Hi @briocheBrad 

briocheBrad wrote

  @Clive_A 

 

This is a terrible response.

You can make all the same arguments about Omada. Free as well as paid, need to depend on someone else to host it, and GOD FORBID you tech support answer any questions. And you redirect to a post about Cloudflare Zero Trust Tunnel... also a paid, third-party hosted solution and completely unhelpful.

 

The comments in that thread nail it... the industry is moving in this direction and TPlink is moving to irrelevancy. It would be better to ignore your customers' requests than respond with barely veiled hostility that showcases your ignorance. You clearly do not understand the problems solved by these technologies or the technology itself. IPsec plays no role in Tailscale, Cloudflare ZTT, or Wireguard.

 

Please instead respond to a request like this with
"We do not trust that any of our customers have deep networking knowledge or the ability to perform research or read documentation. We do not want to have to support customers with a new technology. Instead we have chosen to use half-implemented legacy VPN technologies because we already have the unhelpful 'help' pages we can paste in response to a support request with minimal effort. It would be too helpful and not in line with our reputation to direct customers to Tailscale's vastly superior documentation"

 

For anyone interested, you can use Tailscale with Ubiquiti...

That is really interesting.

If you are telling me that you can install a Github repo on the UBNT system, then that's not native support. Same for us. That's likely to be a recompile to adjust for the system. But we do not support "wget" in the system or open the system to the public as some other vendors do. Many vendors do not open the system for the sake of stability. That's the orientation of a brand and you probably should know that as you look like to be a pro user.

I am totally aware that any of the open-source systems can install the Tailscale as it supports LINUX. I am using Tailscale on my devices and open-source router OS for testing purposes. It has been great for me to use the Tailscale installed on 6 computers I own as "unattended". But I don't agree with this has to be available on the Omada.

1. The system got a VPN now and can relay you properly. 

What would be the reason for getting the Tailscale as a top-priority task? Or what kind of feature the router does not have to amend the loss of Tailscale misplacement while you have the VPN function available?

2. Yup, new tech, if you want to catch the latest newly released tech, I'd recommend you consider a server in your home/business instead of a pre-built router. That's really not gonna work out if you use a pre-built and commercial product.

3. For us, we need to evaluate several perspectives, and think in a company shoe?

• Security.
• Followup update to the service.
• Cost of hardware resources.

Should we evaluate if the Tailscale is safe for the people who use the system? I know third-party or plug-ins are wonderful to have. But when you add more third-party stuff, you got more security work to do. We so far have not considered it because it is supposed TBD from this perspective.

Not only from the security perspective, of course, you can use the free server from the Tailscale. Is your business supposed to rely on a third-party server? Ain't the security worry you if you rely on their server?

The most common models we have tend to have a low flash and you might have trouble with adding the third-party stuff to it.

https://openwrt.org/docs/guide-user/services/vpn/tailscale/start#installation_on_storage_constrained_devices

With a brief reading alongside the specs of the routers we have, I think you might understand this.

We are not gonna risk adding a single feature to abandon the rest of the features.

Our business partners and market team of the local TP-Link have not received Tailscale feedback. The request on the forum has been recorded and counted. We don't think this fits the strategy and orientation of the product as of now. This feature is not on the roadmap in the short term.

Hi @Harbourcoat 

Harbourcoat wrote

 @Clive_A 

 

I appreciate your detailed response and the challenges you outlined regarding Tailscale integration. However, from a balanced perspective., I believe several points should be addressed

 

1. VPN Features vs. Tailscale

While Omada's built-in VPN options are functional, they don't fully address modern networking demands:

• Ease of Use: Tailscale eliminates the need for port forwarding, dynamic DNS, or complex configurations, which can be hurdles for non-technical users.
• Device Connectivity: Tailscale effortlessly links devices across NATs and firewalls, a feature traditional VPNs can struggle to replicate.
• Identity-Based Security: Unlike IP-based access, Tailscale leverages user identities for access control, improving security.

Could a feature comparison between Omada VPN and Tailscale help highlight specific gaps?

 

 

2. New Technology Adoption

You mentioned new tech being better suited for custom solutions or open-source routers. However:

• Tailscale isn't "bleeding-edge" anymore; it's a stable, widely adopted solution.
• Competitors, like Ubiquiti, actively support advanced integrations, making TP-Link appear less progressive.

