Packet Protector PP089: Hidden Wi-Fi Misconfigurations and Wi-Fi 7 Issues to Be Aware Of
8 snips
Dec 2, 2025 Jennifer JJ Manella, a wireless networking and security expert, dives into the murky waters of WLAN misconfigurations. She reveals the perils of peer isolation and the critical balance needed for guest networks. JJ discusses the nuances between WPA2 and WPA3, stressing the importance of careful device migration. Misconfigured RADIUS setups could expose credentials, she warns, emphasizing the need for stringent certificate validation. The conversation also covers upcoming Wi-Fi 7 features and the client stickiness that could complicate deployments.
AI Snips
Chapters
Transcript
Episode notes
RSA Venue Exposed Wired Infrastructure
- At RSA, Jennifer and Drew scanned the venue Wi‑Fi and found broad visibility into other systems due to missing isolation.
- The venue's network allowed connected clients to see office infrastructure because peer isolation was not enabled.
MPSK Is A WPA2 Workaround
- Multiple-PSK schemes (MPSK/PPSK/etc.) are vendor-specific workarounds tied to WPA2's passphrase model and not standardized.
- Moving to WPA3 and 802.1X is the more future-proof approach, but use a separate WPA3 SSID and migrate devices gradually.
Match SSID Segmentation To Network ACLs
- Verify that each SSID maps to distinct VLANs and that routing/firewall ACLs actually block unwanted inter‑VLAN access.
- Follow the packet from client IP to gateway to confirm where filtering must be applied.