Due to the global shortage of APX range, we bought an unused unit from Ebay for us to play around with.
The seller has reassured us the unit was never connected to anything prior, it was simply one too many broadcasters and selling.
We got the unit, connected to our network, where we have other APX units and it never appears in the wireless access point section as pending.
We've checked DHCP and see it gets an IP but from that point onwards, nothing, nothing in the system or firewall logs.
On the APX itself, the unit has a green flashing light for 30 - 60 seconds and then turns solid red.
I've tried reset button for 8s and 20s, same behaviour.
I noticed there is a console port but not tried it
I tried the Sophos Flash Tool but couldnt get that to work, never detects the APX.
We've deployed loads of these, all brand new, no problem but this one being unused just wont play ball.
My question is whether Sophos lock the APX into the customer's cloud or firewall solution at the point of sale and that is why its not working.
Hopefully someone can help
PS - Tried Sophos support and various technicans had no idea what to do or how to help.
tcpdump the AP on XG and see where it connects to.
Does it try to contact 1.2.3.4:2712 and / or 52.5.76.173:2713?
If it does not, it's either bricked or pre-configured.
Is the AP in the correct VLAN and is the Zone of the VLAN allowed in Wireless Controler on XG?
Also monitor the log
log/awed.log
you should see something like: 2022-05-10 18:25:15Z [MASTER] new connection from IP
community.sophos.com/.../apx320-and-apx530-using-undocumented-port-2713-to-heartbeat-ip-52-5-76-173
I hope APX cannot be re-imaged as trojan box.