This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[solved] Bricked APs after Mesh manipulation

Hi,

I tried to go further in my mesh network test (with 2 AP55C). Initially my 2 APs were plugged in the network, so they were seen as connected in Sophos Central. I took one of the AP and unplug it from the network to make it works as a repeater (with only a PSU and without the PoE injector).

After that I lost my 2 AP in Sophos Central after few minutes. They both became offline. After that I tried to remove the mesh parameter and try to only put classic SSID but no change in their behavior. The LED stills remains orange on them.

I have deleted them and tried to plug them again to a UTM 9.4 but no sign of life.



This thread was automatically locked due to age.
Parents Reply Children
  • Can you please try capturing the traffic on the UTM of the port where the AP is connected to?

    Force-deleting is also okay. When the AP establishes a connection, but it was deleted, it should reset.

  • I don't see anything. I even tried to plug an AP directly on a workstation with wireshark but I don't see any traffic from the AP.

  • Can you please describe the behavior of the LED?

    After powering the AP, is it first on for several seconds, then goes off? And to which state does it switch then?

  • In fact I will correct my last message.

    During the boot process, I don't see anything.

    The LED is green during 20 seconds, then switch off during 8s, is blinking in green during few seconds, then is orange 1s, green 1s, and finally remains orange.

    When the LED is orange, I can see STP packets from the AP.

  • You don't even see any DHCP requests?

  • I see DHCP discover from the AP (I did a pcap with 'ether host mac_from_ap' BPF filter). I can MP you the pcap file.

    Technically if I use wireshark with an AP directly connected on the workstation I see STP and DHCP discover.

    The same dump from the UTM that is technically the default GW for the other AP, I don't see anything. I suspect a filtering switch somewhere...

  • Ok, so the AP is still requesting DHCP (and if this succeeded trying to contact the cloud).

    I think there is still some configuration issue on the UTM.

    Is a DHCP server configured for the interface where the AP was attached to (and is something showing up in the dhcpd.log)?

    When you attach a client (notebook or so) to the same UTM port where the AP was connected, are you able to access the internet?

  • Ok, I think the problem is the switch (managed externally of course I don't have the hand on it). The ports where my PoE injectors were plugged have been disabled. I think that the STP is not authorized through them. The switch is configured to disable port where it detects connection a bit too much 'smart'.

    After moving the AP on other port, the AP appeared in my Central console. The PoE injector gave me wrong information because I was able to see link on my AP although my link was dead...  :/

    Sorry for the false alert...

  • Ah, yes. Switches are sometimes configured to switch off when they detect STP traffic. That's why we also display a warning when enabling a mesh network.

    Glad it's working now. :)