APX 320 X, UTM Firewall + Wireless Protection


I have created an account on Sophos Central in order to manage some APX 320 X and I can't connect these APs to Sophos Central.

BUT, I already have Wireless Protection on my UTM 9 (firmware 9.713-19) enabled with nearly 60 APs configured.

I have read on this thread "AP did not connect to cloud within the timeout" that I should disable Wireless Protection the UTM. Is that correct ?

If it's correct, that doesn't suit me ....

Will Sophos support APX 320 X on UTM or not ?

Parents Reply
  • Actually, I found a way to connect my APX 320 X to Sophos Central while Wireless Protection is activated on my UTM.

    Step 1 : Create a dedicated VLAN for APX 32 X on the UTM and switches ....

    Step 2 : Configure your UTM's DNS to accept requests from this VLAN.

    Step 3 : Configure the DHCP for this VLAN with the UTM's IP address as DNS and gateway, domain if you want. 

    Step 4 : Configure a masquerading rule for this VLAN in order to go properly on the Internet

    Step 5 : Configure firewall rules to permit outgoing traffic to Internet from this VLAN and also and to permit radius requests to your radius server.

    Don't forget to register your APX 320 X on Sophos Central and make the necessary configuration on the cloud platform.

    Things you should not do : Add this VLAN to your Wireless Protection configuration on the UTM, so the traffic won't be intercepted by the UTM for this service.

    We can say this is a hybrid configuration with Sophos Central and UTM's Wireless Protection.

    This configuration works for me. I did it because I need to keep the Wireless Protection enabled for my other APs and I need Sophos Central for the APX 32 X.