• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Possible tp-link issues/Access Points have constant connection with n-use1-devs-gw.tplinkcloud.com

Scheduled Pinned Locked Moved Firewalling
ccpagdprtplinkcloudaccess point
18 Posts 4 Posters 1.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    JonathanLee
    last edited by JonathanLee May 6, 2024, 6:12 AM May 6, 2024, 6:00 AM

    Hello fellow Netgate community members,

    I recently purchased a new AP, however during testing I have found that the brand new out of the box device seems to always have a constant connection to ...

    n-use1-devs-gw.tplinkcloud.com
    

    Keep in mind it was running non stop. This is only the AP system however there was enough data passed to something called tplinkcloud that it does cause some areas for concern.

    This if it is a update repo should not have a constant connection correct?

    I have since disabled all communication with that.

    Screenshot 2024-05-05 at 22.55.43.png

    What would require so many different IP addresses and constant links?? The AP seems to be acting on its own without users and making calls to a cloud service without user approval.

    Please be warned, my AP is the .2 so I have no browser running on it as it is only in AP bridge mode and yet it still is connecting to something else and passing traffic....

    If an AP is in bridge mode why would it still pass traffic to tplinkcloud without user approval. Some might say this is in direct violation of CCPA and GDPR. Any update would only connect once the user starts the update and over gigabit speeds it should never require a constant connection to its cloud platform right? Tell me what you think about this. I found a nifty way to protect your privacy rights and override this also.

    Screenshot 2024-05-05 at 23.05.12.png

    It is simple just create a block everything except the firewall connection for the AP it should need anything but the firewall outside of that the other addresses can be utilized still with the DHCP set on the link side (firewall).

    Stay vigilant

    Could be a regional data sovereignty issue and a product is shipping and still acting out the regulations for where that device is manufactured. I don't know.

    CCPA in our region does protect user privacy laws.

    With that said the device works great once you block out the constant connections to cloud services that are not used or activated.

    Make sure to upvote

    D J 2 Replies Last reply May 6, 2024, 9:00 AM Reply Quote 0
    • D
      darcey @JonathanLee
      last edited by May 6, 2024, 9:00 AM

      @JonathanLee Does this model of AP have some cloud management feature and if so, is it enabled? Could it be a firmware check? I don't allow my solitary AP access to the WAN even though I trust it (OpenWRT). It doesn't need to.

      1 Reply Last reply Reply Quote 1
      • J
        johnpoz LAYER 8 Global Moderator @JonathanLee
        last edited by johnpoz May 6, 2024, 9:26 AM May 6, 2024, 9:22 AM

        @JonathanLee

        https://community.tp-link.com/en/business/forum/topic/525328

        The following EAP firmware version released last week (on June 9, 2022) have added support to disable cloud-connection behavior.

        unifi can be disabled as well, etc..

        unifi.jpg

        You can for sure just block how your doing it, but when things send out stuff you don't want them to - its better to disable as the device if possible vs just letting them bang their head against the wall putting noise on the wire and filling up logs with spam..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 1
        • J
          JonathanLee
          last edited by JonathanLee May 6, 2024, 2:44 PM May 6, 2024, 2:39 PM

          I have model TL-WA1201. It was on sale for $30!! A gigabit AP with Wireless AC for $30 dollars in this day and age unheard of right??

          Make sure to upvote

          J 1 Reply Last reply May 6, 2024, 5:40 PM Reply Quote 0
          • J
            johnpoz LAYER 8 Global Moderator @JonathanLee
            last edited by May 6, 2024, 5:40 PM

            @JonathanLee glad your happy, but it doesn't do vlans prob should of put the 30 bucks towards an AP that can do vlans to be honest.

            Can you put dd-wrt or openwrt on it - then you would have vlans, and it sure wouldn't be phoning home..

            looks like maybe, what hardware version 2, 3, 3.6? And sale price being low, prob the old v2 hardware. So you should be able to put openwrt on it.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            J 2 Replies Last reply May 6, 2024, 9:36 PM Reply Quote 2
            • J
              JonathanLee @johnpoz
              last edited by May 6, 2024, 9:36 PM

              @johnpoz Cool what an amazing find, it runs AC and it can run OpenWRT, this is new to me I have not seen OpenWRT yet, will this make the system better over it's stock stuff?

              Make sure to upvote

              J 1 Reply Last reply May 6, 2024, 9:57 PM Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator @JonathanLee
                last edited by May 6, 2024, 9:57 PM

                @JonathanLee Pretty much given.. And it should add the ability to do vlans, unless the hardware can not actually support them which is rare... I didn't read all the details, just that it was supported.

                Back in the day when I was running just soho router, before I found pfsense I always ran dd-wrt or openwrt..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                J 1 Reply Last reply May 6, 2024, 10:18 PM Reply Quote 1
                • J
                  JonathanLee @johnpoz
                  last edited by May 6, 2024, 10:18 PM

                  @johnpoz I got the new AP after the internal compex card could no longer run without rebooting once it started running full tilt on pfSense. I have the SG-2100 so I also can't see the swap partition without a usb drive set up for swap use. I will research it more however with finals I can't have it reboot right now. Also I remember you were very anti using the built in wifi support with freebsd for pfSense. I loved it. Again, I never got it to max out until I got my new fiber line, after that it would reboot on its own, something is causing kernel panics and rebooting.

