I've run the PCI test on all my devices but I'd like to concentrate on the wireless controller because I've a little bit experience on that one 🙂
My setup is a V2110 pair running 10.31.04 - all APs are on #1 and #2 is my standby.
As they run in an availability pair all settings should be equal.
The result of the PCI test is that #1 passed with 89% and #2 failed with 5%.
Also the number of test failed in the diagram doesn't reflect the number of failed test in the list of tests in both cases.
Here a screenshot of both results with a filter on failed tests....
Let's get into detail....
failed test#1&2 on both EWCs = secure connections (Disable weak ciphers for secure connections)
On both EWCs (in GUI > Controller > Network > Secure Connections > enable Weak Cipers) the checkmark isn't set = disabled
failed test#5 only on EWC#2 = Default AP modes - strong cluster-shared secret
On both EWCs (in GUI > AP > Global > Registration > Secure Cluster > Cluster Shared Secret) the same pw is set - I think it's the default - in my case MvrDqIeb
failed test#5-7 only on EWC#1 = Implement a strong password SNMP admin user
On both EWCs (in GUI > Controller> Network > SNMP > SNMPv3) the same user snmpuser with default pw is set
Summary: Even both controllers of the pair have the same settings I get different results on the individual test and one controller passes the overall score with 89% and the second fails the score with 5%.
-Ron
My setup is a V2110 pair running 10.31.04 - all APs are on #1 and #2 is my standby.
As they run in an availability pair all settings should be equal.
The result of the PCI test is that #1 passed with 89% and #2 failed with 5%.
Also the number of test failed in the diagram doesn't reflect the number of failed test in the list of tests in both cases.
Here a screenshot of both results with a filter on failed tests....
Let's get into detail....
failed test#1&2 on both EWCs = secure connections (Disable weak ciphers for secure connections)
On both EWCs (in GUI > Controller > Network > Secure Connections > enable Weak Cipers) the checkmark isn't set = disabled
failed test#5 only on EWC#2 = Default AP modes - strong cluster-shared secret
On both EWCs (in GUI > AP > Global > Registration > Secure Cluster > Cluster Shared Secret) the same pw is set - I think it's the default - in my case MvrDqIeb
failed test#5-7 only on EWC#1 = Implement a strong password SNMP admin user
On both EWCs (in GUI > Controller> Network > SNMP > SNMPv3) the same user snmpuser with default pw is set
Summary: Even both controllers of the pair have the same settings I get different results on the individual test and one controller passes the overall score with 89% and the second fails the score with 5%.
-Ron
