Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
Hello,
I recently purchased two pre-owned 320 APX APs for my home. Both APs boot into solid green, fast flash red, change to solid green, and then flash fast red again. They never become visible in UTM 9 and appear to be bricked. I've left them connected for hours, and this cycle never ends. Resetting has no affect, nor does rebooting during the solid green phase (I didn't boot in flashing red, as supposedly that's a firmware upgrade in progress).
Two questions, if anyone knows:
1) Is this what happens when they're bricked?
2) Where can I download the APX 320 firmware? I'd like to give the flashing tool a go.
Thanks in advance for anyone's assistance!
Jim
That's not the behavior I get. If I pull the power and push it back in, I get a brief amber, then green. If I hold the reset button while still green, I get a slow blinking red for about 10 secs, and then a fast blinking red. I never get a solid red.
Both of the (new to me) devices behave the same.
IMHO, the reset doesn't reset.
I found that same article! I have a USB-RJ45 on order from Amazon.
No worries at all - I appreciate the help. I think if I could find the darned firmware for the device, I might be able to flash it.
You can get the firmware from here. APX Firmware GPL source: https://www.sophos.com/en-us/support/downloads/firewall-installers
get the feeling whoever sold these APX 320 to you knew they were bricked if they are.
1. Make sure the power supply is actually the right one, the right voltage, amps and polarity. You'd be surprised how devices won't work right if the power adapter is no good.
2. Try a different ethernet cable on a different port on the switch.
3. Even though the APX is not visible in the UTM as a pending access point, is there any wireless protection log giving you anything at all?
1) I did! 2) I did! 3) Nothing - no logs. Doesn't even look like it's trying to grab an IP.I'd really like to avoid spinning up a VM and compiling that 1GB tar if at all possible. Of note, i found that the drivers are actually stored in the firewall itself in /etc. I downloaded the APX.uimage file and attempted to flash the APs. One AP actually was actually recognized, but the installer would not complete. The other couldn't even detect the device type.
We'll see what I can get from the console cable when it arrives, but I'm not bullish. I contacted the eBayer who sold them to me, and he said he'd accept a return. So, I'm not hosed.
Thanks again!
Keep us updated. I'm curious to see what happens with that.
No problem - maybe if I figure it out, someone else might benefit.
I debricked some of the APX120/320 (same firmware).
First connect the serial port and get a console log from the boot process, post this log here.
If the uimage i bricked, you will se a brocken uBoot loader complaining about some errors.You might even enter a failsafe mode and check the APX
Hey, Juergen.
Here's the follow-up. The first APX 320 wouldn't reply to the console connection - nothing. The other one replied, but only spit out gibberish regardless of serial settings. I started here and tried several different combinations:
Speed: 38400, Data bits: 8, Stop bits: 1, Parity: none, Flow control: none - as documented here sophos-operating-instructions-apx-320-530-740-oina.pdf
I think these devices are done for, one more so than the other.
Same thing here. I just picked up an APX 120 "open box" off eBay. Plugged it in, solid red light. Holding the reset button does nothing. No reboot, nothing.
Odd thing is the Sophos flashing tool does not say it supports the APX 120 in the website's description. If only these devices had a dual BIOS switch inside that could boot with the stock recovery firmware. These access points seem to be built very cheaply but are very expensive especially for home users, with no failsafe incase of a bad firmware flash. Brand new they go for around $300.
When you can pick up an $80 wireless router, flash it with dd-wrt/OpenWRT and get excellent coverage using it as just an access point.
My old AP15 is locked at a max 72 Mbps, it's a known issue with the AP access points. I will be seeking more affordable alternatives that can support 802.11ac wireless for a fraction of the cost.