Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 5 subscribers
  • Views 9443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open box APX 120: solid red LED as soon as plugged in, no blinking orange/green LED. Restart does nothing.

alan weir

I purchased an APX 120 used. The access point presents a solid red LED as soon as it's plugged in. Doing a quick, or even a full reset by holding the button down in the back does not reboot the device. It stays a solid red color.

I suspect it may be bricked, but the manual says the solid red color could indicate the APX cannot find the wireless controller, or if the reset button is pressed... it is initiating a configuration reset. I allowed the device to sit for several minutes.

In the UTM 9.7, It showed no wireless protection log or a pending access point.

I am using the power adapter of my AP15 to power the APX120 which appears to be the same 12V 1 amp power supply, as the access point lists on the back as the requirement.

Does the unit have issues with a power supply and should I use a POE injector instead? The manual says the APX can be powered with an APX120 power supply which is also 12V, 1 amp, 12 watts.

The Sophos flash tool does not even support this access point, so short of using one of those USB/Eth cables, could there be something I'm overlooking or doing wrong? 

The power adapter I am using powers the AP 15 with no issue, so either the APX needs different power or a POE injector. Here is the AP 15 power supply.



This thread was automatically locked due to age.
  • 0 in reply to Alan Brand

    I went to a few places and unfortunately POE injectors seem to be a niche product. They didn't have any at my OfficeMax and BestBuy employee had no idea what a POE injector was and looked at me like I was from outer space when I asked if they had any. I got my return label. I'm not wasting my time hacking it. If the access points had a read-only dual-BIOS that could copy itself back to the flash NAND to allow it to boot, but no, it seems that if it gets a bad firmware update, it's toast. 

  • 0 in reply to alan weir

    I blame you guys for this.  All this talk of APs being bricked - I just had one brick on me, after a simple PoE switch reboot.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to JuergenB

    Sorry to hear this. Sounds like an error in your bootenv, maybe a missing line (SPI driver?).

    Keep in mind, that APX120 and APX320 use a different flash layout (APX120 has Image in mtd5, APX320 in mtd6), maybe very old firmware (my archive only reaches back to 11.0.014-1) does not account for this.

    BTW why did you change the bootdelay back to 0? I left mine at 5 (can well live with the delayed bootup)?

  • 0 in reply to Alan Brand

    Hi,

    i cleared the NAND and loaded the OpenWrt Image. But i missed to flash the NAND and i didn´t changed the bootdelay ..

    rnaq-sph1 # nand erase.chip

    If you then power cycle the APX the memory loaded image is missing and you get a bricked APX.
    The bootdelay can be changed and saved to the NOR but every Sophos initiated upgrade or modification will set the delay back to 0.

    So i ended up, reading the NOR Flash with a Pomona Clip and changed the delay ...

    Maybe if i change the code before tinkering with these devices or change the MTD backup image of the environment (APX320 and APX120 use a MTD for the configuration).

    An early APX.uimage will load OpenWrt with root access, the new ones only boot to a login prompt.
    Even the failsafe ... fails and then you need to powercycle ..

    Press the [f] key and hit [enter] to enter failsafe mode
Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level
f
- failsafe -
/etc/preinit: line 1: telnetd: not found
(none) login: Please reboot system when done with failsafe network logins

    But it´s possible to clear the nand rootfs, load a new APX.uimage from tftp and start this.

    If you let the image load and the APX connects to the XG it will load the current image 11.0.019 or 20 and create a proper layout.

    Only the early 0.1 , 1.15 or 2.0 images are strange

  • 0 in reply to alan weir

    I use a UbiQuiti Networks U-POE-AF - Power Injector. (10€)
    I debricked some APX120 and APX320 that i got cheap from fleabay.

  • 0 in reply to alan weir

    There's your problem, every place you went was a general big box store.  They are more often than not clueless salespeople, not actual IT geeks, not to mention networking equipment isn't really their thing.

    Go to an actual computer store like memory express, microcenter, etc, or better yet support a local business.  TP-link, trendnet, ubiquity all have some pretty inexpensive ones.  Can also do the amazon thing if really super lazy

  • 0 in reply to Amodin

    This problem can be eliminated if Sophos would put a "dual BIOS" switch inside that copies the stock firmware/bootloader back onto the NAND flash memory. Plenty of motherboards have this feature.  Or put a USB port on the back and allow it to flash the recovery firmware from a USB pen drive.

  • 0 in reply to RaveNet

    Yes, I can buy one off Amazon, but why a device would be sold without a power supply given how expensive these are is crazy. The APX120 does not even come with one as they expect everyone to have a POE switch. I don't think the power supply is the problem. It takes the same power as the AP15 does.

  • 0 in reply to alan weir

    We all hoping they do a far better job of designing resiliency into the upcoming wifi6/7 APs. 

    As for power supply, these are not consumer products.  It's very normal for smb or enterprise POE wifi APs to not ship with a power adapter.  Doing so is pointless for most business customers as yes, we already have POE switches, or are used to supplying one-off POE injectors when necessary.  Shipping every AP with a POE injector is just feeding the growing ewaste problem.

    That said, the apparent crappy design of the apx120 when it came to firmware recovery, and the multiple firmware failures that bricked them, resulting in 'toss it in the trash and we'll send you a new one' hasn't helped either.  At least has provided steps to attempt recovery, and I'm really loving the idea of installing standard openwrt on the retired AP models so they stay out of ewaste.

  • 0 in reply to RaveNet

    I really think about Building a crosscompiler setup with a toolchain.

    a Red 15 with OpenWrt is already available from others …
    I think it‘s the same NXP cpu.

    but i will first check the existing OpenWrt Image from Sophos.

    it‘s still possible to compile uboot with a secret knocking code to enter cli..

    no Dual Bios needed…

Unfiltered HTML