ER8411 Omada SDN - IDS/IPS With DShield Selected, Causes iPhone Internet Connectivity To FAIL
Hello,
Hardware is ER8411, controller is Omada Software Controller Windows v5.14.26.1
There are two issues with IDS/IPS:
1. Site Settings - Network Security - IDS/IPS - IDS/IPS Settings tab - Security Level:
Select the option, Security Level:, then IPs with a Bad Reputation - (check box) DShield
With DShield selected, iPhones FAIL to connect to the Internet (iPhones all have the latest iOS 17.6.1)
This is easily confirmed with a toggle of the DShield check box control.
iPhones will connect or disconnect from Internet within a few minutes.
Android phones are unaffected.
Question 1a - why does the DShield option cause this failure mode?
Question 1b - Can it be corrected by TP-Link so the DShield security option functions properly?
2. Site Settings - Network Security - IDS/IPS - Block List tab
With iPhones confirmed blocked by IDS/IPS, there are zero entries in the Block List
Identifying the cause of iPhone Internet connectivity failure would have been much easier if
the Block List actually functions at all.
Question 2a - with some functionality confirmed as blocked by IDS/IPS, why is a client or something not listed in the Block List?
Question 2b - what causes or effects do get listed in the block list?
Question 2c - what is the expected behavior causing a listing in the block list?
Question 2d - can TP-Link correct the Block List so it properly displays what exactly is blocked?
Please see the attached screenshots.