Any body esle’s Bond transmitting the unsecured setup Wifi SSID? I was setting up a new WiFi device this weekend and noticed the Bond WiFi was available but shouldn’t have been as my bond was working fine although still on the 2.6.10 firmware.
Hey Terk, the intended behavior is that the SSID re-enables after initial setup only if the Bond has no internet connection. The intention here is that if, say, an incorrect password is provided, the Bond can be set up again without a reset. The token lockout should prevent use of the API to unauthorized users.
However, if your Bond is functioning correctly, you definitely shouldn’t see that SSID. A couple questions to help debug: does your Bond’s serial number start with A, B, or Z? Is the Bond connected to the internet or are you just controlling it locally?
The serial number starts with A, it is connected to the internet and I could control it remotely. Just before you replied I rolled the app and firmware back to production levels to see if it would make a difference, however I’m not at home at the moment to know if it stopped broadcasting its network. When I get home I’ll verify and probably put the Beta app and firmware back on to see if it starts broadcasting again. Thanks.
Okay, definitely sounds like a bug! Thanks for the report, if you learn anything more about the behavior, let me know. I assume that for some reason the Bond is unable to detect that it’s connected to the internet.
Updating to the most recent beta firmware (v2.6.21) may change the behavior, as the logic was changed (though not with this specific situation in mind…). Downgrading to the production firmware (well, any v1 firmware) should also prevent this from occurring, as the V1 firmware would never re-expose the config AP.
FYI: for me, neither of my Bridges (BD & ZZ) nor my Smart by Bond (KMBL) is broadcasting the config SSID.
Mine still shows “Bond Config Aserial#.” as an available WiFi network, but it is still at firmware 2.6.10-beta as it failed to load the old firmware. It also won’t update to the new firmware due to the same aww snap error 0x18100, only it fails much quicker when trying to go to the newest beta.
Mine is still broadcasting it’s SSID as well: Bond Config ZZ***
I am having the same issue on KNKSADE42654 fan kit. 3 of them. All doing the same thing.
1 Like
I am having the same issue, my bond bridge is broadcasting the config network. I just bought it a month or two ago. It is connected to my network fine, it’s working to control my devices so it shouldn’t still be in configuration mode. I’m on the latest firmware 2.15.8 @jacob is there any fix for this issue yet?
1 Like
I’ve just noticed this recently on my unit as well. ID begins with ZZ. Any word on an update?
1 Like
Same issue. On firmware 2.29.1.
2 Likes
I too have a Bond Bridge v2.15.8 that is connected to my wifi but still advertising the SSID to setup while it is functioning with no issues with the mobile app and my Insteon home automation system.
1 Like
We just released beta firmware v2.29.0-beta which should fix this issue @macbannai .
I think that’s a typo? We’re only up to v2.29.0 as of today.
Yeah probably a typo. I’m on a later firmware now and don’t see this issue anymore.
I am having this issue where the WiFi SID is broadcast with a ZZ. Connected to the internet and works fine, just broadcasting the WiFi continuously. Firmware 4.7.1.2.
Suggestions?
The “Bond Config ZZ…” access point should only open up if the internet connection drops. This is the same pattern used by Google Home / Nest products.
Are you seeing this in the network list of an OS? Or on some kind of Wifi scanner? We do send a hidden network beacon packet every 60 sec even when the internet is connected to workaround an issue in the wifi driver, which looks bad but only shows up on the scanner and should not cause interference.
The “Bond Config ZZ…” access point should only open up if the internet connection drops.
So there is still no way to disable this? I run all IoT devices on a segregated VLAN with no internet access and with local control from a Home Assistant server running on a hardened VLAN. If there’s no way to disable this WiFi because the device is blocked from the internet I’m going to have to return it as it creates a security concern.
@house.stonebridge @Catalyst21 We took another look at this, and we think that we have found a way to fully disable the Config AP without disrupting the station interface.
You can now install v4.7.14-beta from the Beta Firmware Channel (available for Bonds with 9-digit serial numbers starting ZZ or ZP, that is, models BD-1000 2nd gen and BD-1750). The change is to now fully disable the Config AP rather than setting it to hidden with the maximum beacon interval. Although this has worked for us in testing the last few days, I’d like to ask that you try this firmware and see that it runs stably for you.
In the interest of transparency (and also selfishly thinking that someone might actually try this also on their home system): the specific quality risk occurs when the internet connection is disrupted for ~90 sec (such as unplugging the wifi AP, or temporarily blacklisting the Bond’s MAC) and is then restored. What we expect to happen is that the Config AP appears 60 sec after the Wifi connection drops, and then disappears 30 sec after the Wifi connection is restored (assuming that no clients have associated to the Config AP). This is similar to the pattern used by the Google Nest products.
Regarding the security concern: it is true that when the Config AP is available, someone could connect to the product and (if the token is unlocked or known) potentially control devices attached to the unit. However, Bond products are not configured to route traffic, so there would not be any connection to the internet or access to other devices on the network unless the attacker was able to reprogram or otherwise attack the Bond to run custom code.
1 Like