Overview
Starting in April, all new APX Series access points which are shipped from Sophos warehouses will have an under-the-hood hardware upgrade. For these access points to be registered with either Sophos UTM (SG Series) or Sophos Firewall OS (XG/XGS Series), they require a newer firmware version (11.0.019) which is now being made available. Sophos Central Wireless customers do not need to take any action.
This hardware change has no impact on the supported features, capabilities, or other functionality of the access point.
How to identify if your APX Series is affected
You can identify new APX models with this change by the serial number prefix.
Model
Prefix
APX 120 ETSI
P32007
APX 120 FCC
P31006
APX 120 ROW
P33005
APX 320X ETSI
P42006
APX 320X FCC
P41006
APX 320X ROW
P43005
APX 320 ETSI
P52007
APX 320 FCC
P51006
APX 320 ROW
P53006
APX 530 ETSI
P12007
APX 530 FCC
P11006
APX 530 ROW
P13006
APX 740 ETSI
P22006
APX 740 FCC
P21006
APX 740 ROW
P23006
Dates for change rollout
No Action required
Sophos Central Wireless customers
No action is required by customers using Sophos Central as the APX will be upgraded when the device is registered.
Existing customers with an APX Series already registered in UTM/SFOS
Existing customers who have already successfully registered their APX access point with Sophos UTM or Sophos Firewall OS do not need to take any action as the access point model will not have one of the above serial number prefixes.
Action required
Previously unregistered APX for use with Sophos UTM (SG Series)
Verify that your APX has one of the serial number prefixes listed above.
If it does, for the APX to be recognized and managed by a Sophos UTM firewall, Sophos UTM OS must be upgraded to version 9.7 MR 11.
Previously unregistered APX for use with Sophos Firewall OS – SFOS (XG / XGS Series)
If it does:
Note: Any new APX with one of the above serial number prefixes will only work with SFOS if the AP FW 11.0.019 or later is installed.
Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues.
We have issues with WPA2/Enterprise, Windows RADIUS (NPS Server). Laptops are not able to authenticate, it seems that the Firewall is dropping auth requests, no requests on NPS Server anymore. NPS configration wasn't changed. Only a reboot of the firewall helps, but after 12 hours error occurs again.
We have updated to 11.0.019 and now logs are showing an old bug (which should be fixed, as far as I know)2022-04-06 09:06:26Z JSON error at line 1, byte 1/44: Unexpected character 'A' parsing initial state: expecting whitespace: '\n', '\r', '\t', ' ' or start of string: '"' or digit: '0-9' or minus: '-' or start of an array or object: '{', '[' or start of literal: 't', 'f', 'n' at /lib32/perl/site_perl/5.20.1/JSON/Parse.pm line 69.2022-04-06 09:06:26Z 1 (eval)2022-04-06 09:06:26Z 2 JSON::Parse::valid_json2022-04-06 09:06:26Z 3 CSC::API::exec_opcodeOur SSID got a "-" in its name, we are going to change the ssid now. Anybody else with issues?
Oh my god, is THIS back again?
community.sophos.com/.../ap55---wlan-interruption-every-x-minutes-since-firmware-11-0-014