This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AP55 won't connect to Central through XGS (SFOS 19.0.1 MR-1-Build365) cause of TLS Handshake Failure

We try to register an AP55 to Sophos Wireless - works like a charm when working without the XGS

When connection the AP55 behind the XGS we always receive a Timeout and the log entry (SSL/TLS inspection):

wifi.cloud.sophos.com
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS handshake fatal alert: bad certificate(42).

sophos.com and all necessary other sites and ports are open and excluded from SSL/TLS inspection, equally sophos.com and all other necessary sites are allowed (i can see the log entry in the firewall log  that access to wifi.cloud.sophos.com is allowed) but registration times out.

As we tried to connect without the XGS the AP has the actual updated firmware.

Any ideas which rules/exclusions to build and get the registration running?

THX



This thread was automatically locked due to age.
Parents Reply Children