Connecting to n-devs-smb.tplinkcloud.com AND n-deventry-smb.tplinkcloud.com - UNACCEPTABLE
My OPNSense FW is blocking connection back to
n-devs-smb.tplinkcloud.com
n-deventry-smb.tplinkcloud.com
This is unacceptable to have this calling home and it looks like using smb across the internet, clearly unsafe and since I don not use cloud based is a breach in GDPR since I have not authorised said software from connecting to these domains. Also looks like developer entry points!!
Please advise that this will be taken out on the next firmware upgrade or of required, then only those whom choose to use cloud based solution\updates and so forth.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi All,
The following EAP firmware version released last week (on June 9, 2022) have added support to disable cloud-connection behavior.
EAP245_V3_5.0.6 Build 20220429
EAP225_V3_5.0.9 Build 20220429
EAP225-Outdoor_V1_5.0.9 Build 20220429
EAP265HD_V1_5.0.6_Build 20220429
More new firmware will be released afterwards, stay tuned for updates.
Note:
1. The button to disable cloud-connection behavior is added on Omada Controller v5.3.1 and on Standalone GUI.
2. The OC200/OC300 with controller v5.3.1 is delayed due to a major bug (it's not existed in the software controller v5.3.1), will be released soon once the bug it's fixed. Please wait patiently. Thank you for your great patience and understanding.
Update:
The OC200/OC300 with Controller v5.3.1 has been released on July 25, 2022. Please check for an update.
BTW, this topic post will be actively updated to notify the latest firmware release for Omada Controller, welcome to subscribe!
- Copy Link
- Report Inappropriate Content
That took a bit to find. Not so much a "button" but a check box hidden in the "About" box and defaulting to on.
Now if you could stop it doing this on bootup :
Jun 13 16:16:03 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time-nw.nist[dot]gov from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time.windows[dot]com from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time-a.nist[dot]gov from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time-b.nist[dot]gov from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time-ios.apple[dot]com from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time.apple[dot]com from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] time.asia.apple[dot]com from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] 0.android.pool.ntp[dot]org from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] 1.android.pool.ntp[dot]org from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] 2.android.pool.ntp[dot]org from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] 3.android.pool.ntp[dot]org from 192.168.3.64
Jun 13 16:16:03 dnsmasq[4171]: query[A] pool.ntp[dot]org from 192.168.3.64
And this for the remainder of the time :
Jun 13 07:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 08:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 09:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 10:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 11:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 12:06:45 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 13:06:46 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 14:06:46 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 15:06:46 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Jun 13 16:06:46 dnsmasq[4171]: query[A] time.nist[dot]gov from 192.168.3.64
Why is it issuing queries for NTP servers when it has 2 configured and functioning ntp servers on the network?
Edit : Had to edit the last dot out of each address to get past the filter.
- Copy Link
- Report Inappropriate Content
@Fae Okay cant test cause I use OC200 V1
- Copy Link
- Report Inappropriate Content
I redirected NTP calls to external sources to my NTP server on the NAS but yeah those NTP servers are frickin annoying in the FW logs AND why soooooo many
- Copy Link
- Report Inappropriate Content
Pugs wrote
I redirected NTP calls to external sources to my NTP server on the NAS but yeah those NTP servers are frickin annoying in the FW logs AND why soooooo many
I have all my embeded devices on an isolated subnet with a dedicated local-only logging dns server. The WAPs happily pick up their time from the local NTP server they are configured for, but they also try and hit a whole list on startup and then hit time_nist_gov every hour regardless.
That's not nice behavior, particular for the poor owner of the NTP server they're hitting.
TP-Link even have form (along with another long list of offenders) at ntp server abuse. Tried to put links in, but blocked at every turn by the forum.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Dear @Pugs,
Pugs wrote
Any further news on this please (and compatible with OC200 V1)?
The OC200/OC300 with Controller v5.3.1 has been released on July 25, 2022. Please check for an update.
And the current latest Controller version of OC200/OC300 is V5.5.7, you may check more details from Here.
BTW, this topic post will be actively updated to notify the latest firmware release for Omada Controller, welcome to subscribe!
- Copy Link
- Report Inappropriate Content
What about the Omada Software Controller?
Not only does it ignore the option when set to not use the TPLink Cloud, it doubles down by bypassing the local network DNS servers by using hard-coded external DNS servers! This is beyond unacceptable!
As an example, this log file containing 87 hours of logs shows 4,231 DNS queries attempting to bypass by local network's DNS servers:
# egrep "n-deventry-smb.tplinkcloud.com|n-use1-devs-smb.tplinkcloud.com" /var/log/messages | grep query | wc -l
4231
That's an average of 49 queries per hour over the 3.5 days from Omada Software Controller v5.9.9!
With Cloud Access disabled:
Why has this not been addressed as well, and when will it be stopped?
- Copy Link
- Report Inappropriate Content
Hello @Skavoovie
- For Omada Controller v5.7 or earlier version:
Please go to Settings > Controller, find Allow Data Collection at the very bottom and toggle it off, then Save.
In addition, with Controller / Devices Update Notification or Upgrade Schedule enabled, the controller will query the cloud for controller / device firmware updates. If you don't want your controller/device to query the cloud, please go to Maintenance and Services separately to verify they are not enabled.
- For Omada Controller v5.8 and later version:
In Global View, go to Settings > Controller Settings to disable Controller / Devices Update Notification at User Interface, and find Allow Data Collection at the very bottom and toggle it off, then Save.
- Copy Link
- Report Inappropriate Content
Thank you for the fast reply.
All 3 settings are and have always been disabled, going back many release versions:
And the admin account is a local user type:
I see no settings in Maintenance similar to what you describe -- only "Backup & Restore", "Auto Backup", and "Export for Support" sections. This is the Ubuntu DEB file image.
I have clicked through every possible link in the entire interface multiple times on multiple occasions -- any setting that is remotely connected to something outside my local network or is a cloud-related setting has always been disabled.
What other settings can I review or change?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 4
Views: 8724
Replies: 48