TP-LINK Smart Switches anyone?
-
You can also install a remote reset device to attach to your equipment.
-
It may be that the specific switch is faulty. If it's still under warranty, try to RMA it.
-
Trash the trash and buy another.
-
There is no way to login to the swtich, web, ssh, telnet.
I heard the same from a friend who used their 52-port Gbit Switches (don't know exactly which ones) in a datacenter as cheap port concentrators.
They locked up access under heavy load and had to be rebooted.
Personally I've never seen this behavior but I never stressed them that much.Yesterday I was on TP-Link's CeBIT booth. Quite impressed of what's going to come from them (switch-wise) and good people to talk to. They actually listen to you and understand - which is more or less rare with asian companies…
Have you tried filing a support case with them?
-
Hi all,
well, yes that will be my last option (send a support ticket). The switch works great. The only problem is that I lost acces to remote management interface. -
Is the management interface opened to the web or might someone internally be accessing it to death?
-
Personally I would never consider a switch with only web access to manage it. A data center switch should always have a serial interface otherwise you are left with stock reset if you loose access.
-
These switches do have a serial interface on a dedicated RJ45 connector, just like Ciscos.
-
Yes, the management interface is opened to the web.
-
Thats the entire problem most likely. Close it to the web and access it via SSH socks proxy or via vpn. I prefer vpn.
Never EVER expose ANY management interface for anything directly to the web.
Interfaces for routers and switches and other stuff can have a million flaws and thats ok as long as they are behind a firewall/vpn that is kept up to date.
But exposing directly to internet. Bad. Very very bad.
-
-
We use a couple TP-LINK switches in our company also.
1xTL-SG1016DE, 1x TL-SG3424 and 3x TL-SG5428
Great bang for buck!
Uptime from one of our switches without any issues: 765 day - 21 hour - 42 min - 46 sec
Can't say we put heavy loads on them, but so far no issues.Have to say I only use the web interface, as CLI is made way too complicated in these switches (TL-SG5428)
-
I thought I would throw my two cents in here. When I first arrived at my old company they have very little "enterprise" hardware deployed (over 1200 locations maybe 15% of our switches were no consumer based). I took a gander at my old db where I tracked this stuff and we have 116 TP-Link switches of various kinds spread out across all of our locations (one of many consumer/prosumer brands/models). Based on some metrics we ran over the course of years the TP-Links did just fine in relatively low traffic office environments (mid range if you consider any type of unit failure). The best performers for us (again just units that have no type of issue or hardware failure) were HP, Cisco (small sample) and some older 3Com (there was no purchase history just time in service so I am taking an educated guess on the age of these).
I think for standard day to day use you should have no issues. For me I went with what I had the best experience with. The HP 18xx-24G models were tanks, we had ONE port go bad in nearly 150 switches and not a single failure over many years of a 24x7 environment (we had these at the core/production). For some time we had been smoking the Cisco smoke and had wanted these to fail so we took turns hitting them with hammers and they would not quit (yes I'm joking).
So when I had a chance to pick up two of these (1800-24G) really cheap I jumped (and can live with no CLI) and have been very happy. They replaced some 3 yo Netgear and TP-Link switches I had in my house.
-
Nothing beats a CLI when you're in trouble.
Why did you change-out the other switches if they were not broken? -
ok, first of all thanks for your answers.
So, after thinking a bit I setup a vpn server on one machines that is connected to the switch.
I setup a vpn on my local pc and connect ok to the vpn server.
Then I mount a virtual bridge to get to the switch (cos i don't wanna use a public ip anymore as we talk here).
Change the ip/netmask/gateway on the switch to the same network than the vpn.I cannot access de switch anymore.
I think I made the mistake to setup the switch network in the same than the vpn. It should be a diferent network than the vpn and public network and setup vpn bridge virtual inteface and switch both on the same local network.
Anyway, I have to get to the data center to reset the thing and try again.
I'll write over when I have results.ops, one last thought, I did not restart the switch, I could not do it. That may do the trick.
-
haha - I'm laughing with you…
Short term pain in the butt. Long term you will be much better off.
-
jaja, yeah kejianshi, your wellcome to the party :-)
-
You have a pfsense, a switch and a bunch of hosts running behind the switch? Is this correct?
If so, you can put your TPlink management interface/subnet/ip on the same subnet as your pfsense lan.
Then you can set up openvpn running on the pfsense wan.
Just be sure you have an allow all rule on openvpn firewall interface.
Really, its not hard. I'm sure you will get it working.
So, lets say the lan is 10.11.12.0/24 and lan interface IP is .1, you can make your management interface for tplink .2 on same subnet.
just make sure openvpn is running on some subnet not in use, like 10.12.13.0/24 (or whatever)
-
Anyway, I have to get to the data center to reset the thing and try again.
Don't forget to take a serial cable for the CLI to the data center (and have a copy of the the CLI guide with you as well).
Should get you off the ground in minutes. -
I have done a few jobs about vpn's and my setup should work one or another way.
I just try with a vpn client that should let me ping the switch's ip, but not. So I think the switch needs to be rebooted to get the new ip.
Have to say that this TL-SL2428_V1 don't have serial port.
Thanks for all the advice anyway :-)
