Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 43 subscribers
  • Views 9376 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AP registered in Sophos central not shown in firewall

Bertani Luca

Hello Guys,

just wanted a confirmation from you, i've registered some AP in Sophos central but they arent shown in the XG firewall, is that normal?

the only way to manage those with the xg firewall is to register them with the XG?

i tought that adding them in the Sophos central would  transfer them to the firewall since it's synced, am i wrong?

thanks in advance 



This thread was automatically locked due to age.
Parents
  • +2

    Hi,

    you can manage the APX in the xg but not the new APs they are central or a gui on the AP.

    Once your original APs are registered in cm they are no longer seen by the wifi function in the xg.
    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v20.0.2 MR-2

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • +2

    Hi,

    you can manage the APX in the xg but not the new APs they are central or a gui on the AP.

    Once your original APs are registered in cm they are no longer seen by the wifi function in the xg.
    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v20.0.2 MR-2

    If a post solves your question please use the 'Verify Answer' button.

Children
  • 0 in reply to rfcat_vk

    so there is no way to use firewall rules over wireless with sophos ap if they are linked to Sophos central?

  • 0 in reply to Bertani Luca

    There are two ways basically.

    1. You could bridge the wireless traffic to the LAN of the connected Access Point --> easy to set up, less flexible, limited to one network per AP
    2. You could bridge to a specific VLAN --> needs configuration on your switch(es), more flexible, allows separation between networks

    The mode "separate zone" is exclusive to firewall products.

    Once you have your networks you can build an interface on the firewall (or a VLAN Interface), assign a zone, create DHCP settings and then create firewall rules for the network.

  • 0 in reply to Bertani Luca

    The "new way" to control and separate traffic from AP/APX when managed from Sophos Central is to configure VLAN(s) on your switch(es) and to put these accesspoints into VLANs. (This mode of operation is called "Bridge to VLAN").

    If you put VLANs into your own zones, you have all the possibilties of SFOS to control traffic with firewall rules and NAT rules etc.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML