APX 320 does not show in pending access points

Just tried to add APX320 to the wireless controller on the new UTM 9.7 beta.

I can see it leasing address from the DHCP server (with option 234 set to point to the LAN address of the UTM). However, the AP just finishes booting and ends up with solid red LED. I tried to a factory default reset of the AP with the same result afterwards.

UTM version 9.670-4

Parents
  • OK... so a bit of a development. After almost an hour of the AP just rebooted couple of times and now it is visible in WebAdmin... In shell of the UTM a lively traffic between the AP and Sophos cloud was visible in tcpdump.

  • Hi,

    So ur APX320 is live now ?
    Actually it might have old version used in cloud thats why it takes time for auto firmware upgrade to latest cloud and then it will come Under UTM pending AP list.

  • Yes the APX320 is alive. However it took it about 40 minutes from factory default reset for it to show in the pending AP list. During all that time the LED was solid red.

    The APX120 at the other hand, we just disconnected it from the XG and it popped up in the pending list of the UTM shortly after it got its IP from the DHCP (although this process (of just getting the DHCP lease) took it a few minutes as well).

  • I'm seeing a similar issue.  APX320, gets a lease, and just blinks green... not in pending list, no logs for awed show any activity.   Been 20 minutes so far. Is there something I'm missing Sophos?  Also FWIW this is a recently ordered APX320 (got it about a month ago).

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • I actually have 4 other APX 320 that were just sitting on the table turned on for entire weekend and didn't popup in the pending list. They failed to do so in the UTM 9.7 Beta, they failed to do so in the XG and they failed to connect to Sophos Central as well.

    I did a bit of a digging and it seems that they are trying to contact the controller on a wrong port 2713 instead of 2712 (as they should based on this KB document (and all my Sophos training): https://community.sophos.com/kb/en-us/124397 ).

    If I NAT the communication then the controller responds to the APX, however, the connection does not hold and ends up with an error anyway.

    So result is I have one APX 320 that is working and 4 that I have filled an RMA request for.

    To me this seems as a firmware issue. All 4 non working APX 320s arrived in the same shipment around end of July and were never used before.

    Maybe you can try to 'tcpdump' the communication on the UTM and see whether it is not your case as well...

  • Interesting; this one was purchased from distribution (we are a reseller) in July as well... never been used.  Thanks for the info, I'll check it out.  Maybe someone messed up flashing these.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • Interesting; this one was purchased from distribution (we are a reseller) in July as well... never been used.  Thanks for the info, I'll check it out.  Maybe someone messed up flashing these.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data