Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 5865 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IP-based License "downgrade" requires reinstall?

lprikockis

So we have a UTM9 deployed at Amazon (AWS) that is currently licensed for 100 IP addresses.   It's up for renewal and, after looking at our usage patterns and projected next year, we see no possibility of needing more than 50 IPs.   

We're currently being told by Sophos (via our reseller) that while they can provide a renewal license for 100 IPs, if we want to "downgrade" to 50, they will have to provide a NEW license (ok, no problem so far) and installing THAT license will require us to reconfigure the UTM from scratch.    i.e., they're telling me that installing the new license will completely wipe the existing configuration.  Now, esp. because this is an AWS ec2 instance, it's not too hard for us to save the config, destroy the old instance, bring up a new one with the new license and reload the saved configuration .....   

but should that really be necessary?   I find it really hard to believe that loading a new license will reset all config to factory defaults as they're telling me.   Can anyone confirm that this is indeed the case?   It *sounds* more like a clumsy attempt to lock us into the higher-cost license we don't need... but I want to believe better of Sophos than that...



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    Hi Bob,

    that explanation makes sense to what the error message says. 25 is not 150 -> Error.  Looks like my reseller had no clue as he does not know how to install a licence without reinstall (still unanswered btw)

    We had 100 IPs before and only use it for a few incoming User VPNs (Currently daily is 8 max) and the reseller sold us 25 now. After it did not work, he claimed that a new install is required, just like the initial post of this thread, hence the question what the trick is with getting it installed.

    I did have a look at the PAYG, but wouldn't that require a new install as well?

     

    [It could be an option, but it opens so many more questions. You refer to this one: https://aws.amazon.com/marketplace/pp/B01M1ORUI6 ?

    We only want to cover a few more weeks with this one and right now we only have and need network protection. Is the billing only depended on the instance? It looks to me I can only get a fix set of bundle which I would guess is FullGuard Plus? So PAY as go for Fullguard if I only need network sub?

    The AMIs are quite old t2, m3, why? What if I wanted a t3a micro, small or medium or m5a? ]

  • 0 in reply to Robert Danzig

    I'm not a guru on AWS, Robert - I just know it well enough to install and manage an instance.  I've not used PAYG.  I think you can get a one-month free trial of PAYG UTM where you only have to pay for the AWS time used. 

    You should be able to get a 150-IP trial license from your reseller to get your current instance going again.  You should then be able to make a backup with 'Unique site data (license, passwords, certificates/keys, endpoints)' removed.  That should be restorable to a new PAYG instance.  Depending on how your VPNs are configured, you will probably need some time to reestablish them.

    Ich wünsche Dir viel Glück dabei !

    Cheers - Bob