FUTURE BUYERS BEWARE!!

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

FUTURE BUYERS BEWARE!!

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
80 Reply
Re:FUTURE BUYERS BEWARE!!
2020-07-18 11:18:20
I agree and i need my money back, because In Deco E4R, the 5 Ghz Does not work even after the 5g option is on. check my post and you will see
  0  
  0  
#87
Options
Re:FUTURE BUYERS BEWARE!!
2020-07-18 16:03:09

@realjax 

That might explain some of the nonsense I've experienced in the last 24 hours, including IP addresses moving so you have to find them before web connection, so thanks. 

 

I think the problems I've found are serious enough to warrant warning buyers on Amazon, the source I bought from.  The intention is to save others from the frustrations I've experienced and give people back a few hours in their lives.

 

For some customers, these defects aren't an issue but if you want to manage your network rather than submit to TP-link...

 

Wish I'd seen your post before I bought. 

  2  
  2  
#88
Options
Re:FUTURE BUYERS BEWARE!!
2020-07-19 17:02:05

@realjax I’ve been following this topic but I have the e4. I’ve tried everything but the deco always shows the red light when I join the network. The hub is in modem mode and the unit set to router. The deco Wi-Fi is visible to all devices. It all works when the hub is set back to router mode but then I have to use a different SSID which defeats the object as all my devices search for the hub’s SSID. The MAC clone won’t work as the laptop never sees the internet in wifi mode when the hub is in modem mode. Changing dns to 8.8.8.8/8.8.4.4 has no effect either. I’ve initiated the devices in the order described - no result. It looks like it's time to rebox the units and send them back. What a waste of time and money.

  0  
  0  
#89
Options
Re:FUTURE BUYERS BEWARE!!
2020-07-19 18:58:52 - last edited 2020-07-19 21:34:50

@pemass48 

Mine are boxed and going back to Amazon tomorrow. Just ordered some Netgear Orbi units. From my reading they're much better behaved/more mature products.  They use half the electrity of the Deco 9 Plus too. Thats $50 a year I can spend on a very decent bottle of wine. Win win!!

  0  
  0  
#90
Options
Re:FUTURE BUYERS BEWARE!!
2020-07-19 21:43:50

@Kook 

 

Summary: The Deco P9 is working in AP mode with another device to act as the router for me and and very happy now that I do not have to worry about the security of the TPLink Deco products since they are not connected directly to the world.

 

Not sure I have the time or patience while working from home to deal with waiting on their support.  My network has been stable after I moved the P9's into AP mode and put a Ubiquity UniFi® Security Gateway as my main router.  It can actually acheive a 500mbit download speed to max out my connection when connected via a wire which the best the P9 could do was ~300mbit/s.  I after makign that change I did discover another device that was also causing some network instability as well.   I was using this "www.amazon.com/gp/product/B07KTYWHS8" as a docking station to only have one connection for power and ethernet which when uplugged will for some reason cause a network outage.  With the network being so unstable it was not possible to figure that out before.  

 

So yes, I would still not buy the P9 to be a router and I do recommend think there are some better similar priced products out there. The ability to actually troubleshoot issues like that are completely beyond the Deco P9 software.  The Deco P9 system logs cannot easily be exported in mass to look for odd issues on the network. There is no valid way to see what the systems CPU load is at any point in time. They do not even support SNMP or any other standard monitoring API.  

 

Security wise TP Link needs to upgrade the version of dropbear to support new safer key exchange types. 

https://weakdh.org/logjam.html

https://blog.gdssecurity.com/labs/2015/8/3/ssh-weak-diffie-hellman-group-identification-tool.html

This makes me think that TP Link does not take security seriously or there are some geographical location reasons that TP Link is leaving these products vulnerable.  

 

The reason I suspect this is that the only key exchange methods offerred are diffie-hellman-group14-sha1 and diffie-hellman-group1-sha1 which were disabled by default in the "

2018.76 - 27 February 2018" change.

$ ssh admin@maindeco
Unable to negotiate with 192.168.1.239 port 22: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,kexguess2@matt.ucc.asn.au

 

The reasson they do not want people gaining console access to their products is because they do not want to advertise how out of date the software is that they are publishing.

 

This prompted me to go download the GPL source for the Deco P9 to discover they are actually running a very very old OpenWRT release that is running Dropbear version "2015.67 - Wednesday 28 January 2015" ( https://matt.ucc.asn.au/dropbear/CHANGES ) assuming they have actually put the correct version up for download. "https://www.tp-link.com/nl/support/gpl-code/" (Change the country to which ever one you are loacted.). This puts the OpenWRT version from around "2015-04-18" based on the dropbear version. ( https://git.openwrt.org/?p=openwrt%2Fopenwrt.git&a=search&h=HEAD&st=commit&s=dropbear )

 

I would be very wary of having any Deco unit directly connected to the network as there are a few vulnerabilities that should be patched.

https://www.cvedetails.com/cve/CVE-2016-7408/

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=dropbear

https://www.cvedetails.com/vulnerability-list/vendor_id-15806/Dropbear-Ssh-Project.html

 

If I had the time then I would most likely try to put a newer version on OpenWRT on one of the units I have that is not strickly needed in my setup to see if I  could get a more useable setup with the required Android / iOS app.  Though, I might see if I can exploit  CVE-2016-7408 just because.

 

 

 

 

 

 

 

 

  3  
  3  
#91
Options
Re:FUTURE BUYERS BEWARE!!
2020-07-19 22:11:01

@_hpcsyspro_ 

Wow! A bit disturbing. I live in a neighbourhood with hundreds of tech university students and some can easilycome into range of guest wifi.

 

I've stopped believing that Commodity Off The Shelf products containing obsolete software with security vulnerability is incompetence. I had one about 5 years ago who wanted almost 10000 Euros per end-point to swap DES for 3DES. Doubtless they'd have charged again for a move to AES. Now, when we're in the realms of state-sponsored mischief we need to be even more careful, so thanks for the heads-up on this one.

I've got other TP-link kit but the Decos are fast becoming just history.

  0  
  0  
#92
Options
Re:FUTURE BUYERS BEWARE!!
2020-08-26 21:58:53
you're smarter than me. i bought 9 for my large home. p7, p9, m9. 3 each. i wanted to use the ap mode but dhcp stops working on my main router. ahh - 6 hockey pucks and 3 cylindrical units. its really a shame.
  0  
  0  
#93
Options
Re:FUTURE BUYERS BEWARE!!
2020-08-27 09:08:31

@_db 

 

I have six P9 units and they will still drop connections randomly when running in AP mode.  Though the network has been more stable in AP mode than router mode once I removed the offending network gear that causing some other stablity issues.  

  0  
  0  
#94
Options
Re:FUTURE BUYERS BEWARE!!
2020-08-28 06:25:59

I have a pair of P7's.

 

They disconnect my whole house network. Unplugging and plugging back ethernet cable from the modem fixes the connection.

 

 

Really annoying "feature"!

  0  
  0  
#95
Options
Re:FUTURE BUYERS BEWARE!!
2020-08-30 08:17:03

@Kevin_Z 

If you are working on behalf of the tp-link then can you PLEASE take a little bit of your time and look at my post. Please, please, please. As of now, I am not at all happy with tp-link deco routers. PLEASE  look at my post and tell me my solution. PLEASE FOR GOD SAKE, someone look at my problem.

  0  
  0  
#96
Options