APX 320 X, UTM Firewall + Wireless Protection

Hello,

I have created an account on Sophos Central in order to manage some APX 320 X and I can't connect these APs to Sophos Central.

BUT, I already have Wireless Protection on my UTM 9 (firmware 9.713-19) enabled with nearly 60 APs configured.

I have read on this thread "AP did not connect to cloud within the timeout" that I should disable Wireless Protection the UTM. Is that correct ?

If it's correct, that doesn't suit me ....

Will Sophos support APX 320 X on UTM or not ?

Parents Reply Children
  • Actually, I found a way to connect my APX 320 X to Sophos Central while Wireless Protection is activated on my UTM.

    Step 1 : Create a dedicated VLAN for APX 32 X on the UTM and switches ....

    Step 2 : Configure your UTM's DNS to accept requests from this VLAN.

    Step 3 : Configure the DHCP for this VLAN with the UTM's IP address as DNS and gateway, domain if you want. 

    Step 4 : Configure a masquerading rule for this VLAN in order to go properly on the Internet

    Step 5 : Configure firewall rules to permit outgoing traffic to Internet from this VLAN and also and to permit radius requests to your radius server.

    Don't forget to register your APX 320 X on Sophos Central and make the necessary configuration on the cloud platform.

    Things you should not do : Add this VLAN to your Wireless Protection configuration on the UTM, so the traffic won't be intercepted by the UTM for this service.

    We can say this is a hybrid configuration with Sophos Central and UTM's Wireless Protection.

    This configuration works for me. I did it because I need to keep the Wireless Protection enabled for my other APs and I need Sophos Central for the APX 32 X.

  • Thank you for the update  !

    We are glad it worked for you.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Salut, Jean-Charles - merci pour ta contribution !  C'est la première fois que je vois une solution pour l'UTM et l'APX 320.

    Cordialement - Bob
    PS Moving this thread to Recommended Reads

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA