERROR","message":"Device not found","statusCode":404,"trackingId":"3904d630-a0ce-4e49-b69e-526ca9f1ddf4"}

ERROR Oct 13 22:43:37 [4153812416]: Certificate signing Failed : Device not found...:(
ERROR Oct 13 22:43:37 [4153812416]: certificate signing request() : parsing failed...
INFO Oct 13 22:43:39 [4153329088]: --requestType = 8
INFO Oct 13 22:43:39 [4153329088]: --serial = xxxxxxxxxxx
INFO Oct 13 22:43:39 [4153329088]: --fwversion = 18.0.3.457
INFO Oct 13 22:43:39 [4153329088]: --cert = /content/licensing/lic_csr.pem
INFO Oct 13 22:43:39 [4153329088]: --key = /content/licensing/lic_csr.key
INFO Oct 13 22:43:39 [4153329088]: --token = Token-Id:C01001PBCMT7Y76
INFO Oct 13 22:43:39 [4153329088]: URL : eu-prod-utm.soa.sophos.com/.../appliance
INFO Oct 13 22:43:39 [4153329088]: licensing_do_applianceupdate : request : { "serialNumber": "C01001PBCMT7Y76", "applianceAttributes": [ { "name": "firmwareVersion", "value": "18.0.3.457" } ] }
ERROR Oct 13 22:43:39 [4153329088]: curl_easy_perform(58) failed: Problem with the local SSL certificate
ERROR Oct 13 22:43:39 [4153329088]: licensing_do_applianceupdate() : Problem in contacting Server

So, I have error - device not found. How do i solve this?

Thank you

Hello

From memory, few months back (must be more than 90 days as it was before lockdown), I read how to remove extra NICs by taking a backup, resetting the appliance to factory, removing extra NIC and then restoring the backup (I read on this forum - exact steps - memory failing me) .

So, why this error came us (coincidence?) with MR3. This reinstall was definitely before the lockdown. So, 90 days situation would have showed up earlier.

Thank you

Caught the error.

I have two devices -One for VPN(In third country) and one at home. When I updated the home one to MR3, it took the serial number of my VPN one.

Now, i have two appliances with same serial number !!!

On my user portal, I can see two different serial numbers - How do i change the serial number of the appliance I have at home now?

Thank You

So it's exactly as I described.  The fix is to make a configuration backup, acquire a new serial (register for a new home user license), and reload the unit, and register with the new serial number, then restore your backup.

It worked, I needed to REINSTALL (not reload?) to get the serial number to stick (it kept on picking old serial after reset).

Thank You

What ? How is this possible ? Now im aware to update my fw at home....