This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The WLAN device can access the zone director ftp service in the pre-authentication phase under the web / captive portal

fung_kwong
New Contributor

‎03-30-2021 02:48 AM

We have a problem about the The WLAN device can access the zone director ftp service in the pre-authentication phase under the web / captive portal. Even I disable ftp anonymous but it is a concern about the port is still open and it seem no any alert or event log trigger if anyone access the ftp service.

I submit a case to the Ruckus support and the reply as the following:

The guest device are able to reach the controller before entering the guest pass / web / captive portal . Once the user gets an IP after the DHCP DORA process, the user will be able to ping the controller or FTP into the controller provided he knows the credentials before the authentication. The ACLs are applied post-authentication. Controller can create the policy, but it cannot apply the policy pre-authentication of the user.

Would you have any idea about this case? Because it is a security issue in my view.

0 Kudos
5 REPLIES 5

fung_kwong
New Contributor

‎04-07-2021 01:27 AM

For more information. In the post-auth phase of the guest-pass, I try to access the zone director from the guest device through ssh and the management web GUI but the result is blocked. Only ftp service is allow to connect.

0 Kudos
Copyright © 2024 Khoros, LLC