Archer C7 v5 is emitting a hidden network
Hello,
my Archer C7 v5 is emitting a hidden wifi network that I can't explain.
According to a wifi network analyzer, it's MAC address is identical to the MAC addresses of the 2.4 and 5 GHz network, except that the first 6 entries are AA:DA:C4 instead of the TP-link associated 98:DA:C4. The hidden network has same maxium speed of 216.7 Mbps as the 2.4 Ghz network and allows authentication via WPA2 PSK-CCMP.
The hidden network exists independent of the operation mode (Acess Point or Router) and also if both the 2.4 GHz and 5 GHz networks are disabled.
Any ideas what that is?
Best,
Frederik
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Jesus man, you cracked it! It helped! Thanks a million!
The only thing I need to figure out is how to set the schedule times. I set it to turn the wireless on at 7AM and it turned it on at 6AM. Looks like either the daylight saving feature or +/- GMT difference influences that.
Anyway thanks again!
- Copy Link
- Report Inappropriate Content
Oh, my mistake. I misundestood the schedule time/cells concept first but now it's clear so it's working just as I want to.
- Copy Link
- Report Inappropriate Content
I tried this on my A6 and no luck :( This "feature" update is for the birds. It seems like a huge securty risk to enable a hidden SSID that only the manufacturer knows the SSID and password to. What could go wrong? We need to be able to disable this in the GUI. I don't see how this would pass certification.
- Copy Link
- Report Inappropriate Content
Kevin_Z wrote
@rod.evans @RevenFlame @porobk
Hello, the hidden SSID is used for onemesh only, which is enabled by default and it won't affect the performance of the actual wireless network.
Besides, may I know why do you want to shut it off?
Good day.
Please make this an option in the admin panel to turn off this feature on all hardware. I have an A6 and noticed this hidden network when troubleshooting network performance issues. PLEASE make this optional. This is a security issue and a backdoor for someone to gain access to your local network. I don't suspect this is part of the 802.11ac standard, nor is it an open source implementation? How can this be vetted by the community and standards body for vulnerabilities?
- Copy Link
- Report Inappropriate Content
xitan wrote
Hey, I might have a solution. A friend of mine who has C7 as well fiddled with my C7 last night saying that the schedule feature works for him just fine. 2 hours, 4 beers and 2 bags of peanuts later he fixed it. So here's what he did and what might help. I'm not sure if all the steps were neccessary but it helped so it's up to you:
Reset your C7 to default
Downgrade the C7 firmware to version 180425 2018-05-18
Check if the firmware is really downgraded
Upgrade the C7's firmware to the latest version
Configure your C7 as needed except for Wireless Schedule - do not configure Wireless Schedule yet
Now these are probably the most crucial steps:
Set Wireless Schedule to turn wireless off at the current hour meaning that if the current time is for example 11:30 AM, set the schedule to 11:00 and 12:00 (make 11:00 and 12:00 cells blue for every day of the week). Click Save. The webpage should take to the superior Wireless Schedule page - don't forget to click Save here as well.
Now the wireless should be disabled by the scheduling feature. Check if it is true. And also the hidden network on the same channel should be gone too.
If that's the case say hooray 3 times and set the Wireless Schedule as you need and don't forget to click Save on both pages.
I've tested it for both 2.4GHZ and 5GHZ and it worked as expected - no hidden networks emiting from my C7.
Interesting workaround - thanks!!
- Copy Link
- Report Inappropriate Content
I thought of buying a TP Link router until I saw this thread...
- Copy Link
- Report Inappropriate Content
@Kevin_Z As others have pointed out, enabling an unknown and not needed network is a potentially huge security issue. What could go wrong? Exactly, if there's any vulnerability in the OneMesh protocol we are sold even if we don't use the feature at all or prefer to use a wired backhaul (which is not even supported, it was an example).
It's like UPnP, WPS (both the infamous PIN mode and the button) and all these features that are supposed to ease the operation of products but in the end they reduce the overall security of your network. Use them if you want, that's fine, but the option to disable them should be there for more security conscious users.
For once, I'm happy the EU version of my Archer C6 has no OneMesh features... and guess I won't upgrade the firmware till there is an option to turn the offending network off.
- Copy Link
- Report Inappropriate Content
Another risk is No HTTPS :
https://community.tp-link.com/en/home/forum/topic/92899
And this is an old issue
And you'd think that https would be default by now.
Heck, even my ISP's old router has https.
- Copy Link
- Report Inappropriate Content
@Nn7 Well, my C6 at least has the option of turning HTTPS on for the admin web. So, at least, looks like newer models have that feature.
I understand it's not on by default given it's a private certificate and some devices may even refuse to connect. But they definitely should recommend turning it on in the quick setup. Password is not sent unencrypted anyway, so at least nobody can steal your router's admin password, even using http.
But this OneMesh ssid is just crazy from a network security perspective because it's an always-on potential vulnerability that the user is not even aware. Almost like a backdoor!
- Copy Link
- Report Inappropriate Content
@Kevin_Z could you explain why C7 is still emitting the hidden network when working in AP mode? As far as i know, in AP mode mesh is not supported on C7, but it still emitts the hidden network. So this seems to be a bug.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 10
Views: 67673
Replies: 105