Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Subscribers 44 subscribers
  • Views 6879 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

APX320 remains inactive in Wireless protection

LHerzog

Today I added a new APX320, it showed up as unconfigured and I configured it, put it to a AP group.

Since then it is pingable but remains inactive in XG Wireless.

Sounds a bit like this but it did not upgrade firmware.

I removed it from the AP group but it keeps showing as inactive.

awed.log only showing this error repetedly:

2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1766.
2022-10-25 10:24:29Z [MASTER] AP P52008RT2M8J30A: Local metadata updated
2022-10-25 10:24:36Z [MASTER] end processing configuration change
2022-10-25 10:26:47Z [MASTER] new connection from 172.16.xxx.58:57160
2022-10-25 10:26:47Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57160 identified as P52008RT2M8J30A
2022-10-25 10:26:47Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:26:47Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:26:48Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:26:48Z [P52008RT2M8J30A] disconnected. Close socket and kill process.

XG430_WP02_SFOS 18.5.4 MR-4-Build418# ls -lh | grep J30A
-rw-r--r--    1 root     0            645 Oct 25 17:58 P52008RT2M8J30A.ap
-rw-r--r--    1 root     0           4.4K Oct 25 17:57 P52008RT2M8J30A.apcfg
XG430_WP02_SFOS 18.5.4 MR-4-Build418#

We can only patch firmware at the next regular patch interval in November.

That is most of the interesting parts of awed.log

2022-10-25 09:00:06Z 1 WP_connected_clients::update_clients
2022-10-25 09:16:06Z [MASTER] new connection from 172.16.xxx.12:37685
2022-10-25 09:16:07Z [Unknown] new AP detected, adding to system. ID:P52008RT2M8J30A Model:APX320 Version:2.0.2.1-11 LAN_MAC:7c:5a:1c:2b:6c:80 WIFI_MAC:7c:5a:1c:2b:6c:83 Max SSIDS:8 TX Power Control:1 DFS:1
2022-10-25 09:16:07Z [MASTER] new AP with ID P52008RT2M8J30A
2022-10-25 09:16:07Z WARN -------------------------------------------------------
2022-10-25 09:16:07Z Use of uninitialized value $forced_country in concatenation (.) or string at /_conf/csc/wireless/awed line 2309.
2022-10-25 09:16:07Z [MASTER] AP P52008RT2M8J30A added / updateed in DB successfully.
2022-10-25 09:16:07Z [MASTER] start processing configuration change
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1754.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1754.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1766.
2022-10-25 09:16:12Z WARN -------------------------------------------------------
2022-10-25 09:16:12Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1766.
2022-10-25 09:16:13Z [MASTER] AP P52008RT2M8J30A: Local metadata updated
2022-10-25 09:16:13Z [MASTER] AP P52008RT2M8J30A: Configuration change detected
2022-10-25 09:16:20Z [MASTER] end processing configuration change
2022-10-25 09:16:20Z [MASTER] new connection from 172.16.xxx.12:37686
2022-10-25 09:16:20Z [P52008RT2M8J30A] APX320 from 172.16.xxx.12:37686 identified as P52008RT2M8J30A
2022-10-25 09:16:20Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 09:16:20Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 09:16:20Z [P52008RT2M8J30A] device not authorized yet, dropping.
2022-10-25 09:16:32Z [MASTER] new connection from 172.16.xxx.12:37688
2022-10-25 09:16:32Z [P52008RT2M8J30A] APX320 from 172.16.xxx.12:37688 identified as P52008RT2M8J30A

IP has changed due to reservation on DHCP server here

2022-10-25 10:13:58Z [MASTER] AP A40023AA0CF5932: Local metadata updated
2022-10-25 10:14:01Z [MASTER] end processing configuration change
2022-10-25 10:14:12Z [A40023AA0CF5932] (Re-)loaded identity and/or configuration
2022-10-25 10:21:56Z [MASTER] new connection from 172.16.xxx.58:57158
2022-10-25 10:21:56Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57158 identified as P52008RT2M8J30A
2022-10-25 10:21:56Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:21:56Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:21:57Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:21:57Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:24:21Z [MASTER] new connection from 172.16.xxx.58:57159
2022-10-25 10:24:21Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57159 identified as P52008RT2M8J30A
2022-10-25 10:24:21Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:24:21Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:24:22Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:24:22Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:24:23Z [MASTER] Updated AP P52008RT2M8J30A in DB successfully.
2022-10-25 10:24:23Z [MASTER] start processing configuration change
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1754.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1754.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1741.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1766.
2022-10-25 10:24:28Z WARN -------------------------------------------------------
2022-10-25 10:24:28Z Use of uninitialized value in string ne at /_conf/csc/wireless/awed line 1766.
2022-10-25 10:24:29Z [MASTER] AP P52008RT2M8J30A: Local metadata updated
2022-10-25 10:24:36Z [MASTER] end processing configuration change
2022-10-25 10:26:47Z [MASTER] new connection from 172.16.xxx.58:57160
2022-10-25 10:26:47Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57160 identified as P52008RT2M8J30A
2022-10-25 10:26:47Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:26:47Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:26:48Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:26:48Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:29:12Z [MASTER] new connection from 172.16.xxx.58:57161
2022-10-25 10:29:12Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57161 identified as P52008RT2M8J30A
2022-10-25 10:29:12Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:29:12Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:29:13Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:29:13Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:31:38Z [MASTER] new connection from 172.16.xxx.58:57162
2022-10-25 10:31:38Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57162 identified as P52008RT2M8J30A
2022-10-25 10:31:38Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:31:38Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:31:39Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:31:39Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:34:03Z [MASTER] new connection from 172.16.xxx.58:57163
2022-10-25 10:34:04Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57163 identified as P52008RT2M8J30A
2022-10-25 10:34:04Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:34:04Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:34:05Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:34:05Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:36:29Z [MASTER] new connection from 172.16.xxx.58:57164
2022-10-25 10:36:29Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57164 identified as P52008RT2M8J30A
2022-10-25 10:36:29Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:36:29Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:36:30Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:36:30Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:38:55Z [MASTER] new connection from 172.16.xxx.58:57165
2022-10-25 10:38:55Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57165 identified as P52008RT2M8J30A
2022-10-25 10:38:55Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:38:55Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration
2022-10-25 10:38:56Z [P52008RT2M8J30A] ll_read: short read or connection error:
2022-10-25 10:38:56Z [P52008RT2M8J30A] disconnected. Close socket and kill process.
2022-10-25 10:41:20Z [MASTER] new connection from 172.16.xxx.58:57166
2022-10-25 10:41:20Z [P52008RT2M8J30A] APX320 from 172.16.xxx.58:57166 identified as P52008RT2M8J30A
2022-10-25 10:41:20Z Could not read from file '/tmp/awed/P52008RT2M8J30A.pid': No such file or directory
2022-10-25 10:41:20Z [P52008RT2M8J30A] (Re-)loaded identity and/or configuration

Any idea whats wrong here?



This thread was automatically locked due to age.
  • 0 in reply to LHerzog

    as we are on Firmware.18 I checked the release notes for .19 and .20.

    https://community.sophos.com/sophoswireless/b/blog/posts/release-notes-for-apx-series-update-ap-fw-11-0-019

    https://community.sophos.com/sophoswireless/b/blog/posts/release-note-for-apx120-update-ap-fw-11-0-020

    .20 does not apply here but

    in .19 there is written that

    "Starting in April, all new APX Series access points which are shipped from Sophos warehouses will have an under-the-hood hardware upgrade. For these access points to be registered with either Sophos UTM (SG Series) or Sophos Firewall OS (XG/XGS Series), they require a newer firmware version (11.0.019) which is now being made available

    ...

    Any new APX with one of the above serial number prefixes will only work with SFOS if the AP FW 11.0.019 or later is installed."

    Well, it does not match exactly to what we have here. The release notes list APX320 serial numbers beginning with

    APX 320 ETSI 

    P52007 

    APX 320 FCC 

    P51006 

    APX 320 ROW 

    P53006 

    No idea what ETSI, FCC or ROW means here. Probably ours are ETSI. Should your customers know what that means? But our APX320 SN begins with P52008 not P52007.

    Probably they will work when we upgrade the firmware.

  • 0 in reply to LHerzog

    Due to shortage of electonic components, Sophos have diverent APX revisions now.
    And they flashed the wrong (old 11.0.018) image to a new hardware ...

    ETS, FCC, ROW stands for different countries and electronic standards

    Federal Communications Commission (FCC)North America (including Canada)

    Central America
    South America
    Australia
    New Zealand
    Hong Kong
    India
    Malaysia
    Philippines
    Taiwan
    Parts of the Russian Federation

    European Telecommunications Standards Institute (ETSI)

    European countries

    Telecom Engineering Center (TELEC)


    mostly Japan

    ROW

    dont know

    Maybe, if you connect the APX to an old SFOS, change bootdelay, enter uBoot and flash the new 11.0.019 image with tftpboot?

    But i had an APX320 (P520003) that will not work anymore with FW 11.0.02  (same error).

  • +1 in reply to LHerzog

    Hello sir, this advisory is applicable to serial number prefix P52007 and newer. So, APX with serial number prefix P52008 will require AP pattern version 11.0.019 to become active after configuration. We recommend to upgrade AP pattern from 11.0.018 to 11.0.019 get these APX devices working.

    ETSI/FCC/ROW are different SKUs based on WIFI regulatory domains. This detail could be found on label on the back of the device.

  • 0 in reply to PraptiPandit

    that might be correct, but FW 11.0.020 hasn´t been tested with all hardware revisions available on the market (period)

  • 0 in reply to PraptiPandit

    thanks for your feedback and confirmation

    we'll upgrade firmware next weekend and I'm quite sure it'll fix the issue.

  • +1 in reply to LHerzog

    AP firmware upgrade to 11.0.020 fixed it

Unfiltered HTML