PurpleAir-XXXX wifi still showing up even though device on our wifi

Hello All – I am trying to figure out why my PA-II built-in wifi is still showing up even though the device is connected to our wifi and shows all good when connected.

I read in the docs that once the PA-II is connected to your wifi the built-in wifi will be turned off but I clearly still see it and can connect to it while it still connected to my wifi and when I do I can see what wifi the device is connected to.

Anyone have any insights into this and/or why the PurpleAir-XXXX network would still be showing up?

Hi @PushingCupid8, what brand of router are you using? Is it an Eero router?

Also, the PurpleAir-**** network will disappear after it connects to WiFi with an internet connection. Is an internet connection currently available? You can test this by trying to browse the internet on a mobile device with mobile data disabled.

Hi @Ethan - Thank you for the response. Let’s see I have a opnsense hardware appliance that handles my routing.

Ahh OK so it has some kind of internet connectivity check for disabling the PurpleAir-XXXC wifi. Do you happen to know what ip/dns the purpleair device calls out to for internet connectivity validation? I can dig in my firewall and/or dns logs to see if something is blocking it. Oh I suppose I can go check those now even but having the info from you would be great as well.

Thank you again for the assist.

It would appear I am in the same boat. My sensor is connected (I see it in my router devices), my laptop is connected to the same network, but the purple-xx network won’t go away.

Check your ip addresses. If you’re using the 192.168.4.x subnet, you’ll have this issue.

Hi @Ganon thanks for tip. My device is on a different subnet than that but good thinking.

One thing I did notice while working on a a local data scraping project is that my device returns within the json which seems to make me wonder more about if the device is calling out to somewhere that I am blocking in my network. I havent dug too much into finding out what its calling out to yet.

 'httpsends': 16,
 'httpsuccess': 0,

Same situation here. My sensor is showing and updating on the map, and I also have a network PurpleAir-xxxx on my network list. I can connect to the PurpleAir network, and get the PurpleAir config screen which says “WiFi Connected Looking good!” I’m not using 192.168.4.0 subnet. My network to which the sensor is successfully connected has internet access, which is why the sensor shows on the map. (And the map shows signal strength “good”).

@Ethan wondering if you all have heard any other complaints about this issue?

If nothing else, this seems like an unacceptable security vulnerability because anyone in range can connect to my sensor and tamper with the settings.

If nothing else, this seems like an unacceptable security vulnerability because anyone in range can connect to my sensor and tamper with the settings.

Could be worse.

@PushingCupid8

Are you running piHole, maybe? Double NAT?

I am def running PiHole on every VLAN in my network. :smiley:

So I just need to figure out what is being blocked that the device is trying to talk to outside of my network to to validate connectivity to then turn off the built in WiFi.

Anyone happen to know what that is? Maybe a subdomain of purpleair.com or an ntp server maybe?

This is a valid point and to even extend that further what if the person connecting to device can figure out how to extract the user wifi password from the plaintext file it is being written to on the device. This could potentially be done using a directory traversal attack (Path Traversal | OWASP Foundation) against the web front end. Not sure if PurpleAir has had any security testing done.

Then said attacker would have access to your wifi network. Which is also why I have all my IoT devices on a VLAN restricted to only Internet vs any Intranet access and trackers blocked as well as monitoring in place.

How can this behavior be disabled?

I have a site that may not have internet connectivity all the time, but I can’t have these devices broadcasting an open wifi network. As mentioned elsewhere, this is a security concern; the device could be reconfigured by anyone who connects it, or in the worst case a security hole might reveal the wifi password.

To clarify, the desired behavior is that the device does not broadcast an open wifi network after the device is registered, regardless of its wifi connection state or internet connectivity state.

In the case that a device reset is needed, it’s easy enough to create a password-protected “PurpleAir” hotspot that the device will connect to on boot, for reconfiguration.

Thanks

I had this issue (192.168.4.x subnet) using an eero router. In case it’s helpful to others, I resolved the issue by adding the sensor to my eero’s guest network, which caused the device to be in a different subnet.

I’m having this issue. Running an Untangle firewall with UniFi APs. Device is showing up on the map so I know it’s connected to the internet. Not using 192.168.4.x subnet.

Edit: Looks the UPD indicator is red (Update Server). I don’t see it being blocked in the firewall. Restarting the sensor doesn’t solve it. Any suggestions?

I have the same problem. No matter how many bars are shown on the map for my device connectivity, the sensor is still broadcasting its own network. I am wondering if PurpleAir is even monitoring this community as they are clearly not addressing their customer concerns. No password on the sensor, broadcasting for anyone to hijack the sensor … what other security issues have you hidden in the sensors? Hello PurpleAir, we are providing the data for your advertising map; we are providing the power and the network! How about you start fixing the things that might force us otherwise to take the sensor of the map?