Mechanism for wireless satellite configuration
I recently installed three Deco X20's (which doesn't seem to be an option under "Model" for creating posts on this forum) and am curious about the mechanism for bringing new devices onto an established Deco network wirelessly.
After setting up the first two X20's using Ethernet connections (updating firmware, etc.), I powered the third X20 up and went to another room -- no Ethernet cable, just powered it up from out of the box. Somehow while I was away it was able to (wirelessly) get configured as a satellite on my network (at minimum knowing my SSID/password and having visibility to my wireless traffic).
What is the mechanism that allowed this and how concerned should I be that my "next door neighbor" who is trying to establish his Deco network won't instead extend my network? (which is the least nefarious/problematic scenario)
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
I've gone ahead and added Deco X20 to the product list. Thank you for pointing that out.
For the mechanism a new satelite node should only be able to be added through the Deco app. Log in and tap add and select the correct Deco unit you are adding. At that point your network main node will be triggered to do a handshake with the new node. Because your Deco account is tied to a TP-Link ID you should only be able to able to add units to your network and your neighbors to theirs.
- Copy Link
- Report Inappropriate Content
Thanks for the quick feedback!
To be clear, I never explicitly added either of my satellites (secondary X20s) as you describe -- I just plugged them in and they self-configured. I did absolutely nothing in the app to bring them on the network. The only thing I did with either satellite via the app was click the link to upgrade the firmware once they were already on the network (i.e., "green" light).
Which is the crux of my concern and my question -- what is the mechanism that allowed the third X20 to be wirelessly added to my network? Not only did I do nothing in the app, I don't recall seeing a notification that a new X20 was added to my network (aside from a notice indicating a firmware update was outstanding). So if the new X20 was already on the most recent firmware, how would I have known that a new satellite was added to my network? Don't get me wrong -- it showed up as a "message" but that doesn't really draw any attention.
Is it because all three devices were from the same original set so once I added the first X20 via the app the next two would "self configure"? I fully understand how that would work in a wired configuration but am somewhat confused with wireless. Is there a non-broadcast wireless backhaul channel to which all three devices are pre-configured (i.e., out of the box)? A channel to which I have no visibility as to its security or any ability to manage/change (i.e., generate a new password/key)?
Carl wrote
I've gone ahead and added Deco X20 to the product list. Thank you for pointing that out.
For the mechanism a new satelite node should only be able to be added through the Deco app. Log in and tap add and select the correct Deco unit you are adding. At that point your network main node will be triggered to do a handshake with the new node. Because your Deco account is tied to a TP-Link ID you should only be able to able to add units to your network and your neighbors to theirs.
- Copy Link
- Report Inappropriate Content
That is something i will need to look into for you. I am going to contact my testing team and will be back in touch. Thank you for bringing this up as it will no doubt be valuable infromation.
- Copy Link
- Report Inappropriate Content
Okay got an update for you. This is a new feature we started with Decos, basically the units in a Kit are all pre-configured to talk to each other similar to how our Powerline Kits come paired in the box. Its a goal to simplfiy setup. All you do is connect and configure the 1st unit to your ISP. After that its a simple plug in the additonal units and they will link with the base and be given the configuration. This way the only unit you have to go through setup on is the 1st unit and any additonal unit not included in the set the base was apart of (you can have up to 10 Deco nodes in one network)
So no security concerns to be worried about.
- Copy Link
- Report Inappropriate Content
Thanks again for the quick response!
Carl wrote
Okay got an update for you. This is a new feature we started with Decos, basically the units in a Kit are all pre-configured to talk to each other similar to how our Powerline Kits come paired in the box. Its a goal to simplfiy setup. All you do is connect and configure the 1st unit to your ISP. After that its a simple plug in the additonal units and they will link with the base and be given the configuration. This way the only unit you have to go through setup on is the 1st unit and any additonal unit not included in the set the base was apart of (you can have up to 10 Deco nodes in one network)
So no security concerns to be worried about.
Not sure what you mean by my having no security concerns to be worried about as I still don't know what the mechanism is used by the two secondary units to self-configure (i.e., I'm unclear what is meant by "talk to each other")... And I'm assuming by your explanation that this has nothing to do with the Deco app on my phone.
So is this powerline technology? You mentioned "similar to how our Powerline Kits come paired in the box". Or is it that there's a non-broadcast pre-configured wireless backhaul channel "out of the box" on all three devices and that will be active for the lifetime of my network (with no opportunity for me to regenerate a password)? Or something else? And if "something else", now that all three devices are configured is this mechanism that can (at minimum) share my wireless credentials no longer active?
If this mechanism is still active, my security is only as good as your ability to manage this pre-configured passcode/certificate/etc. (assuming this mechanism is secure, which I assume it is).
- Copy Link
- Report Inappropriate Content
Basically their backhaul is preconfigured. The handshake between the devices is already established. When they are plugged in they will begin the handshake process. If one of the units is configured it will then send the configuration over this backhaul communitcation to the new node allowing it to then be automatically configured. Essentially we are taking the configuration step of "additional" units out and making it automatic, but only for the untis sold together.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 840
Replies: 6
Voters 0
No one has voted for it yet.