IMPORTANT - tenanted leakage

FrankIversen
FrankIversen Posts: 92  Ally Member
edited April 14 in Nebula
Hi.
We just registered a new switch to a customer. we get an erorr in the nebula app saying "this device is already registered".
So we chose "great, yes, do that" and press OK. Then a switch, which is online, is showing up. it is not our switch. We get all the information on the swtich (ports used, mac/ips etc.) and we can see the public wan. the public wan adress points to an unknown ip-adresse in our country.

We try to register the switch again, this time from the qr-code on the switch itselfes, not on the box. then it works. 
Now we have 2 devices. On is our regular switch, the other switch is the another company.......

I suggest you contact me directly for showing you the details. We will have to fill a blanket for a GDPR situation here.

All Replies

  • FrankIversen
    FrankIversen Posts: 92  Ally Member
    we have also created a more detailed ticket on [email protected] with #158081   Please check the information we have provided there.
    Thanks.
  • Zyxel_Jason
    Zyxel_Jason Posts: 280  Zyxel Employee
    Hi @FrankIversen ,

    Thanks for your feedback.

    I will PM you for the following detail information for this case, so we can check the logs on our server.
    • MAC address and S/N number of the Switches.
    • The picture of the QR-code
    • The organization/site name which the Switch is registered to now.
    Please also enable Zyxel Support at Help > Support request page to let our account can access your organization.

    Kindly check your Inbox later.

    Jason
  • Zyxel_Jason
    Zyxel_Jason Posts: 280  Zyxel Employee
    Hi @FrankIversen ,

    We find that there is a mismatch between QR-code and MAC/SN sticker of your Switch brown box.
    We are now working on it.

    Sorry for your inconvenience.

    Jason
  • FrankIversen
    FrankIversen Posts: 92  Ally Member
    the mismatch is one thing. but the ability to transwer a switch from a tenant we do not control is not good at all. that is a big securityhole.
  • Zyxel_Jason
    Zyxel_Jason Posts: 280  Zyxel Employee
    Hi @FrankIversen ,

    First of all, sorry to make you confused and thanks your feedback to have this security concern.
    The feature "User can scan QR-code on the Nebula device via Nebula APP to register to his/her organization/site directly" is based on the motivation below.

    Motivation:
    To let the second-hand device can be faster and more convenient to be registered by the new user if the previous user didn't unregister from his/her organization.

    Why is QR-code?
    We make this mechanism on "Scanning device QR-code via Nebula APP" because we think it can prove the Nebula device is actually on the new user's hand.

    For this case, there is indeed something wrong at the rework process for your device, so it causes the QR-code is mismatch.

    Jason
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!