Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
I purchased an APX 120 used. The access point presents a solid red LED as soon as it's plugged in. Doing a quick, or even a full reset by holding the button down in the back does not reboot the device. It stays a solid red color.
I suspect it may be bricked, but the manual says the solid red color could indicate the APX cannot find the wireless controller, or if the reset button is pressed... it is initiating a configuration reset. I allowed the device to sit for several minutes.
In the UTM 9.7, It showed no wireless protection log or a pending access point.
I am using the power adapter of my AP15 to power the APX120 which appears to be the same 12V 1 amp power supply, as the access point lists on the back as the requirement.
Does the unit have issues with a power supply and should I use a POE injector instead? The manual says the APX can be powered with an APX120 power supply which is also 12V, 1 amp, 12 watts.
The Sophos flash tool does not even support this access point, so short of using one of those USB/Eth cables, could there be something I'm overlooking or doing wrong?
The power adapter I am using powers the AP 15 with no issue, so either the APX needs different power or a POE injector. Here is the AP 15 power supply.
Unfortunately bricked APX 120 are very common. There has been a software issue (in the UTM) which bricks them upon updating.If you don't see any DHCP requests (and bought it on eBay very cheap without warranty) this is very likely.
Using the Sophos flashing tool (it requires an network connection to the boot loader) or alternate power will not help.
If you have an strong electronics background and are used to the mentioned tools, here is a very good tutorial for unbricking them.I managed to rescue several APX 120 bought via eBay for 1€ by following it.Thanks to JuergenB btw, for posting the relevant memory addresses - he got them from an working APX.
In case you don't dare or don't have the right tools your best bet is that they are still on warranty and will be replaced by Sophos.
I went to a few places and unfortunately POE injectors seem to be a niche product. They didn't have any at my OfficeMax and BestBuy employee had no idea what a POE injector was and looked at me like I was from outer space when I asked if they had any. I got my return label. I'm not wasting my time hacking it. If the access points had a read-only dual-BIOS that could copy itself back to the flash NAND to allow it to boot, but no, it seems that if it gets a bad firmware update, it's toast.
I blame you guys for this. All this talk of APs being bricked - I just had one brick on me, after a simple PoE switch reboot.
XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SSD HDD | GB Ethernet x5
I use a UbiQuiti Networks U-POE-AF - Power Injector. (10€)I debricked some APX120 and APX320 that i got cheap from fleabay.
There's your problem, every place you went was a general big box store. They are more often than not clueless salespeople, not actual IT geeks, not to mention networking equipment isn't really their thing.
Go to an actual computer store like memory express, microcenter, etc, or better yet support a local business. TP-link, trendnet, ubiquity all have some pretty inexpensive ones. Can also do the amazon thing if really super lazy
This problem can be eliminated if Sophos would put a "dual BIOS" switch inside that copies the stock firmware/bootloader back onto the NAND flash memory. Plenty of motherboards have this feature. Or put a USB port on the back and allow it to flash the recovery firmware from a USB pen drive.
Yes, I can buy one off Amazon, but why a device would be sold without a power supply given how expensive these are is crazy. The APX120 does not even come with one as they expect everyone to have a POE switch. I don't think the power supply is the problem. It takes the same power as the AP15 does.
We all hoping they do a far better job of designing resiliency into the upcoming wifi6/7 APs.
As for power supply, these are not consumer products. It's very normal for smb or enterprise POE wifi APs to not ship with a power adapter. Doing so is pointless for most business customers as yes, we already have POE switches, or are used to supplying one-off POE injectors when necessary. Shipping every AP with a POE injector is just feeding the growing ewaste problem.
That said, the apparent crappy design of the apx120 when it came to firmware recovery, and the multiple firmware failures that bricked them, resulting in 'toss it in the trash and we'll send you a new one' hasn't helped either. At least JuergenB has provided steps to attempt recovery, and I'm really loving the idea of installing standard openwrt on the retired AP models so they stay out of ewaste.
I really think about Building a crosscompiler setup with a toolchain.
a Red 15 with OpenWrt is already available from others …I think it‘s the same NXP cpu.
but i will first check the existing OpenWrt Image from Sophos.
it‘s still possible to compile uboot with a secret knocking code to enter cli..
no Dual Bios needed…
Openwrt has support and steps to update these. git.openwrt.org/