Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
Trying to get a new AP installed after the last one blew up...Using UTM 9 (just upgraded to the latest available (9.605-1))Using a Zyxel VLAN capable access point - configured with three SSIDs, all on tagged VLANs (Internal, Guest, IoT)
At home I have the Same AP, and the same Sophos hardware, but I have a VLAN capable switch - so the UTM hardware isn't doing any of the smarts.Here I need to use the UTM to connect the wired and wireless portions of two of the networks (the Guest network has no wired element).I can't actually see a sane way to do this at all, and it really doesn't seem like it ought to be difficult.Eth0 - Internet connection
Eth1 - Wired "Internal" Connection
Eth2 - Direct to AP, with tagged Internal/Guest/IoT connections
Eth3 - Wired "IoT" Connection
It is starting to look as though I need to add a Wired Internal, and a Wireless Internal, network, and give them independent router IP addresses, and DNS/DHCP servers and goodness knows what else - All I want to do is add the tagged VLAN into the existing "interface".
And that doesn't allow me to have a single L2 network across the tagged internal vlan and the physical internal port.This is ridiculously frustrating.
I now have eth0 and eth1 bridged - with either accepting tagged IoT/Guest/Internal traffic.Although I have tried to drop the tag from the internal WAP traffic (set to VLAN 1 in the WAP) it is still hitting the 'Wireless internal' interface (which is tagged). At least it's hitting that DHCP server (getting the tagged gateway, and that IP range).
So I get internet access from the wireless (I suspect because the WAP is auto tagging the return traffic)
OK - Don't know what's changed - but this has now worked... Might have been a delay on the config on the WAP?!