Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=wireless-SSID-mesh-networks

Mesh networks

You can use mesh networks to extend the range of a wireless network or connect two physical network segments without cables.

Overview

You can configure Sophos APX or AP6 series access points with a mesh network. A mesh network allows access points to create a backhaul SSID to communicate with each other wirelessly. A backhaul SSID is a private SSID visible only to other access points configured with the same mesh network. The access points wirelessly connect different segments of the network. You can use mesh networks for environments where physical cabling isn't available for all access points. You can manage mesh networks from Sophos Central or using the local GUI on AP6 series access points.

Root and node access points

Access points have one of two roles within a mesh network:

  • Root: The root access point controls and manages the configuration updates to all other nodes in the mesh network. The Root Node requires a physical Ethernet connection to the network.

  • Node: Node access points are the participants within the mesh network that connect back to the root access point. Nodes don't usually have a physical connection to the network.

Mesh network types

Mesh networks take one of two forms:

  • Network repeater: A mesh access point can broadcast the SSID from the root access point to cover a larger area without cables. You can configure multiple node access points with one root access point. There can be multiple root access points.

Network repeater diagram.

  • Network bridge: A mesh network can bridge Ethernet networks without laying cables. To create a wireless bridge, you have to plug in your second Ethernet segment into the Ethernet interface of the node access point. The first Ethernet segment is the one on which the root access point connects to Sophos Central.

Network bridge diagram.

Add and remove mesh networks

You can add and remove mesh networks from the access point details page. See Assigned SSIDs.

Restrictions

Mesh networks have the following restrictions:

  • When setting up a mesh network, you must create a new backhaul SSID.
  • You must connect all access points to a LAN network during the initial setup of the mesh deployment.
  • An access point can have only one mesh SSID.
  • The root access point must have a LAN connection.
  • Mesh access points must be on the same channel.
  • There's no automatic takeover of the root access point. The connection to a mesh network occurs during startup.

More resources