Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 12062 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AP15C not being detected by the UTM

Prakhar Jalan

Hello,

We just installed one AP15C and hooked it up to one of our REDs (Lets say to RED_01). Under Wireless Global Settings, Allowed Interface has RED_01 allowed.

We assumed that the AP will show up automatically under Pending access points. However, it didn't. Whats the resolution? We can't figure out how to add the AP to our network.

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Update - the RED_01 is in Standard/Split mode and we have added the AP in the Split network section. Still can't get it to show up under Pending Access Points!

  • 0 in reply to Prakhar Jalan

    Hey Prakhar.

    When you say "I have added the AP in the split network", do you refer to these instructions? If so, which version of the UTM are you on?

    Regards,

    Giovani

  • 0 in reply to giomoda

    Hello Giovani,

    Yes and we are running UTM Firmware Version 9.505-4.

    The RED_01 gave the AP the IP - "x.x.x.196" which was added to the static host definitions. We also added RED_01 in the allowed interfaces under Wireless Protection > Global Settings. Also, the AP was added to the Split Networks under RED Management > Client Management > RED_01 Edit Screen.

    Thanks! 

  • 0 in reply to giomoda

    Hello Giovani,

    The issue has been resolved. The issue was with the wiring. When we hooked up another AP, it showed up within seconds. So we figured the issue must be with the wiring.

    Thanks!

  • 0 in reply to Prakhar Jalan

    Hey Prakhar.

    Just to be clear, the IP you need to add to your split networks is actually 1.2.3.4, not the IP received by the device. This is a "magic IP" that the Sophos APs will try to connect when looking for a UTM to manage them. When on the same L2 network this will just work, as well when using RED on standard unified, as the traffic will go through UTM and the UTM will be able to identify the device as eligible for management. When using RED on split mode you need to tell RED to forward requests to 1.2.3.4 to the UTM, otherwise it will try to go through the WAN and the UTM will not be able to identify it. Unless that was a previously managed Access Point, I don't see how it would "find" the UTM if you didn't add 1.2.3.4 to split networks.

    Regards,

    Giovani

     

  • 0 in reply to giomoda

    Hey Giovani,

    Ok now you I am really confused :)

    So, if I am not wrong, what you are telling me to do is that I should create a (lets say "Magic") host with an IP 1.2.3.4 and add it to the split network of RED for the AP to be recognized by the UTM? However, without doing that the UTM is able to detect the APs. They were converted from Pending Access Points to Active Access Points too.

    One thing though - I am broadcasting two wireless networks - one with client traffic set to "Separate Zone" (SSID - External) and one to "Bridge to AP LAN" (SSID - Internal). For the external network I have added a new interface too. But we are not able to get the internet working on this one. Could it be because of what you have pointed out above? Or could it be because of a wrong NAT/DHCP/Firewall configuration?

    I am including the images of the current configuration:

    As you can see the APs are being detected by the UTM.

    This interface is for Wireless Network with Client Traffic set to Separate Zone (external).

    The DHC settings of the interface. Not sure what the Default Gateway should be. Currently, its set to be the IP of the RED to which the APs are connected to.

     

    Firewall settings for the wireless network.

    The internal (wireless) network is working fine. 

    Thanks!

Reply
  • 0 in reply to giomoda

    Hey Giovani,

    Ok now you I am really confused :)

    So, if I am not wrong, what you are telling me to do is that I should create a (lets say "Magic") host with an IP 1.2.3.4 and add it to the split network of RED for the AP to be recognized by the UTM? However, without doing that the UTM is able to detect the APs. They were converted from Pending Access Points to Active Access Points too.

    One thing though - I am broadcasting two wireless networks - one with client traffic set to "Separate Zone" (SSID - External) and one to "Bridge to AP LAN" (SSID - Internal). For the external network I have added a new interface too. But we are not able to get the internet working on this one. Could it be because of what you have pointed out above? Or could it be because of a wrong NAT/DHCP/Firewall configuration?

    I am including the images of the current configuration:

    As you can see the APs are being detected by the UTM.

    This interface is for Wireless Network with Client Traffic set to Separate Zone (external).

    The DHC settings of the interface. Not sure what the Default Gateway should be. Currently, its set to be the IP of the RED to which the APs are connected to.

     

    Firewall settings for the wireless network.

    The internal (wireless) network is working fine. 

    Thanks!

Children
No Data
Unfiltered HTML