This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central Wireless IP assignment and Traffic route

Hey Guys, 

Is there perhaps a link where I can read how break out and network assignment works - With Wireless central when its at different locations .

So for example Site A: SSID Local  (How/Where/Who gives these clients that are connected to the APS SSID)

How does it get its Gateway ? 

As for guest network assignment , I see it coms off the AP itself  (Can this be changed) 


Added TAGs
[edited by: Erick Jan at 4:55 AM (GMT -8) on 12 Jan 2024]
Parents Reply Children
  • Thanks , If the wifi zone is on a separate network than the LAN , but not on  VLAN . 

    Is there a way to have the APs give out IPs from that range ? 

    For example is the LAN Staff is : 

    Staff wifi is : , currently on the FW  (No Vlan)

    Is there a way to give that address range SSID from Sophos Central  :, keep the APS on

  • Hi Ryan,

    To verify, your local network is Then you want to broadcast an SSID with a IP address? Is this correct

    You can try the following Setup if applicable to your setup.

    1. Create a new interface vLAN with a network of
    2. Create New DHCP with attach it to the newly created vLAN
    3. Create SSID on Central with client connection to vLAN
    4. Set up the allow Firewall Rule

    This will broadcast an SSID on Central with an IP range of while retaining the  FW local LAN address of

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Thanks for the reply, So this is one way of doing it correct. 

    But believe it or not , The avoidance of using Vlans needs to stay on the table for now. 

    As Vlans would need to configured on the switches that APs are connected to . (the person doesnt want to do this)

    Is there anyway to have the non vlan network assigned to an SSID.