This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Help with XG SFOS 17.0.0 GA Recognising AP30

I am exploring various Sophos products, and have been very happy with the XG running on my own hardware. I wanted to see if the integrated wireless access points would be better than the Netgear ones I currently use, so purchased an AP30 from Ebay.

I reset the access point (holding down the reset button at boot time). This caused the device to connect to the network and use DHCP (from a Windows Server) to adopt a local IP address. However, beyond that not much seems to happen - the AP30 never appears in Protect - Wireless - Access Points list on the XG's gui despite being the default gateway of the local network. The network is simple, and the AP is powered from a PoE switch adjacent to the switch to the XG.The device does seem to be running a SSH server, although i don't know the username/password.

I cannot find any documentation on troubleshooting this stage of setup - the only documentations says it should "just work".

Any suggestions?

 

Update

 

Further investigation showed that the AP30 is emitting packets towards the default gateway (XG) which appeared in the firewall log as being rejected. I added a rule to allow acceptance of these packets, but that did not yield anything. Then I ran the packet capture on the firewall to find that the AP30 emits two packets every 10 seconds: one addressed to the default gateway (the XG firewall) ; and the other to 1.2.3.4. Both of these packets are addressed to port 2712 from port 3942.

 

The packet aimed at the firewall shows a status of "Violation", with reason "Local_ACL", whereas the status of the 1.2.3.4 packet is "Consum..." (it would be nice to allow variable width fields) with no reason.

Not sure this helps!



This thread was automatically locked due to age.
Parents
  • Hello Paul,

    If you are using Windows as DHCP server for your Sophos AP, you also need to configure DHCP Option 234 on DHCP server  as mentioned in the KB article. Else it will keep trying to connect to magic IP 1.2.3.4 which is of Sophos central.

    Good luck!!!

    Regards, Ronak.

Reply
  • Hello Paul,

    If you are using Windows as DHCP server for your Sophos AP, you also need to configure DHCP Option 234 on DHCP server  as mentioned in the KB article. Else it will keep trying to connect to magic IP 1.2.3.4 which is of Sophos central.

    Good luck!!!

    Regards, Ronak.

Children