AP100c >>> "SSH could not reach the selected AP"

I just bought the AP100c for my Sophos UTM sg105w to expand and upgrade my wifi and give it a (hopefully) 1,3Ghz boost.
But the idea had a problem in the beginning when I realized that the AP100c is only using the 40 MHz and not the 80 MHz band.
I followed the instruction to connect to the UTM via SSH, open a command line (putty) and enter the awetool menu on the shell.
I entered the menu choosing "1 - Connect to an AP" followed by choosing my listed AP (which is the "AP100c"). So far so good.
When trying to connect the awetool realized that SSH wasn't active on the AP100c and asked me wheter to activate SSH on it.
So - for sure - I said "yes". The menu then asked me for a little patience. But - even after a reboot of my UTM - I can't connect.
I always get the "Connecting ..." - which takes approx 1-2 minutes until I get the following error messges from the awetool:

"SSH could not reach the selected AP. Please try again later."

Anyone got the same problem? Just asking because the "Enable SSH?"-question came in the beginning. So SSH must be on (?).
So why the heck isn't the awetool able to connect via SSH to the attached (withe the stock PoE power supply) AP100c right away?
Maybe some had the same problem. Would appreciate any help to access the AP100c and be able to activate the 80 MHz band.

  • Hello 491810,

    Thank you for contacting the Sophos Community!

    I would recommend you try connecting the AP100c directly to the UTM device, to see if that works.

    It looks like another device might be blocking the port.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Thanks for the quick reply.

    I realized that I'd the AP100c connect to eth3 over a managed switch (Netgear GS108e) - but this wasn't restricted.
    However. I then attached the AP100c directly to eth3. Unfortunately I still get the same screens and errors. Any idea?

    Is there a way to directly connect (its openWRT based) to the AP100c via SSH to edit the configs to enable the 80Mhz?
    What is the default login (root? admin?) and the default passwort (for openWRT the default passwort is normaly empty).

    Dirk

  • Any chance to get a(nother) reply from you Emmanuel? Or someone else?
    Im still not able to connect to my AP100c through SSL bcos it does not enable.

  • Why do you want to connect to the AP in the first place? 

    Activate the 80 MHz Band should be able to perform without logging into the AP. 

    See: 

    Peter told me in a PM that he's a home user and therefore doesn't have access to Sophos Support.  Here are the steps to try what I suggest above:

    1. Find the REF_ of an Access Point definition named Klepsch:

    cc get_object_by_name awe device 'Klepsch' |grep \'ref

        That should return something like 'ref' => 'REF_AweDev1',

    2. Change the MHz of the second radio to 80:

    cc change_object REF_AweDev1 'channel_width11a' 'VHT80'

         If that command worked, it will return REF_AweDev1, if it failed, it will return 0 (zero).

    If testing shows that that didn't work, you can see how to change it back to HT40.  Please tell us your results.

    Cheers - Bob

    __________________________________________________________________________________________________________________

  • Hi LuCarToni. I can access my sp105w through SSH using Winscp and accessing the console using putty.exe.
    But hanging in step 1. What do you mean with "Find the REF_of an Access Point definition named Klepsch"?
    I tried the command 'cc get_object_by_name awe device 'Klepsch' |grep \'ref'. But nothing happended on my end.
    So i just tried "cc get_object_by_name awe device 'Klepsch'" (without the "") and got "0" as return for it. *wierd*
    Do I have to extract a name ("Klepsch"? is that an example for a result?)? So if how and where do i find this?
    I can access the 'awetool'. Unfortunately this doesn't work for me because smtp is not beeing enabled on my end.
    Or do I have to open a tunnel like when using 'open ssh' or other command and then send this command line?

  • Hello 491810,

    I think this is the REF Luca is referring to.

    utm1:/tmp # cc
    127.0.0.1 MAIN > awe
    allowed_interfaces@
    clients@
    devices@
    global
    networks@
    127.0.0.1 MAIN awe > devices@
    0 'REF_AweDevA400095d2b' [A400095d2b]

    That would give you the REF ID.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • What an odysse. Now I understood how to execute the commands you send in your posting.
    Just enter "cc" on the command line and you enter the mode. Screen says the following:

    sg105w:/tmp # cc
    Confd command-line client.  Maintainer: <Ingo.Schwarze@sophos.com>
    
    Connected to 127.0.0.1:4472, SID = zFDKfqYNTRMhtAlOeoxv.
    Available modes: MAIN OBJS RAW WIZARD.
    Type mode name to switch mode.
    Typing 'help' will always give some help.

