Switches and AccessPonits connect to some Links in in the Internet

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Switches and AccessPonits connect to some Links in in the Internet

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Switches and AccessPonits connect to some Links in in the Internet
Switches and AccessPonits connect to some Links in in the Internet
2020-12-30 11:03:59 - last edited 2021-01-04 18:10:52
Model: OC200  
Hardware Version: V1
Firmware Version: 1.7.1 Build 20201016 Rel.62818

Hi everybody,

 

did anyone know for what my switches an aps need to connect to the belows links?

 

n-devs-smb.tplinkcloud.com

 

n-deventry-smb.tplinkcloud.com

 

 

thank you

  1      
  1      
#1
Options
1 Accepted Solution
Re:Switches and AccessPonits connect to some Links in in the Internet-Solution
2021-01-03 12:52:36 - last edited 2021-01-04 18:10:52
Quick search these appear to be for Cloud Management of the SDN and checking hardware device adoption/registration
Recommended Solution
  1  
  1  
#2
Options
4 Reply
Re:Switches and AccessPonits connect to some Links in in the Internet-Solution
2021-01-03 12:52:36 - last edited 2021-01-04 18:10:52
Quick search these appear to be for Cloud Management of the SDN and checking hardware device adoption/registration
Recommended Solution
  1  
  1  
#2
Options
Re:Switches and AccessPonits connect to some Links in in the Internet
2021-04-17 18:32:04

@Philbert

I am new to the Omada Platform and was VERY surprised when my firewall registered some connection attempts to some AWS EC2 instances from the Management VLAN (to be exact from a JetStream Switch). I have a local self-hosted Software controller, don't use nor EVER enabled Cloud Access. So my question is why the switch is still trying to reach out to TP-Link Cloud??? This is to me a very strange and concerning behavior.

I hope TP-Link has a good explanation for this, otherwise this is not really confidence inspiring.

  0  
  0  
#4
Options
Re:Switches and AccessPonits connect to some Links in in the Internet
2021-04-17 19:55:44

@NeoNet 

 

Its nothing to worry about

 

The SDN needs to check if there is internet connection and it does this by sending occasional pings to a few random sites.     If i remember right, during my testing I came across AWS and Azure 

 

The packets didn't have anything bad, was literally just checking internet connectivity against common sites occasionally.   The sites where random order and generally something you can guarantee will be online 24/7, like AWS for example.

 

Most vendors do the same thing but hit a few select sites of their own hosting, TP Link seem to do it differently however and use 3rd parties.

  0  
  0  
#5
Options
Re:Switches and AccessPonits connect to some Links in in the Internet
2021-04-17 21:14:15 - last edited 2021-04-17 21:18:07

@Philbert 

Not quite (at least in my case) it is not going to random sites, it is specifically going to the two endpoints mentioned above (n-devs-smb.tplinkcloud.com and n-deventry-smb.tplinkcloud.com) which are hosted on AWS EC2 Instances. Btw, if in your case it's random sites, just to check for internet connection, I then genuinely wonder why should a switch care about internet connection??)


After some packet capture, the connection happens when the switch starts up (or the internet connection is broken). After the initial TLS handshake and a chunk of data is sent out (484 Bytes) the connection is then kept alive by constantly sending small amount of data (from 28 to 54 Bytes) back and forth.
In the documentation of the Cloud Based Controller I found this "Add devices with the serial number, make sure the devices are online and in factory default".
So here's my assumption: Omada Devices in factory defaults "register" themselves (their serial numbers) to the TP-Link Cloud and keep the connection alive (either hole punching or polling for adoption status/request) until they get adopted by a cloud based controller.

 

Now I understand this is nothing to worry about, but it would have been great if TP-Link gave us the option to disable this "registration" process once the device is adopted by a Hardware or a Software controller. Or better disable it automatically, as once adopted by a controller the admin password is changed from the default one and they cannot be adopted by the cloud controller anyway (hence requiring factory default for cloud controller adoption)

 

Side note: Love how devices get adopted by cloud controller only with their serial number and default admin password...... so basically, if you are not quick enough and/or someone else at the same time made a typo, your device will be adopted by another account (and with automation, this is basically a DoS attack on the Cloud Adoption Process) :D

  1  
  1  
#6
Options