Frustration! Complaints to TP-Link.

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Frustration! Complaints to TP-Link.

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Frustration! Complaints to TP-Link.
Frustration! Complaints to TP-Link.
2022-02-02 22:46:59
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.2.0 Build 20220117 Rel.74491

I've forced my client to upgrade! their two branch offices to TP-Link full Omada SDN solution with ER7206's, OC-200s, SG3428s and EAP610s. After easy installation, found out it's not that easy to gain some basic musts for a business network like secure authentication, VPN (except IPSEC thankfully!) and other basic routing capabilities. If you are selling those products under "Business level devices" category, you have to give customers what they truly need, not only easy installation. Those are not targeted to home users, we chose them for business network, to manage local network and servers, set secure connections between clients locally or remote. 
1) OpenVPN is working with a basic certificate which is useless for a company network. We need client authentication; companies have their own domain controllers, user policies; it's very very basic to allow or deny a client trying to connect with a group policy. With a single OpenVPN config file; anyone can gain access to this network; what a vulnerability! People come and leave companies, we manage users from domain controllers so that keeps everything in place and secure. Whenever someone leaves the company, you have to change everyone's OpenVPN config file in the company to prevent unwanted access. LDAP implementation shouldn't be that hard while it's almost basic for every device called "router". 

2) L2TP is also useless because your products are pushing 8.8.8.8 as DNS servers to the clients! What a shame for your developers. Can you use google dns servers to serve your internal network addresses? Also, it has almost nothing to configure; very easy yes but worth nothing too! Clients get NO GATEWAY addres, so stuck looking for local servers in the internet, not in the internal network. And also users have to be created on router, again, no basic authentication for company use!

3) PPTP is out of question, not supported by many devices and probably have the same issues beside security weakness.

4) Logging is sooo low level. For a company network, they have many obligations to governments like keeping client activities over the internet but even your controller can not save logs on a usb flash or network share; only limited to small internal storage :/

5) IPSEC is working yes, thankfully. But only from one site local network to other site's. If you connect with VPN to a site, you can not reach to other! So, should we move our some servers to the same site? Or should we force them to settle in the same city, so no need to create two sites and everyone can connect from single VPN config!

Really regret about choosing your products. Just central management impressed me but they have many missing basic options and configurations.

If you won't be able to solve those problems, probably you will loose many customers too!

  0      
  0      
#1
Options
2 Reply
Re:Frustration! Complaints to TP-Link.
2022-02-04 09:17:20

@GokhanT 

tplink does have a long way to go, but there's no denying that they do produce a lot of good products, so maybe we can give a little more patience to a company like this. Extra: IPsec is supposed to be able to create multiple point-to-point VPN entries.

  0  
  0  
#3
Options
Re:Frustration! Complaints to TP-Link.
2022-02-04 09:29:10

@Yannie We do not have to praise even tough they have good products when they have basic missing specifications for "business device" category. I'm using TP-Link products at home too and they are more than enough but from business perspective, unfortunately they are low level. We are the partner of TP-Link btw; that's why we wanted to push those devices to our customers but it was a mistake. Now, we have to compensate the company's missing requirements. It will be so complicated to use a separate VPN solution while you have a capable device already in place. The requirements I wrote are a must. They have to develop immediately. Not a sassy request form a regular customer; it is indispensable for everybody in business. Of course if they want to keep their "Business device" allegations for those products.

  0  
  0  
#4
Options

Information

Helpful: 0

Views: 669

Replies: 2