    Then you have to - what I did - entered "devices@" and go the following return from sg105w:

    127.0.0.1 MAIN awe > devices@
       0 'REF_AweDevA400299b79' [A400299B79CB1C7]
    

    Which is the same ID I still see in the Sophos admin gui under "Wireless Protection" in the sub menu "Access Points"

    "AP100C: A400299B79CB1C7, Kanal: Automatisch (11, 44), Land: Germany, Gruppe: 2,4 GHz & 5GHz"

    Entering the following command now worked and gave the following return for me on the command line:

    sg105w:/tmp #
    sg105w:/tmp # cc change_object REF_AweDevA400299b79 'channel_width11a' 'VHT80'
    REF_AweDevA400299b79
    

    Do I have to do something else after that? Just asking because nothing changed on the 5MHz menu band.
    Still seeing the following channels: 36,40,44,48,52,56,60,64,100,104,108,112,116,132,136,140.

  • Hello 491810,

    Thank you for the follow-up

    Try the following:

    utm1:/tmp # cc

    127.0.0.1 MAIN > OBJS

    127.0.0.1 OBJS > awe

    127.0.0.1 OBJS awe > device

    127.0.0.1 OBJS awe device > REF_AweDevA400095d2b[A400095D2BDXXXX,awe,device] (Tab for autocomplete)

    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel_width
    channel_width11a=HT20 channel_width11a=VHT20 channel_width11a=VHT80 channel_width=HT40
    channel_width11a=HT40 channel_width11a=VHT40 channel_width=HT20

    In the step above auto complete by using the TAB to select the channel you want once it is complete, press Enter, you will see something like this, with the new Channel Width 

    'channel' => 0,
    'channel11a' => 0,
    'channel_width' => 'HT20',
    'channel_width11a' => 'HT20',
    'comment' => '',
    'country' => 'ca',
    'dfs_ability' => 0,
    'enabled' => 1,
    'id' => 'A400095D2BDXXXX',
    'interface' => 'REF_IntEthAp10',

    Type the letter w to save.

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Okay. Got it (finally). Now I got the following return. Can you pls check the code? Is it now corect?

    Do I need to reboot? Access Point in the gui still shows me the following 5GHz bands listed:

    "35,40,44,48,52,56,60,64,100,104,108,112,116,132,134,140"

    127.0.0.1 OBJS awe device [REF_AweDevA400299b79] > w
    {
              'autoname' => 0,
              'class' => 'awe',
              'data' => {
                          'ac_ability' => 1,
                          'active_channels' => [
                                                 11,
                                                 52
                                               ],
                          'allowed_channels' => [
                                                  1,
                                                  2,
                                                  3,
                                                  4,
                                                  5,
                                                  6,
                                                  7,
                                                  8,
                                                  9,
                                                  10,
                                                  11,
                                                  12,
                                                  13,
                                                  36,
                                                  40,
                                                  44,
                                                  48,
                                                  52,
                                                  56,
                                                  60,
                                                  64,
                                                  100,
                                                  104,
                                                  108,
                                                  112,
                                                  116,
                                                  132,
                                                  136,
                                                  140,
                                                  144,
                                                  149,
                                                  153,
                                                  157,
                                                  161,
                                                  165
                                                ],
                          'allowed_countries' => [],
                          'ap_localdebuglevel' => 8,
                          'ap_vlantag' => 1,
                          'auto_channel' => 1,
                          'auto_channel11a' => 1,
                          'band' => 'g',
                          'bridge_modes' => [
                                              'lan',
                                              'none',
                                              'vlan'
                                            ],
                          'channel' => 0,
                          'channel11a' => 0,
                          'channel_width' => 'HT20',
                          'channel_width11a' => 'VHT80',
                          'comment' => '',
                          'country' => 'de',
                          'dfs_ability' => 1,
                          'enabled' => 1,
                          'id' => 'A400299B79CB1C7',
                          'interface' => 'REF_IntEthLan',
                          'key' => 'OEVn/lG4lXcNE1jo/MwKbdof9AxL7O0wv/bsal61ewc=',
                          'lan_mac' => '00:1a:8c:87:48:66',
                          'last_ip' => '172.16.0.254',
                          'location' => 'AP100c',
                          'max_ssids' => 8,
                          'mesh_ability' => 0,
                          'mesh_ability11a' => 0,
                          'mesh_ability11g' => 1,
                          'name' => 'A400299B79CB1C7',
                          'networks' => [
                                          'REF_ItfAwe24Ghz5ghz'
                                        ],
                          'r0kh_secret' => 'iPueX9NKLWuJDGSZGyS0WBtI4wHiMf',
                          'scan_interval' => 0,
                          'scan_interval11a' => 0,
                          'sched_scan_interval' => 0,
                          'sched_scan_interval11a' => 0,
                          'status' => 1,
                          'stp' => 0,
                          'time_scheduling' => 0,
                          'time_scheduling11a' => 0,
                          'time_select' => [],
                          'time_select11a' => [],
                          'tunnel_id' => 800,
                          'tx_power_control' => 1,
                          'txpower' => 100,
                          'txpower11a' => 100,
                          'type' => 'AP100C',
                          'vlantagging' => 0,
                          'wifi_mac' => '00:1a:8c:87:48:67'
                        },
              'hidden' => 0,
              'lock' => '',
              'nodel' => '',
              'ref' => 'REF_AweDevA400299b79',
              'type' => 'device'
            }
    Changes to object saved successfully.
    {
              'ac_ability' => 1,
              'active_channels' => [
                                     11,
                                     52
                                   ],
              'allowed_channels' => [
                                      1,
                                      2,
                                      3,
                                      4,
                                      5,
                                      6,
                                      7,
                                      8,
                                      9,
                                      10,
                                      11,
                                      12,
                                      13,
                                      36,
                                      40,
                                      44,
                                      48,
                                      52,
                                      56,
                                      60,
                                      64,
                                      100,
                                      104,
                                      108,
                                      112,
                                      116,
                                      132,
                                      136,
                                      140,
                                      144,
                                      149,
                                      153,
                                      157,
                                      161,
                                      165
                                    ],
              'allowed_countries' => [],
              'ap_localdebuglevel' => 8,
              'ap_vlantag' => 1,
              'auto_channel' => 1,
              'auto_channel11a' => 1,
              'band' => 'g',
              'bridge_modes' => [
                                  'lan',
                                  'none',
                                  'vlan'
                                ],
              'channel' => 0,
              'channel11a' => 0,
              'channel_width' => 'HT20',
              'channel_width11a' => 'VHT80',
              'comment' => '',
              'country' => 'de',
              'dfs_ability' => 1,
              'enabled' => 1,
              'id' => 'A400299B79CB1C7',
              'interface' => 'REF_IntEthLan',
              'key' => 'OEVn/lG4lXcNE1jo/MwKbdof9AxL7O0wv/bsal61ewc=',
              'lan_mac' => '00:1a:8c:87:48:66',
              'last_ip' => '172.16.0.254',
              'location' => 'AP100c',
              'max_ssids' => 8,
              'mesh_ability' => 0,
              'mesh_ability11a' => 0,
              'mesh_ability11g' => 1,
              'name' => 'A400299B79CB1C7',
              'networks' => [
                              'REF_ItfAwe24Ghz5ghz'
                            ],
              'r0kh_secret' => 'iPueX9NKLWuJDGSZGyS0WBtI4wHiMf',
              'scan_interval' => 0,
              'scan_interval11a' => 0,
              'sched_scan_interval' => 0,
              'sched_scan_interval11a' => 0,
              'status' => 1,
              'stp' => 0,
              'time_scheduling' => 0,
              'time_scheduling11a' => 0,
              'time_select' => [],
              'time_select11a' => [],
              'tunnel_id' => 800,
              'tx_power_control' => 1,
              'txpower' => 100,
              'txpower11a' => 100,
              'type' => 'AP100C',
              'vlantagging' => 0,
              'wifi_mac' => '00:1a:8c:87:48:67'
            }
                                                                                                                                                                                                 127.0.0.1 OBJS awe device [REF_AweDevA400299b79] >
    