Integrating modern solutions doesn't mean abandoning reliability. Instead, it positions Omada as forward-thinking and aligned with customer needs.

 

 

3. Security and Third-Party Dependence

Concerns about third-party servers are valid, but:

• Tailscale allows users to self-host their coordination servers via Tailnet, mitigating reliance on external systems.
• WireGuard, the foundation of Tailscale, has been proven secure and efficient.
• Tailscale's approach can coexist with TP-Link's security measures rather than replace them.

Would offering optional support for Tailscale address security concerns while giving users flexibility?

 

 

4. Hardware Limitations

Low flash and hardware constraints are understandable, but:

• Such limits don't constrain many Omada hardware users and seek advanced functionality.
• Documentation and community support (e.g., OpenWrt) demonstrate that Tailscale can run even on modest devices.

Could TP-Link consider selective support for higher-tier hardware?

 

 

5. Customer Feedback

If Tailscale support isn't on the roadmap, it's crucial to clarify:

• How is customer feedback being evaluated and prioritized?
• Is there an opportunity for the community to contribute to specific features?

Many users appreciate transparency and would support initiatives that reflect their needs.

 

 

I hope these points offer constructive feedback for future planning. Tailscale support could be a significant value-add for Omada, aligning it with modern networking trends and customer expectations.

 

Best regards

The forum only provides one of the windows of feedback and market research.

It is not the only source to be researched. Most of the features you see now are results from the contract users. Only very a few features are proposed and implemented by forum. Some overlaps with our contract users and it happened to be planned which might give you a feeling that is considered.

We do not provide feedback if there is no plan or roadmap details to the requested feature. Or I will reply to it directly.

We do not have plans in implementing features like Tailscale. Or any relaying to the third-party server stuff.

I think that's not true in transparency.

It is impossible to get a positive result on every request. Most requests I know are merely a perspective for his/her own good. Some of the features are not fitting the overall design or the product market. Basically, that's hopeless to ask for it. We are not going to make everything-in-one or all-in-one. This is not an open-source system. I would recommend you consider Openwrt or any LINUX system to replace this if you have needs for many third-party features installed. 

I did not reply because this is no need to further discuss this. We don't have plans for features like this. And I did not tag it because it is not planned or considered.

Main goal and roadmap is to implement IPv6 and routing related features.

Since I did not read the first four points. I did a reverse reading on your points. You are not thinking on the right track. It looks like ChatGPT generated as well. No offense. But these are not convincing and it really looks like GPT generated contents.

I am aware that things like Tailscale has come around for a decade or more. But it does not make it safe. It requires frequent update with the Tailscale server and I believe security is definite an issue for you guys afterwards.

We are really sensitive to third-party stuff. If they don't play well, it would only damage the overall brand.

Hardware of course matters. And it DOES constrain users. ER605 V1 has eneded its life due to the low flash. Supposedly, it should have been added with several features. But it is EOL now. ER7212PC V1 is facing the same situation here with low memory and flash.

Some models have been reported to boot up slowly due to the enormous configs on them.

As the user, you of course do not think about the aspect of security. It is the tunnel vision that you are trying to get this and only this feature implemented. Rest of the stuff is not under your consideration. Product market, orientation, future update and maintenance or maybe compatibility.

I use Tailscal and I host my own server on a VPS which has a public IP address. I own a public IP but I don't want to integrate everything in one so I chose the VPS instead. That's what I called not-to-get-everything-in-one.

Regarding what you said that our attitude to the new tech, we are not a company in catching up the new stuff. For the AP, that's fine to catch up the new WIFI 7 or 8. But for the router, the track is not about the new stuff. Business is not about the new stuff. Business devices is about the stability.

How does UBNT support Tailscale? I recall UBNT official firmware never officially support Tailscale. Things are Github based by running some kind of scripts.

Fun "fact"(maybe), from what I read about it, the maintenance is not done by the official but users. Config seems to be done by CLI, which you have access to the root path and its folders. We have never supported any commands like that.

And we are always the same attitude to the system openness. If you are familiar with the router system, we are a rather closed system and we limit users flushing the original system to OS like Openwrt.

If the system is open to that level, you basically can install and change anything to it. And you are gonna be responsible for the system maintenance as you can change the sensitive files in most paths.