Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 315 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

18.5 upgrade - Wireless Bridge to AP LAN DHCP no longer works

Dave Hayes

Hello...We upgraded an XG 115W to 18.5 (Latest build on 10/1/21) from 18.0.4 and our wireless network that is setup for Bridge to AP LAN no longer works.  It connects to the wifi and authenticates but it no longer hands out an IP address. We have an internal Windows server running DHCP and had the "Corp" network setup to Bridge to AP LAN and it always got a DHCP address and worked fine.  However, ever since 18.5 this no longer works.  The guest wifi works fine on a separate zone with the XG set as DHCP for that network.  We have tried blowing everything away and re-adding with no luck.  We originally had the Windows server as a DHCP Relay on the XG.  So we tried to remove it and it still does not work.

I opened a ticket with Sophos on this but am trying to schedule time with the tech.  Has anyone else seen this before with the 18.5 upgrade?  I am little worried about upgrading any other ones at this point.  

Also, where in the logs would these "denies" be logged?  I can not seem to find anything.

Thanks for any feedback.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hey Dave, Thanks for reaching out to Sophos Community.

    If this windows server running DHCP is in the subnet as where the AP is bridged then the server directly should respond to the broadcast requests. However as you've mentioned, earlier server's IP was added in the DHCP relay. I would suggest start by taking a tcpdump on the client machine's MAC address on XG.

    the command is --> tcpdump -nei Port2 ether host xx:xx:xx:xx:xx:xx (Replace the port number with the one that you have AP connected to and change xx:xx to the actual mac address of the end machine). Once you start the capture, Connect the device and see if the packets are reaching the firewall and if so, then how they're forwarded.

    Run the command from advanced shell in SSH (Option 5 > Option 3)