Pen Test Results

SOLVED
Son
Here to help

Pen Test Results

Hi All,

 

We had a pen test on our Meraki networks and they came back with a high risk point being that the login to the Access Point (MR series) are using http and that you can't login to them with an encrypted connection. So I need to know if we can make this an SSL connection or not. I understand what could be done to lower the risk by changing the default password which I believe to be a device serial number.

 

We just need someone professional to say yes or no this is not possible and then either act on the answer if yes or sign the point off if low as accepted risk.

 

Thanks

1 ACCEPTED SOLUTION
NolanHerring
Kind of a big deal

Assuming your talking about the local status page

Go to your general settings

You can edit the login credentials for the local status page

In addition, you can disable the local status page and that way nobody can access it.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

View solution in original post

6 REPLIES 6
NolanHerring
Kind of a big deal

Assuming your talking about the local status page

Go to your general settings

You can edit the login credentials for the local status page

In addition, you can disable the local status page and that way nobody can access it.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Also, your access points should be on their own VLAN, not the same one your wireless clients are using. This would also help to isolate risks as well.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
ww
Kind of a big deal
Kind of a big deal

and what happens when someone logs in?

 

you can also remove the ap and connect to the cable...

 

I'm with @NolanHerring , just disable the local status page and make the issue go away.

 

https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Using_the_Cisco_M... 

pjc
A model citizen

I find the local status page (my.meraki.com) a handy tool for clients to check what connected AP, signal strength and throughput ('run speed test') if experiencing any issues.

 

If you, like me, find it handy, just make the local admin password something impossibly long and complex, you do this in one place, in the dashboard, Network-Wide>General

Brons2
Building a reputation

I disabled my local status pages.  Because auditors.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels