Skip to content

Wireless

Configure and manage access points, wireless networks, and connected devices.

Go to My Products > Wireless to configure and manage Sophos Wireless.

Warning

Don't disconnect your access point from the power outlet when the lights blink rapidly. This means that a firmware update is in progress.

Domain requirements

You must allow the following domains in your firewall so access points can communicate with Sophos Central, update the time, and log wireless events:

Connection Domain or IP address
Sophos Central

amazonaws.com

prod.hydra.sophos.com

wifi.cloud.sophos.com

Remote login and logging

apu.sophos.com

wifilogs.sophos.com

Firmware upgrade

cloudfront.net

sophos.jfrog.io

Network Time Protocol (NTP) for time synchronization openwrt.pool.ntp.org
Synchronized Security 52.5.76.173 with TCP port 8347

Network requirements

Access points must be able to communicate with Sophos Central. You must ensure your network meets the following requirements:

  • You must have DHCP and DNS servers to provide an IP address to the access point and answer its DNS requests (IPv4 only).
  • Access points can reach Sophos Central without requiring a VLAN to be configured on the access point for this connection.
  • There's no HTTPS proxy on the communication path.

Note

For remote support, allow outbound SSH connections on port 22.

VLAN requirements

You must add the proper VLANs in the trunk port of the wired switch. The access point always communicates over untagged VLAN. Make sure the native or management VLAN is untagged in the wired switch.

For more details about planning and setting up your wireless network, see the following video: