This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

APX120 behin SD-RED20

Hi there,

 

I want to setup the following:

We have a small branch office for one employee for which we need a wireless LAN. I have set up a SD-RED20 for this location which works quite well via LTE.

To access the network via WiFi, I have also set up an APX120 with a SSID which bridges to AP-LAN. Everything works quite well in the main office.

If I connect the APX to the SD-RED20, the APX does not connect to the UTM which I do not understand as the Branch offices network connected over the RED is allowed to connect to the firewalls main network via Any protocol.

 

Do I miss something here? Do I have to create another firewall rule for the initial handshake between UTM an AP?

 

Appreciate your help!

 

Thanks in advance

Alex



This thread was automatically locked due to age.
Parents
  • Hi Alex,

    2 things can be an issue here.

    First is the RED deployment mode. Which one do you use, unified or one of the split modes? If one of the split modes is used you will either have a host object with IP "1.2.3.4" to be included in the "Split Networks"-list or you will need to have a DHCP Option "234 - AP Magic IP" be active and set to an IP-address of the UTM (e.g. the RED interface's IP).

    Second is the Wireless Protection tab. There you will have to set the RED interface as an "Allowed Interface" under "Global Settings".

     

    For a RED20 I would recommend using the internal module slot for WLAN if that slot isn't already in-use for a 3G/4G module.

    Gruß / Regards,

    Kevin
    Sophos CE/CA (XG+UTM), Gold Partner

Reply
  • Hi Alex,

    2 things can be an issue here.

    First is the RED deployment mode. Which one do you use, unified or one of the split modes? If one of the split modes is used you will either have a host object with IP "1.2.3.4" to be included in the "Split Networks"-list or you will need to have a DHCP Option "234 - AP Magic IP" be active and set to an IP-address of the UTM (e.g. the RED interface's IP).

    Second is the Wireless Protection tab. There you will have to set the RED interface as an "Allowed Interface" under "Global Settings".

     

    For a RED20 I would recommend using the internal module slot for WLAN if that slot isn't already in-use for a 3G/4G module.

    Gruß / Regards,

    Kevin
    Sophos CE/CA (XG+UTM), Gold Partner

Children
  • kerobra said:
    Second is the Wireless Protection tab. There you will have to set the RED interface as an "Allowed Interface" under "Global Settings".

    Ah, Thank You very much. I think, I have missed this one out. Will try that after my vacation in 3 weeks. But I am pretty sure that this one will resolve my issues.

    kerobra said:
    For a RED20 I would recommend using the internal module slot for WLAN if that slot isn't already in-use for a 3G/4G module.

    For cost reasons I had to go for an APX instead of the internal module. The WiFi Module was more than double as price. The same for the 4G connection. HUAWEI Stick was about 40€ and the Module was >300€

    Thank you very much for your help. I will answer again after returning from vacation.

    Viele Grüße / Best regards

    Alex