    sg105w:/root #
    

  • Hello 491810,

    127.0.0.1 OBJS awe device > REF_AweDevA400095d2b[A400095D2BDABCDE,awe,device]

    Once you are there, press enter, which will populate what you showed above, I think you need to enter the full REF and S/N AXXXXXXXXXXX. which is the reason why if you use the tab key to autocomplete will make it easier

    So once you press Enter you should see at the bottom 

    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] >

    I am using tab to autocomplete which is why it shows more lines and I am changing to only HT40

    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel
    channel11a= channel= channel_width11a=HT20 channel_width11a=HT40 channel_width11a=VHT20 channel_width11a=VHT40 channel_width11a=VHT80 channel_width=HT20 channel_width=HT40
    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel
    channel11a= channel= channel_width11a=HT20 channel_width11a=HT40 channel_width11a=VHT20 channel_width11a=VHT40 channel_width11a=VHT80 channel_width=HT20 channel_width=HT40
    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel_width11a=
    HT20 REF_DefaultTimeEventWeekend[Weekend,time,recurring] REF_TimRecTimedefini[SSLVPN,time,recurring]
    HT40 REF_DefaultTimeEventWork[Work hours,time,recurring] VHT20
    REF_DefaultTimeEventAutoinstall[Time to install updates,time,recurring] REF_ItfAweJoshwifi[House,itfhw,awe_network] VHT40
    REF_DefaultTimeEventLunch[Lunch,time,recurring] REF_ItfAweTesthome[wlan1 (Remote Wireless Network),itfhw,awe_network] VHT80
    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel_width11a=HT40
    REF_DefaultTimeEventAutoinstall[Time to install updates,time,recurring] REF_DefaultTimeEventWork[Work hours,time,recurring] REF_TimRecTimedefini[SSLVPN,time,recurring]
    REF_DefaultTimeEventLunch[Lunch,time,recurring] REF_ItfAweJoshwifi[House,itfhw,awe_network]
    REF_DefaultTimeEventWeekend[Weekend,time,recurring] REF_ItfAweTesthome[wlan1 (Remote Wireless Network),itfhw,awe_network]
    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > channel_width11a=HT40

    After here if you press Enter you will see something like this

    {
    'ac_ability' => 0,
    'active_channels' => [
    1
    ],
    'allowed_channels' => [
    1,
    2,
    3,
    4,
    5,
    6,
    7,
    8,
    9,
    10,
    11
    ],
    'allowed_countries' => [],
    'ap_localdebuglevel' => 0,
    'ap_vlantag' => 1,
    'auto_channel' => 1,
    'auto_channel11a' => 0,
    'band' => 'g',
    'bridge_modes' => [
    'lan',
    'none',
    'vlan'
    ],
    'channel' => 0,
    'channel11a' => 0,
    'channel_width' => 'HT20',
    'channel_width11a' => 'HT40',

    And at the very bottom you will see another prompt, type enter, and then you will see the output again, in the middle of the output you should see "Changes to object saved successfully"

    127.0.0.1 OBJS awe device [REF_AweDevA400095d2b] > w

    Changes to object saved successfully.
    {
    'ac_ability' => 0,
    'active_channels' => [
    1
    ],
    'allowed_channels' => [
    1,
    2,
    3,
    4,
    5,
    6,
    7,
    8,
    9,
    10,
    11
    ],
    'allowed_countries' => [],
    'ap_localdebuglevel' => 0,
    'ap_vlantag' => 1,
    'auto_channel' => 1,
    'auto_channel11a' => 0,
    'band' => 'g',
    'bridge_modes' => [
    'lan',
    'none',
    'vlan'
    ],
    'channel' => 0,
    'channel11a' => 0,
    'channel_width' => 'HT20',
    'channel_width11a' => 'HT40',

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.