Back again with some results. I set the 2 Wireshark instances to collect data from LAN and WLAN. After 6 hours of collecting data I filtered the output and found no CDP messages over WLAN but found a lot of them over LAN. I am not sure what generate the CDP messages over the WLAN, but it seems they are not send anymore. I still don't understand why these messages are send via LAN? are they required in a mesh mode, or can they be disabled? Thou they can only be captured inside the LAN (everywhere in the LAN, since they are broadcasted/multicasted), and they don't seem to contain critical information I would like to reduce the number of messages that can be used to gather network information. I know these messages represent a low/minimal risk, but if they can be stopped I would like mitigate the risk. I know I started this thread to let you know I saw the CDP messages on WLAN. It looks like the scan I did over a work shift didn't reveal any CDP frames over the WLAN. I would do further scans and I intend to let the Wireshark capture packets from WLAN for a week and I will analyse the results. Below, I attached a picture with the result I collected from LAN with private data hidden. The source of these messages are the Meraki APs: Wireshark CDP packets captured
... View more