Hi,
Is it normal that Air Marshall detects Meraki APs as spoofers or sending malicious broadcasts?
I'm seeing hundreds of these messages seen by different Meraki APs. At this case, the offending MAC is the main MAC address of the same AP, however we should see the BSSID here, shouldn't we?:
Broadcast deauthorization | Dec 18 20:43 | 02:8D:DB:DB:DD:7B | MR XX (15 dB) |
AP spoof | Dec 18 18:57 | Dec 18 18:57 | 0E:8D:CB:C3:E5:4F | MR YY (16 dB) |
Well, this is causing a lot disassociation issues.
As a side information, these (7) MR33 have a deprecated (stable) firmware and upgrading to the latest one (beta) increases the problems.
Any help is much appreciated. thanks!!
Solved! Go to solution.
I've seen this issue before and seen it reported as a bug. There was an issue with a range of OUI AP hardware. I can't remember what the fix was other than a firmware upgrade once a fix was pushed.
My recommendation would be to get a case open with support to make sure there isn't already a bug reported for this with is with Eng.
I have had this exact issue.
I can't remember what I did to fix it. Either upgrade to the latest beta firmware, power cycle the APs, or both.
The APs are all in the same network in the dashboard, aren't they?
I've seen this issue before and seen it reported as a bug. There was an issue with a range of OUI AP hardware. I can't remember what the fix was other than a firmware upgrade once a fix was pushed.
My recommendation would be to get a case open with support to make sure there isn't already a bug reported for this with is with Eng.
I'm doing that. Thanks!!
Yes, all are in the same network.