Hi All,
We had a pen test on our Meraki networks and they came back with a high risk point being that the login to the Access Point (MR series) are using http and that you can't login to them with an encrypted connection. So I need to know if we can make this an SSL connection or not. I understand what could be done to lower the risk by changing the default password which I believe to be a device serial number.
We just need someone professional to say yes or no this is not possible and then either act on the answer if yes or sign the point off if low as accepted risk.
Thanks
Solved! Go to solution.
and what happens when someone logs in?
you can also remove the ap and connect to the cable...
I'm with @NolanHerring , just disable the local status page and make the issue go away.
I find the local status page (my.meraki.com) a handy tool for clients to check what connected AP, signal strength and throughput ('run speed test') if experiencing any issues.
If you, like me, find it handy, just make the local admin password something impossibly long and complex, you do this in one place, in the dashboard, Network-Wide>General
I disabled my local status pages. Because auditors.