3CX DLL-Sideloading attack: What you need to know
We are trialling Sophos APs for a wifi refresh but having some issues with them.
3 x APX320 - 2 managed through Sophos Central, one via an XGS6500.
They will occasionally go offline (red light, no ping response/LAN access but still advertising SSIDs and can still connect where network authentication isn't needed). Recently these have been going offline at roughly the same time. Cannot see anything on the switches. One is getting POE from the switch (Cisco 2960) and other 2 are into similar switches but powered by injector.
This is happening maybe every week, though it was much more regular some weeks back. Cannot access the cloud managed APs via console, but can get on to the firewall managed one.
Anything I can check? Can't see any logs on the AP and central/firewall doesn't seem to give me anything useful.
Power cycle required to get the back online then they work fine until next time.
Hi duggan1 ,
Kindly see if this Troubleshooting of Wireless would help: https://support.sophos.com/support/s/article/KB-000036133?language=en_US
Light/Led Indicators: https://support.sophos.com/support/s/article/KB-000035552?language=en_US
Kindly let us know how it goes. Thanks for your time and patience and thank you for choosing Sophos.
Raphael AlganesCommunity Support Engineer | Sophos Technical SupportSophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
Yeah we've gone through those, no problems. Is there a mechanism to turn on debugging logs and redirect them to a syslog server?
Thanks for the information May I verify if your APX meets this power requirements
APX320X - Maximum Power: 18.9W and the POE switch supports 802.3at?
Also when the issue occurs what is the status of red light? Solid, flashing slowly or flashing fast?
You can check logs in Central under Wireless>Diagnostics>Events
For Syslog Wireless>Diagnostics>Syslog > enter syslog IP and Port
Since this is also a trial, you may reach out to your local partner or Sophos SE to be able to assist you in a technical standpoint on your trial period.
Many thanks for your time and patience and thank you for choosing Sophos
Power isn't an issue, we have different power delivery and two APs went off at the same time.
Red light is solid when it happens.
Logs under Diagnostic Events just say the AP has gone offline. Nothing prior to that event.
Syslog doesn't give anything that appears to be useful, just a lot of this:
around the time they go offline.
Hi, i have 4 AP that are "online", but not forwarding any traffic to internet or LAN.What SFOS do you have installed on the XGS6500?
I upgrade to 19.5 GA 2 weeks ago and all AP´s are "Online" but do not forward any traffic.Can you verify the status of the Wifi network interface?
Ours switches to unplugged and i do not see any traffic.
Maybe the 19.5 GA has more than one bug...
Upgraded to 19.5 a week or so ago, prior to that was on 19 build 365 I think. Problem exists on both.
Sounds like our problem though. Wifi interface up, still getting PoE power but not pingable, switch doesn't think theres anything there.
Looks like a 19.5 GA Problem, in my case it started this way
4 AP´s listed as active1 AP failed, green light, not pingable. WiFi interface pluggedlater 3 more AP´s failed, green light, not pingable, Wifi interface pluggedsome hours later, WiFi interface was unplugged.
no AP´s was able to forward traffic.
SSID was visible and client could connect to AP´s
Yeah sounds like what I see, except I get red light (occasionally changing into flashing green) but I was seeing it before 19.5.