We try to register an AP55 to Sophos Wireless - works like a charm when working without the XGS
When connection the AP55 behind the XGS we always receive a Timeout and the log entry (SSL/TLS inspection):
|
wifi.cloud.sophos.com
|
|
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
TLS handshake fatal alert: bad certificate(42).
|
sophos.com and all necessary other sites and ports are open and excluded from SSL/TLS inspection, equally sophos.com and all other necessary sites are allowed (i can see the log entry in the firewall log that access to wifi.cloud.sophos.com is allowed) but registration times out.
As we tried to connect without the XGS the AP has the actual updated firmware.
Any ideas which rules/exclusions to build and get the registration running?
THX
This thread was automatically locked due to age.
