Sophos Access Points to remain working even if XG is unreachable
The downside we have identified for Sophos APs is that if a remote office with Sophos APs is connected to head-office XG via VPN and everything routes through the VPN, when connectivity is lost, the APs go offline and the remote offices cannot even access their local devices (e.g. printers / local NAS) via WiFi.
This makes a WAN issue into a much larger impact as the remote offices are unable to work effectively.
This request is that when XG is not reachable by the AP, it will fallback into an admin defined mode. e.g. if normal mode is bridged to LAN and XG connectivity is lost, fallback could also be configured to bridge to LAN.
What your asking here is not at all compatible with the way SOPHOS APs work. They basically phone the cloud to organize encryption with the UTM and then VPN to the UTM and gather a config. Without the UTM and Cloud they can't function at all. The ease of use/config/setup is due to this very design. Your asking to eliminate the downside of this design and in doing so asking for a completely different design.
I tried the option on XG MR5 and it works. I am using AP10 and at the latest update (MR6), devices where still connected to AP even if XG was installing and rebooting.
I think this feature can be marked as "completed or already possible". Thanks
IN XG ,there is a CLI Option which enables Accesspoint to advertise WLANs when the Firewall is not Reachable .
This feature is available from 16.05 MR3 . Please let us know if this helps .
Console > system wireless-controller global stay_online 1