Network Guys

Share your knowledge!

Using Sophos Access Points behind a RED

In case you are using split-tunnel with your Sophos UTM and an Access Point behind a RED, you need to configure some additional parameters. The Access Point always wants to connect to the WLAN Controller address so you need to add this host to the split-network area:


after this the RED will reboot and the access point will try to connect to the controller address. You can see blocked packets in the firewall live log:


to allow the communication between the UTM WLAN controller address and the branch office, you need to add this network under the wireless protection / global settings:


after this configuration changes, you will see a new access point in the WebAdmin and can allow the joining. The access point will download the new firmware and restart itself. Keep in mind that you need to add the AP to your existing WLAN group to provision the configured SSIDs.

2 Responses

Leave a Reply

Click on the button to load the content from

Load content

This site uses Akismet to reduce spam. Learn how your comment data is processed.


ekahau Certified Survey Engineer
Post Categories
Post Archives