Meraki

Community

Pen Test Results

Solved
Son
Here to help
‎Oct 24 2019 7:51 AM
‎Oct 24 2019 7:51 AM

Pen Test Results

Hi All,

 

We had a pen test on our Meraki networks and they came back with a high risk point being that the login to the Access Point (MR series) are using http and that you can't login to them with an encrypted connection. So I need to know if we can make this an SSL connection or not. I understand what could be done to lower the risk by changing the default password which I believe to be a device serial number.

 

We just need someone professional to say yes or no this is not possible and then either act on the answer if yes or sign the point off if low as accepted risk.

 

Thanks

0 Kudos
1 Accepted Solution
NolanHerring
Kind of a big deal
‎Oct 24 2019 7:52 AM
‎Oct 24 2019 7:52 AM

Assuming your talking about the local status page

Go to your general settings

You can edit the login credentials for the local status page

In addition, you can disable the local status page and that way nobody can access it.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

View solution in original post

6 Replies 6
NolanHerring
Kind of a big deal
‎Oct 24 2019 7:52 AM
‎Oct 24 2019 7:52 AM

Assuming your talking about the local status page

Go to your general settings

You can edit the login credentials for the local status page

In addition, you can disable the local status page and that way nobody can access it.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
In response to NolanHerring
NolanHerring
Kind of a big deal
‎Oct 24 2019 7:54 AM
‎Oct 24 2019 7:54 AM

Also, your access points should be on their own VLAN, not the same one your wireless clients are using. This would also help to isolate risks as well.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
In response to NolanHerring
ww
Kind of a big deal
Kind of a big deal
‎Oct 24 2019 9:55 AM
‎Oct 24 2019 9:55 AM

and what happens when someone logs in?

 

you can also remove the ap and connect to the cable...

 

0 Kudos
In response to NolanHerring
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 24 2019 2:03 PM
‎Oct 24 2019 2:03 PM

I'm with @NolanHerring , just disable the local status page and make the issue go away.

 

https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Using_the_Cisco_M... 

0 Kudos
In response to PhilipDAth
pjc
A model citizen
‎Oct 25 2019 6:04 AM
‎Oct 25 2019 6:04 AM

I find the local status page (my.meraki.com) a handy tool for clients to check what connected AP, signal strength and throughput ('run speed test') if experiencing any issues.

 

If you, like me, find it handy, just make the local admin password something impossibly long and complex, you do this in one place, in the dashboard, Network-Wide>General

Brons2
Building a reputation
‎Oct 25 2019 2:05 PM
‎Oct 25 2019 2:05 PM

I disabled my local status pages.  Because auditors.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.