This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[solved] Configuration of Access Point broken

I just received an Access Point to use with my UTM.

The process of configuring the device appears broken which I assume means it hasn't been designed properly.

 

I plug the AP15 into my switch and the UTM can see it - a good sign.

I setup the Wireless Network under Wireless Protection > Wireless Networks using conventional parameters.

Under Wireless Protection > Access Points, elect the AP15 and check the newly defined Wireless Network (the only one configured)
Under Wireless Protection > Access Points > Edit Access Points > Advanced I've tried changing Dynamic Channel to no effect.  Also, I cannot choose channels, the only option is "Auto".
    VLAN tagging is off as is Time-based scan.  STP is disabled.
Mesh Networks are left unconfigured. Wioreless Clients indicate none and Hotspots are left unconfigured.

The Wireless status indicates "AP15 is inactive, Location: AP15 etc... etc...

 

The firewall logs show the device is attempting to connect to the following IPs:  Some NTP servers not configured in my UTM and some HTTPS connections to Amazon AWS servers.

   
  Autoscroll
Reload
17:27:53 Default DROP TCP  
10.1.0.1 : 45441
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:27:55 Default DROP TCP  
10.1.0.1 : 45444
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:27:55 Default DROP TCP  
10.1.0.1 : 45444
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:27:58 Default DROP TCP  
10.1.0.1 : 45444
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:01 Default DROP TCP  
10.1.0.1 : 45441
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:03 Default DROP TCP  
10.1.0.1 : 45444
54.229.9.166 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:12 Default DROP UDP  
10.1.0.1 : 42692
198.60.22.239 : 123
 
len=76 ttl=63 tos=0x10 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:12 Default DROP UDP  
10.1.0.1 : 36641
108.61.56.35 : 123
 
len=76 ttl=63 tos=0x10 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:12 Default DROP UDP  
10.1.0.1 : 38940
208.75.88.4 : 123
 
len=76 ttl=63 tos=0x10 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:12 Default DROP UDP  
10.1.0.1 : 59902
199.102.46.75 : 123
 
len=76 ttl=63 tos=0x10 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:58 Default DROP TCP  
10.1.0.1 : 33073
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:28:58 Default DROP TCP  
10.1.0.1 : 33073
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:01 Default DROP TCP  
10.1.0.1 : 33073
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:05 Default DROP TCP  
10.1.0.1 : 33073
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:08 Default DROP TCP  
10.1.0.1 : 33076
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:08 Default DROP TCP  
10.1.0.1 : 33076
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:11 Default DROP TCP  
10.1.0.1 : 33076
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:13 Default DROP TCP  
10.1.0.1 : 33073
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19
17:29:15 Default DROP TCP  
10.1.0.1 : 33076
52.31.242.216 : 443
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=00:1a:8c:7f:bd:80 dstmac=00:0c:29:f2:87:19

 

The Wireless Protection Logs show a constantly repeating...

2016:11:03-17:30:21 ravenna awed[4874]: [MASTER] new connection from 10.1.0.1:59072
2016:11:03-17:30:21 ravenna awed[13291]: [A4002415A12B8A8] AP15 from 10.1.0.1:59072 identified as A4002415A12B8A8
2016:11:03-17:30:21 ravenna awed[13291]: [A4002415A12B8A8] (Re-)loaded identity and/or configuration
2016:11:03-17:30:21 ravenna awed[13291]: [A4002415A12B8A8] device sends DEV2ASG_INITIALCONTACT twice, dropping.
 
It appears that the UTM can't handle a new Sophos Access Point.  This is a large and remarkably pedestrian  bug.
I'll hack at this a while.  I assume if I open up some ports this thing will start to function but seriously, this should not be necessary.
 


This thread was automatically locked due to age.
  • Opening up all network traffic (outbound) from the AP15 did NOT clear up the problem.

    I now see traffic on ports 123 (Network Time Protocol) and 443 (HTTPS)

     

    The Wireless protection logs still are repeating this...

    2016:11:03-18:15:54 ravenna awed[4874]: [MASTER] new connection from 10.1.0.1:44588
    2016:11:03-18:15:55 ravenna awed[22205]: [A4002415A12B8A8] AP15 from 10.1.0.1:44588 identified as A4002415A12B8A8
    2016:11:03-18:15:55 ravenna awed[22205]: [A4002415A12B8A8] (Re-)loaded identity and/or configuration
    2016:11:03-18:15:55 ravenna awed[22205]: [A4002415A12B8A8] device sends DEV2ASG_INITIALCONTACT twice, dropping.
     
    Still stuck.
  • Hi Salis,

    What is the firmware version on UTM?

    Connect the AP directly to the UTM interface and make sure it connects to the Internet. It will download the Firmware image. I think that's a firmware issue in AP.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • The firmware of the UTM is 9.407-3

    I discovered that the high utilization of the UTM was associated with problems managing DNS Hosts and DNS Groups.

    I deleted quite a few of these and the CPU utilization has dropped considerably.

    I reconnected the AP15 after I did this and it connected correctly. 

    Problem solved.