For our Meraki MXs, I had to put an ACL in front of them to stop inbound DNS because they were doing similar and are located in public space
Our controllers are all managed in private space and have really restrictive ACL on that management space which helps as well. -Lee From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Johnson, Neil M Sent: Friday, January 17, 2014 1:22 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Cisco LWAP disable DNS resolver We are testing a few Cisco LWAP's and our security office dinged us in a scan because they are acting as open DNS resolvers. I can't find a way to turn that "feature" off. Any ideas ? -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: +1 319 384-0938<tel:+13193840938> Fax: +1 319 335-2951<tel:+13193352951> E-Mail: neil-john...@uiowa.edu<mailto:neil-john...@uiowa.edu> Lync: neil-john...@uiowa.edu<sip:neil-john...@uiowa.edu> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.