SunSynk Data Logger AP still on after configuration
Been struggling with my WiFi at home since getting the SunSynk data logger. The data logger is fully configured and connecting to my WiFi and uploading to the cloud sunsynk.net. Unfortunately after setup it is still has the setup Access Point (AP) SSID active.
Unplugging the data logger restores my home WiFi range and speed.
Plugging the data logger brings back the SSID which affects my home WiFi.
I used a WiFi analyser and the SynSynk data logger dongle is broadcasting an SSID EAP-87968 on 2.4Ghz (40Mhz wide) that is interfering with my WiFi.
I've checked the manual and can't find a way to disable this AP.
This can be seen from the image below EAP-87968/dongle is taking up a large portion on the 2.4GHz band. Since the dongle is configured, it should not be acting as an AP. After the data logger is configured and working, how do I turn off the data loggers AP?
EDIT: As mentioned below, this is also a security issue as anyone in the street can connect with 12345678 and mess with the data logger.
EDIT2: See https://www.sunsynk.org/forum/techical-support/sunsynk-inverter-data-logger-security-vulnerability
As mentioned before I wrote via my installer a paper about the security issues around the Data Logger. This was sent to SunSynk back in August. Until recently the problem had not been addressed and would in my book be classed as "Zero-day vulnerability" not good!
Here are a couple of bits from the paper that was sent to SunSynnk support, to quote:
The above graphic shows a Wi-Fi network scan conducted on the site. You can clearly see the Wi-Fi Data logger “EAP-10895” target network “Blurred out” and the dummy Access Point “Netgear”
We notice that the Wi-Fi Data logger Access Port (EAP-10985) was agile and always seemed appear close to the local target Access Point, furthermore the EAP-10985 seems to be using 44MHz bandwidth not the normal 22MHz, perhaps it is configured for 802.11n? This causes the Wi-Fi Data logger to overlap with the target Access Point thus “de-sensing” its own attempts to see the network it wants to connect to.
We recommend that the Wi-Fi Data Logger (EAP-10985) is changed to only occupy a standard 22MHz slot. It is assumed the telemetry is low bandwidth compared to say video streaming; therefore the wider bandwidth is not required.
There is no way of turning off the Wi-Fi Data Logger's Access Point once configured. This means it continues to needlessly occupy half the already congested Wi-Fi 2.4GHz band. It would be desirable to have the option to deactivate it.
IMPORTANT Security Concern
We also have a security concern as with regards to the EAP-10985 Access Point staying active. The default password is very weak and generic to all units. It would be trivial for any hacker to log onto the EAP-10985 using the default credentials. Furthermore the presence of solar panels on the roof advertises the possible presence of the unit.
It is essential and urgent that the firmware be updated to allow for the password to be changed, or each unit have a unique high strength password pre-set before shipping. The ability to disable the Access Point after setting up the network settings would also work.
If implementing the disable option, there would need to be a way to reset the unit back to factory settings in case of loss of password or the inability to log onto the device via the local area network. An option would be to have the Wi-Fi Data logger Access Point present for only limited time after powering up, It could then self-disable after a set time. This is of course in the absence of a reset button, which we didn’t see at the time of writing.
Thankfully it looks like there has been some movement on the problem as for me at least at my location the Data logger Access point seems to have disappeared. I did have a firmware update done a few weeks back. It maybe the firmware for the data logger was also updated.
The Data Logger is reporting:
Hardware Version: AEW2-0005-03
Software Version: 4790123201R