APX120 non-functional

Hi,

check the logviewer authentication and system views.

Ian

Hi Ian,

I've checked there.  The Authentication logs only covers my logging into the XG.  The SYSTEM logs show the APX120 under "Wireless Protection" as "Successful sent config to AP" every few minutes throughout the day, but nothing this evening after I power cycled it.

The APX120 is not listed under my DHCP addresses either.  Seems it just powers on but does not try to connect to anything.

Hi,

do you have a switch between the AP and the XG, are you using VLANs?

Have you tried restarting the XG without the AP connected?

Ian

Odd, the DHCP should at least get a request. 

Did you check, that there is actually a DHCP Server of XG running for this Port?

Could you perform a tcpdump? 

tcpdump -ni any port 67 or port 68 

That should be enough, replug the AP, let it boot and check, if some packets are arriving on advanced console. 

Hi Ian,

Yes, I have a Cisco switch that all my devices are plugged into.  The switch is not KVM, so there are no settings to change on it.  It has been rock solid for the past 6 years running continuously without a single issue.

I have not tried starting the XG with the APX120 disconnected.  That will have to wait until tomorrow night as the internet here is used heavily during the day.

My switch is located in the basement.  I have network cables running into wall outlets in the office.  I decided to plug the AP30 directly into the switch using a ethernet cable and a power cable (to bypass the POE injector).  The lights on the switch did not light up which indicated that the AP30 was not making a connection.  This is very odd given it was working perfectly two days ago until I plugged in the APX120.

I then plugged in the APX120.  The lights on the port go solid green for two seconds, flash then go dark.  It repeats this every 10 seconds or so.  I went to the XG logs to see if there were any connection attempts/logs.  There is nothing in SYSTEM other than the last connection it had yesterday before I power cycled the unit.

I had created new firewall rules last night to allow any LAN traffic (regardless whether it had a DHCP issued address) to the WAN.  I also created a similar NAT MASQ rule.  This didn't make a difference.

Yes, my entire LAN runs off one port.  All the other devices on this port are running normally and acquire the proper DHCP addresses.

I logged into the console and tried your tcpdump command.  The console gives me an error "Unknown parameter 'any'".  If I shorten it down to just "tcpdump -n port 67" it gives me an error "Unknown parameter 'port'".

It appears that the way this should be entered on the XG is (Port1 is my LAN):
> tcpdump interface Port1 'port 67'

and

> tcpdump interface Port1 'port 68'

When I run the above commands on the console, nothing is returned as per the below snippet:

Turning on verbose mode didn't reveal any more information:

For completeness, here is a snippet from the XG SYSTEM logs when filtering "Wireless Protection".  I have truncated the screenshot to cut-off my APX120 serial number.  This is what the APX120 was doing all day yesterday before I power cycled the unit.  In my opinion, this caused severe interference with connecting to the internet (made it unusable).  By comparison, the AP30 might have one of these configuration logs per week or month.

Hi Casual,

It looks like it is config deployment looping meaning the APX and the XG are unable to confirm with one another that the AP is on the correct config/firmware.

Can you plug your AP30 into the network, i just want to see if it happens to another wirelessly managed device?

Where did you get your APX from? Wonder if it is an ex Central managed device if it's second hand.

Emile

Hi Emile,

I have an AP15 plugged in that I'm using for my WiFi the moment.  My typical setup was an AP15 and AP30 for two different WiFi networks.  I've switched over all WiFi to the AP15, which has performance hits on my network, but it has functioned perfectly through this entire process (reboots and all).  

The APX120 came from an online retailer (advertised as new) and was shipped directly to me from Sophos in the City of Industry, California.  I also received an email from Sophos confirming the shipment.

As posted previously, the AP30 has been giving me issues when updating the XG (hard to reconnect).  I disconnected it to connect the APX120 and now I cannot seem to get the AP30 back up and running (XG does not recognize it).  I've plugged the APX and AP30 into different ports on my switch to be sure it did not have something to do with the switch port.  

I found a Sophos app to reflash the AP30.  Interestingly, while the network light on the AP30 blinks nothing is shown in the log of the flashing app.  The AP30 appears to be suddenly dead.  Same thing when I plug the AP30 into the network, the XG doesn't recognize it.

I've done a bit more tinkering.  I disconnected the LAN from the XG and plugged the AP30 directly to the XG.  The ethernet port lights of the XG do not turn on or flicker and the network light of the AP30 does not light up no matter how many times I power cycle or reset the AP30.  When I installed the APX120, I deleted the AP30 from the XG.  It seems now the XG refuses to acknowledge the existing of the AP30.  When I connect the AP30 directly to the ethernet port of a computer the network light does light up indicating that the AP30 does want to talk to something.  However, the reflash programme does not recognize that the AP30 is connected (no device connected or detected in log).

I connected the APX120 directly to the XG.  The connection light goes solid, then the send/receive light flickers a couple of times.  The connection light then goes dark.  It comes back on and repeats the same routine without any changes.  It seems that either the XG or APX120 is trying to do something but the other device doesn't like it.

The AP15 is still up and running fine.

I'm leaving the APX120 plugged in for now in the hopes that the networking gods will have mercy and automagically make it work.