Meraki

Community

Air Marshall detecting other Merakis or Rogue APs?

Solved
TestingGuy
Here to help
‎Dec 21 2017 12:34 PM
‎Dec 21 2017 12:34 PM

Air Marshall detecting other Merakis or Rogue APs?

Hi,

Is it normal that Air Marshall detects Meraki APs as spoofers or sending malicious broadcasts?

 

I'm seeing hundreds of these messages seen by different Meraki APs. At this case, the offending MAC is the main MAC address of the same AP, however we should see the BSSID here, shouldn't we?:

 

Broadcast deauthorizationDec 18 20:4302:8D:DB:DB:DD:7BMR XX (15 dB)

 

AP spoofDec 18 18:57Dec 18 18:570E:8D:CB:C3:E5:4FMR YY (16 dB)

 

Well, this is causing a lot disassociation issues.

As a side information, these (7) MR33 have a deprecated (stable) firmware and upgrading to the latest one (beta) increases the problems.

 

Any help is much appreciated. thanks!!

 

0 Kudos
1 Accepted Solution
In response to PhilipDAth
MilesMeraki
Head in the Cloud
‎Dec 21 2017 1:50 PM
‎Dec 21 2017 1:50 PM

I've seen this issue before and seen it reported as a bug. There was an issue with a range of OUI AP hardware. I can't remember what the fix was other than a firmware upgrade once a fix was pushed.

 

My recommendation would be to get a case open with support to make sure there isn't already a bug reported for this with is with Eng.

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)

View solution in original post

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 21 2017 1:05 PM
‎Dec 21 2017 1:05 PM

I have had this exact issue.

 

I can't remember what I did to fix it.  Either upgrade to the latest beta firmware, power cycle the APs, or both.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 21 2017 1:06 PM
‎Dec 21 2017 1:06 PM

The APs are all in the same network in the dashboard, aren't they?

0 Kudos
In response to PhilipDAth
MilesMeraki
Head in the Cloud
‎Dec 21 2017 1:50 PM
‎Dec 21 2017 1:50 PM

I've seen this issue before and seen it reported as a bug. There was an issue with a range of OUI AP hardware. I can't remember what the fix was other than a firmware upgrade once a fix was pushed.

 

My recommendation would be to get a case open with support to make sure there isn't already a bug reported for this with is with Eng.

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
0 Kudos
In response to MilesMeraki
TestingGuy
Here to help
‎Dec 21 2017 4:20 PM
‎Dec 21 2017 4:20 PM

I'm doing that. Thanks!!

0 Kudos
In response to PhilipDAth
TestingGuy
Here to help
‎Dec 21 2017 4:20 PM
‎Dec 21 2017 4:20 PM

Yes, all are in the same network.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.