cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Association requirements - Open (no encryption)

New here

Association requirements - Open (no encryption)

We have our access points set to use "open" method for network association followed with a splash page configured to AD authentication.  My question is that "open" also has no encryption.  What is is place to prevent any users from capturing AD traffic or is the splash page just proxying the AD login process and kerberos is protecting the AD authentication stream.

 

Thanks,

 

J

4 REPLIES 4
Kind of a big deal

Re: Association requirements - Open (no encryption)

The https encryption of the splash page should prevent against sniffing.

 

See the Note on this page:

https://documentation.meraki.com/MR/Splash_Page/Splash_Page_Traffic_Flow_and_Troubleshooting

Conversationalist

Re: Association requirements - Open (no encryption)

HTTPS is the answer

Conversationalist

Re: Association requirements - Open (no encryption)

Even though HTTPS is the solution, I highly recommend to avoid open networks as there might be other non-encrypted traffic which can be easily captured.

Kind of a big deal

Re: Association requirements - Open (no encryption)

Also, WPA3 will have OWE (Opportunistic Wireless Encryption) for exactly this reason.

 

https://meraki.cisco.com/blog/2018/03/wi-fi-standards-on-the-move-again/

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.