Meraki Equipment Reset - Unclaimed

Solved
alarson011
Conversationalist

Meraki Equipment Reset - Unclaimed

I am still new to Meraki Equipment. I obtained such equipment from an upstream customer who is concerned about data on it (Meraki MX80 specifically) and wanted to know if it was possible, for someone to bring that unit back to their site and "hack" into their network.

 

To my knowledge, they can be reset with the reset button and unclaimed from the Meraki Dashboard. Is that sufficient enough?

 

Before these questions appear, please understand I'm not asking about these routes;

  1. I know Cisco has a pick up and perform a secure-destruction for free.
  2. I understand physically destroying the unit also works.

My knowledge stems from this as well; https://documentation.meraki.com/General_Administration/Inventory_and_Devices/Cisco_Meraki_Devices_p...

1 Accepted Solution
rhbirkelund
Kind of a big deal
Kind of a big deal

Meraki is Cloud Managed network. This implies that all configuration in general lies in the Cloud.

If the device has been factory reset, all configuration on the device is removed, and the device will attempt to contact the Cloud, inorder to download a configuration for the device. Now, if the device is also unclaimed, there will be no configuration for the device in the Cloud.

 

In my opinion, factory reset, and unclaim should be sufficient. The device won't be able to build a VPN tunnel into the Customers network.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

View solution in original post

2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal

Secure Device Connectivity

For devices to communicate with the cloud, Meraki leverages a proprietary lightweight encrypted tunnel using AES256 encryption while management data is in transit. Within the tunnel itself, Meraki leverages HTTPS and protocol buffers for a secure and efficient solution, limited to 1 kbps per device when the device is not being actively managed.

 

alemabrahao_0-1675809877787.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
rhbirkelund
Kind of a big deal
Kind of a big deal

Meraki is Cloud Managed network. This implies that all configuration in general lies in the Cloud.

If the device has been factory reset, all configuration on the device is removed, and the device will attempt to contact the Cloud, inorder to download a configuration for the device. Now, if the device is also unclaimed, there will be no configuration for the device in the Cloud.

 

In my opinion, factory reset, and unclaim should be sufficient. The device won't be able to build a VPN tunnel into the Customers network.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
Get notified when there are additional replies to this discussion.