Problem with AP6 and Sophos Central

Hello,

I don't understand how works Sophos Central with new AP6 Access Point.

I need to migrate from Wireless Controller on UTM 9 to Sophos Central with APX.

I have 3 networks configured on Sophos Central, as I have on UTM 9 :

PRIVE-INTERCO-IOT :

  • Cypher : Personal WPA2/AES
  • MAC filtering enable with authorized MAC addresses list
  • Client connection on VLAN 2173

PRIVE-INTERCO-PC :

  • Cypher : Enterprise WPA2 / AES
  • Radius is configured.
  • Client connection on VLAN 2174

PUBLIC-INTERCO :

  • Cypher : no
  • Client connection on VLAN 62 + client isolation
  • Hotspot on this VLAN

I have prepared my APs in my workshop before installing to my customer office.

I had the surprise that MAC Addresses list has vanished. Not only that, but I noticed a message :

"MAC filtering will also be applied to all other networks on access points where this network is configured. This option provides minimal security. It does not protect against MAC address spoofing."

Does it mean, that all my wireless configuration are impacted by MAC filtering when I need this filter only on one of them ?

I also noticed a second message with radius configuration :

"All settings for RADIUS will also be applied to all other networks on access points where this network is configured."

Does it mean, that all my wireless configuration are impacted by Radius configuration when I need this only on one of them ?

Furthermore, I have checked up the 3 SSID on my smartphone :

I saw that :

  • PUBLIC-INTERCO was asking me for Radius authentication instead of Hotspot redirection.
  • PRIVE-INTERCO-PC was asking for WP2 Personal, instead of Radius authentication.
  • PRIVE-INTERCO-IOT was asking for WP2 Personal, without MAC filtering.

My final question is : how can I configure my AP6 correctly and keep the parameters as I want ?



Edited TAGs
[edited by: Erick Jan at 5:11 AM (GMT -8) on 5 Dec 2024]