convert APX from Sophos Central to an XG Firewall

Is it possible to move the management of a single APX530 from Central to an XG?

I've gone through 2 bricked APX 530's so far and Sophos has been good about replacing them. Both bricked after they auto upgraded firmware. The tech I spoke with said their were issues with firmware back in 2020.

I'm on my 3rd APX 530 and at times 1-2 of the SSID's stop broadcasting and this takes out my cameras and HVAC controller. It's becoming frustrating.

I'd like to see if moving to an XG to manage could make a difference or something to try before opening another support ticket.

Thanks!

Chris

Parents
  • Hi Chris, Have you noticed AP rebooting or getting stuck before it stops broadcasting those SSIDs? 

    For Central wireless, Support technicians can check the logs from the Access point's backend to see what's going on when APs stop broadcasting these SSIDs.

    For your first query, Yes it's possible to manage one AP from XG. You need to delete the AP from Central. Once disconnected it'll send out heartbeat first to central and if no configurations are found then it'll send a heartbeat to IP 1.2.3.4 which gets intercepted by XG. 

    If XG and AP are not directly connected, Make sure that you add a route in the network for IP 1.2.3.4 for XG's reachable IP address so the XG can receive heartbeat from the AP. 

    Devesh Mishra
    Global Community Support Engineer | Sophos Technical Support
    Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, use the 'Verify Answer' link.
Reply
  • Hi Chris, Have you noticed AP rebooting or getting stuck before it stops broadcasting those SSIDs? 

    For Central wireless, Support technicians can check the logs from the Access point's backend to see what's going on when APs stop broadcasting these SSIDs.

    For your first query, Yes it's possible to manage one AP from XG. You need to delete the AP from Central. Once disconnected it'll send out heartbeat first to central and if no configurations are found then it'll send a heartbeat to IP 1.2.3.4 which gets intercepted by XG. 

    If XG and AP are not directly connected, Make sure that you add a route in the network for IP 1.2.3.4 for XG's reachable IP address so the XG can receive heartbeat from the AP. 

    Devesh Mishra
    Global Community Support Engineer | Sophos Technical Support
    Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, use the 'Verify Answer' link.
Children
  • Thank you this worked for me.

  • Good afternoon,

    Sorry for the late response. Now I reboot the APX every time my wifi clients go off-line. I haven't had the time to look into it. It's annoying. 

    I'm looking into replacing the APX with a different vendor. In the past 18 months I've had two APX's brick and now this. 

    I do send the logs to a local Syslog, but haven't had the time to look into the problem or work with support.

    In my mind, when you buy a premium product - it should work. I wish Sophos would give the customer an option to turn off auto firmware updates.

    Thanks again for your response.

    Chris