ZyMesh open network once Smart Mesh was enabled on 3 AP
Hey Zyxel community!
Just wanted to ask you about some odd thing I noticed while I was setting up SmartMesh (2x NWA50AX + NWA55AXE)
When finally got it working I scanned to see how DCS is working on 2.4GHz channels.
All Ap's are creating some weird HIDDEN networks which according to inSSIDer software are all unsecured/open
Did you notice the same? What is it? Why is it open?
Accepted Solution
-
Hi @Mar_Cin ,
Regarding the hidden "smart-mesh" SSID:
This is a one of hidden SSID broadcasted by the Root AP to allow Repeater APs to connect.It can be manually detected, however if you try to connect manually, you'll notice the connection is immediately rejected.
The reason is that security measures for "smart-mesh" SSID is Open authentication + MAC filtering. Only Zyxel APs within the site can authenticate and use this SSID.
Security assurance: Due to these restrictions, there are no security concerns associated with this hidden SSID.Judy
See how you've made an impact in Zyxel Community this year!
0
All Replies
-
Hi @Mar_Cin ,
Could you share which AP management mode are you using, Nebula cloud or Standalone mode?
- For APs using Smart Mesh on Nebula: The Mesh profile is generated automatically as shown
- For APs using WDS Mesh in Standalone mode: You can add Pre-Shared Key to the WDS SSID profile.
Judy
See how you've made an impact in Zyxel Community this year!
0 -
I'm currently on Nebula management system.
I installed inSSIDer on other PC machine and it shows the same…0 -
Well, I run 'show running-config' on all AP's and each one of them returned this:
So seems like everything is correct and maybe inSSIDer is not?
0 -
Alright…
So.. Windows also sees that network as open…
What to do with that..? I'm really concerned about network security now…
Please help.0 -
Ok, another update…
My computer was able to connect to that 'hidden' and OPEN smart mesh network with ssid 'smart_mesh' with no issues (manually entered ssid name). There was no internet connection as this network is for internal AP communication (I'm guessing now). Am i right?What other potential threats might occur due to having access to open network with smart_mesh enabled?
0 -
Hi @Mar_Cin ,
Regarding the hidden "smart-mesh" SSID:
This is a one of hidden SSID broadcasted by the Root AP to allow Repeater APs to connect.It can be manually detected, however if you try to connect manually, you'll notice the connection is immediately rejected.
The reason is that security measures for "smart-mesh" SSID is Open authentication + MAC filtering. Only Zyxel APs within the site can authenticate and use this SSID.
Security assurance: Due to these restrictions, there are no security concerns associated with this hidden SSID.Judy
See how you've made an impact in Zyxel Community this year!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight