Switch off access points at night?

DHAnderson
Head in the Cloud

Switch off access points at night?

I have local device status pages disabled, yet when I run a NMAP scan of my LAN, my MX65 shows 8090 and 8181 open.  The service shown is HTTP.  When I try to get to those IP address in a browser I get message that mx.meraki.com is taking too long to respond.

 

One of my access points is showing ports 53 (domain) and 81 (http) open.

 

Are these ports open by design?  If not, is there a way to close them, or should I move the local IP addresses to a management LAN that is not accessible from the LAN.

 

- Dave

Dave Anderson
3 Replies 3
NolanHerring
Kind of a big deal

I always recommend to have a management VLAN where your network gear (MX/MS/MR) resides, and cut that off from being accessible from say wireless etc. I also disable the local status page most of the time. Can't say for certain about the port scanning results though.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
DHAnderson
Head in the Cloud

I created a VLAN for all the network devices and blocked access from the LAN to that VLAN.

 

NMap is still showing open ports on the MX65.MX65 Nmap Scan.png

Dave Anderson
RobertMiranda
Here to help

Did you ever end up finding a way to close those ports?

 

Thanks.

 

Robert.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels