Meraki

Community

PSA - 802.11r/k and mixed MR72/MR74 networks - check your firmware

Tat0rt0t
Getting noticed
‎Oct 16 2017 3:19 PM
‎Oct 16 2017 3:19 PM

PSA - 802.11r/k and mixed MR72/MR74 networks - check your firmware

The security vulnerability posted today - https://meraki.cisco.com/blog/2017/10/critical-802-11r-vulnerability-disclosed-for-wireless-networks...

 

My Help --> 802.11r vulnerability page stated I was covered when I was in fact not. 

 

If you are running a mixed network with MR72's and MR74's the MR74's will not upgrade firmware unless they are on beta. What this means is under firmware the network will state "up to date" with version 24.11(current) but the MR74's are still on version 25.1 and you cannot upgrade them unless you upgrade the entire wireless network to 25.5(firmware to fix the vulnerability on MR72's).

 

 

0 Kudos
6 Replies 6
pjc
A model citizen
‎Oct 17 2017 7:35 AM
‎Oct 17 2017 7:35 AM

Same problem with a mix of MR32 and a handful of newer MR33's...you'd have to clone the existing network, put the MR33 in the new network and just upgrade that new network

0 Kudos
In response to pjc
Tat0rt0t
Getting noticed
‎Oct 17 2017 9:22 AM
‎Oct 17 2017 9:22 AM

You weren't able to just update all the AP's to 25-7? I was able to upgrade both my MR72's and MR74's on the network to 25-7. 

0 Kudos
In response to Tat0rt0t
pjc
A model citizen
‎Oct 18 2017 1:04 AM
‎Oct 18 2017 1:04 AM

Is 25.7 still beta ?  I don't want beta in production

0 Kudos
In response to pjc
AnythingHosted
Building a reputation
‎Oct 18 2017 2:07 AM
‎Oct 18 2017 2:07 AM

This is my issue as well. We have a mix of MR33s + some older MR24s/MR16s for a client.

 

I have tried the 25.5/6 on our office network (two MR52s) and found that MacBook Pros and some iPads will simply not connect to the wifi. We reverted back to the latest production version and no problems. 

 

Not sure I really want to take that risk for production kit not at our office. 

0 Kudos
In response to AnythingHosted
Tat0rt0t
Getting noticed
‎Oct 18 2017 9:12 AM
‎Oct 18 2017 9:12 AM

@AnythingHosted wrote:

This is my issue as well. We have a mix of MR33s + some older MR24s/MR16s for a client.

 

I have tried the 25.5/6 on our office network (two MR52s) and found that MacBook Pros and some iPads will simply not connect to the wifi. We reverted back to the latest production version and no problems. 

 

Not sure I really want to take that risk for production kit not at our office. 

@AnythingHosted - Interesting. We are running MR52's here on version 25-7 with no issues. Im on a mac posting right now from the Wifi.

0 Kudos
In response to Tat0rt0t
AnythingHosted
Building a reputation
‎Oct 18 2017 9:20 AM
‎Oct 18 2017 9:20 AM

@Tat0rt0t wrote:

@AnythingHosted - Interesting. We are running MR52's here on version 25-7 with no issues. Im on a mac posting right now from the Wifi.

@Tat0rt0t We actually upgraded to 25.8 about an hour ago to test it and everything seems fine for the moment. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.