EAP245 looking for omada controller
I have 2 EAP245's and they are working fine with 4 VLANs. The issue for me is these 2 AP's take turns hammering my router with UDP packets looking for the Omada controller.
I discovered this by checking my firewall log. I have a logged reject rule just before my drop rule to help with figuring out issues with LAN clients and it's plugged with these rejected packets. Literally every 2 seconds so you see the issue. I only have 2 of these AP's. I have zero need for the Omada software nor an always on machine to run it on. I can see no way to disable these requests for the controller. Is there a way?
Thanks
Mongoid
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hey
Unfortunately this is not something that can be disabled on the EAPs.
By nature the EAPs are designed primarily to be used with a controller and will therefore look for one at regular periods, this is expected behaviour and cant be turned off. Likely the packets are frequent, but very small and should have little to no effect on your LAN traffic, if you have these blocked via your firewall then that is likely the best choice for you
- Copy Link
- Report Inappropriate Content
Hey
Unfortunately this is not something that can be disabled on the EAPs.
By nature the EAPs are designed primarily to be used with a controller and will therefore look for one at regular periods, this is expected behaviour and cant be turned off. Likely the packets are frequent, but very small and should have little to no effect on your LAN traffic, if you have these blocked via your firewall then that is likely the best choice for you
- Copy Link
- Report Inappropriate Content
I’m with you on this. These and other TP-Link APs can work without an Omada controller. Use of a controller is optional. The fact that the APs always look for a controller appears to me like a sloppy implementation.
Anyways, try to block those broadcasts with ACLs at the port level. That’s what I’ve done. Actually, I’ve also blocked several HTTPS sessions my APs (EAP660HD) try to establish with some unknown Internet services.
- Copy Link
- Report Inappropriate Content
Thanks for the replies folks.
Yeah seems like an oversight. A simple slider on the management interface would do the trick one would think. Are you using Omada controller? Yes. No.
I get it if you are using a pile of these in a particular environment, it would make sense to use the controller.
This is a home network with 2 remote workers so there are 8 separate VLANs and it's getting done with these, a cheap Mikrotik router, and a pair of super cheap TP-Link Smart switches. Couldn't have set this up at this price point, with these features from any other manufacturer. I do wish those switches supported a management vlan but it is a non issue in my house.
Mongoid
- Copy Link
- Report Inappropriate Content
No, I don't use Omada controller. Check the manual for your switches. Even smart switches can support ACLs. A management vlan is not necessary for that.
- Copy Link
- Report Inappropriate Content
Yes I have blocked the requests in my firewall on my Mikrotik with another drop rule to keep it out of the rule i log.
I was wishing the switches I am using (SG108PE), supported a management VLAN. They do not.
You can connect to any port on the switch with an IP in the management range and be presented with the management login.
This is a no-no in a larger environment but not an issue in my house.
I think the constant packets from the EAPs just triggered my "network OCD"
Mongoid
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 711
Replies: 5
Voters 0
No one has voted for it yet.