This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos APX320X keeps restarting, cannot register in Sophos Central

Hello,

my APX320X keep rebooting, after start it is getting IP from DHCP (separate DHCP server controller )

After that I'm able to ping the AP IP for 20 seconds, Led status is blinking red

after that it goes unreachable and this scenario continue, Led status all 3 leds turn on for a few seconds

Tried to reset the AP (Hold 8 sec) and factory reset (20 sec) but same scenario, the AP keeps resetting.

In between AP and UTM, there is switch only, rule allows full internet access.

Product: SG 320 v9.706-9

I have a ticket open more than 1 month, they sent me a second hardware with the same fault.

Now I need the AP, but I have no answer from technical help desk in the last 7 days.

Kind regards



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hey , Welcome to Sophos Community.

    Did you try taking a tcpdump on the UTM for the access point's IP address to see whether AP initiates any requests to internet before it goes down? 

    Please share the support case ID via PM and I'll Follow-up further internally. 

  • Hello DeveshM,

    Yes we had a TCPdump done as you will see in the support Case 04188787

    We captured traffic for the time the AP was online, then it restarted.

    Best regards

  • FormerMember
    0 FormerMember in reply to Gioceroni

    Hey , Apologies for the delay caused in this case.

    I have notified the concerned team to update you on this case and take things further. Please feel free to drop me a PM for any queries related to this case. 

  • Thank you DeveshM!

    I hope they will soon solve the problem.
    I will keep you updated.

    Best regards

  • I probably found some error/bug, and a solution.

    The solution is to connect the AP to a home Internet router with no filters to Internet. The AP then registers correcly to Internet.

    In our settings we have Sophos firewall with an allow all rule. Somehow there is something that makes the AP to reset and not register, we should investigate how this strange bug behaves 1) in the AP 2) what is the anomaly on the firewall that bothers the AP.

    In any  case, after the first Sophos Central registration, the Allow all policy on the firewall allows the Sophos APX320X to work normally.

    Regards

  • Just a FYI, I have seen this before (long time reseller / var) -- if the UTM has Wireless Protection enabled, it can cause this by intercepting the provisioning traffic of the AP.  If Wireless Protection is enabled, give that a look.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • The access point connects to the IP address 1.2.3.4 on port 2712 Tellpizzahut . Traffic is sent to the default gateway of the access point. If there is no response from the Sophos Firewall, the access point reboots, and the process starts over again.

  • FormerMember
    0 FormerMember in reply to Acting Camel

    Hi,

    Please take a packet capture on the firewall (tcpdump -nei any host 1.2.3.4) and see if the packets reach the firewall or not. You can also take a drop-packet-capture (drppkt host 1.2.3.4) and check if firewall dropped any packets or not.

    Also, Is this AP connected directly (or via a switch) to the Firewall? or is there any L3 device in between? 

  • Hello,

    APX 320X is currently supported only through Sophos Central. There is a known issue if there is a Sophos firewall between the access point and Central with wireless functionality enabled. This is documented here:

    https://support.sophos.com/support/s/article/KB-000039886?language=en_US

    Do let me know if this helps.

    Regards,

    Tejas