                  Screenshot 2024-05-04 at 19.21.12.jpg

                  Screenshot 2024-05-04 at 19.21.01.jpg

                   x0:                0
                    x1: ffff00009c600000 ($d.6 + 999bb068)
                    x2:               84
                    x3:                4
                    x4:                1
                    x5: ffff000097280840 ($d.6 + 9463b8a8)
                    x6:                0
                    x0:                0
                    x7:              100
                    x1: ffff00009c600000  x8: ffff000000ad0114 ($d.6 + 999bb068)
                   (generic_bs_r_4 + 0)
                    x2:             80f4
                    x9: ffff000000acff6c  x3:                4
                   (generic_bs_barrier + 0)
                    x4:                1
                   x10:               88
                    x5: ffff000096fdd000 x11:              5c0
                   ($d.6 + 94398068) x12:                1
                  
                   x13:                1
                    x6:              100
                   x14:             285f
                    x7: ffff00009723684c x15:             2af8
                   ($d.6 + 945f18b4) x16:             2878
                  
                   x17:                0
                    x8: ffff000000ad0114 x18: ffff000097280850 (generic_bs_r_4 + 0)
                   ($d.6 + 9463b8b8)
                    x9: ffff000000acff6c x19: ffff000096feb000 (generic_bs_barrier + 0)
                   ($d.6 + 943a6068)
                   x10:              3e8
                   x20: ffff00009c600000 x11:         10624dd3 ($d.6 + 999bb068)
                  
                   x12:               64
                   x21:               84
                   x13:                0
                   x22: ffff00000213aa80 x14:            186a0
                   (memmap_bus + 0)
                   x15:         8003bed3
                   x23: ffff00009c236a74 x16: ffffa00025b97200 ($d.6 + 995f1adc)
                  
                   x24: ffffa000019efc80 x17: ffffa0000275019a
                   x25:                0
                  
                   x26:                0
                   x18: ffff0000403c0770 x27: ffff000002192e98 ($d.6 + 3d77b7d8)
                   (Giant + 18)
                   x19: ffff000096feb000 x28: ffffa000019efc80 ($d.6 + 943a6068)
                  
                   x20: ffff00009c600000 x29: ffff000097280850 ($d.6 + 999bb068)
                   ($d.6 + 9463b8b8)
                   x21:             80f4
                    sp: ffff000097280850
                   x22: ffff00000213aa80  lr: ffff000000167114 (memmap_bus + 0)
                   (ath_hal_reg_read + cc)
                   x23: ffff000096fef544 elr: ffff000000ad0118 ($d.6 + 943aa5ac)
                   (generic_bs_r_4 + 4)
                   x24: ffff000096feb000spsr:               45
                   ($d.6 + 943a6068) far: ffff00009c600084
                   x25: ffff000096fef544 ($d.6 + 999bb0ec) ($d.6 + 943aa5ac)
                  
                   x26:                0
                   x27:             7530
                   x28:             754a
                   x29: ffff0000403c0770 ($d.6 + 3d77b7d8)
                    sp: ffff0000403c0770
                    lr: ffff000000167114 (ath_hal_reg_read + cc)
                   elr: ffff000000ad0118 (generic_bs_r_4 + 4)
                  spsr:         20000045
                   far: ffff00009c6080f4 ($d.6 + 999c315c)
                  timeout stopping cpus
                  panic: Unhandled EL1 external data abort
                  cpuid = 1
                  time = 1714888984
                  KDB: enter: panic
                  [ thread pid 12 tid 100070 ]
                  Stopped at      kdb_enter+0x44: undefined       f907c27f
                  db:0:kdb.enter.default> textdump set
                  textdump set
                  db:0:kdb.enter.default>  capture on
                  db:0:kdb.enter.default>  run pfs
                  db:1:pfs> bt
                  Tracing pid 12 tid 100070 td 0xffff00009c22c600
                  db_trace_self() at db_trace_self
                  db_stack_trace() at db_stack_trace+0x11c
                  db_command() at db_command+0x358
                  db_script_exec() at db_script_exec+0x1a4
                  db_command() at db_command+0x358
                  db_script_exec() at db_script_exec+0x1a4
                  db_script_kdbenter() at db_script_kdbenter+0x58
                  db_trap() at db_trap+0xf4
                  kdb_trap() at kdb_trap+0x284
                  handle_el1h_sync() at handle_el1h_sync+0x10
                  --- exception, esr 0
                  $d.6() at 0xffff000097000a63
                  db:1:pfs>  show registers
                  spsr                0x600000c5
                  x0                        0x12
                  x1                         0xa
                  x2                         0x4
                  x3                         0xa
                  x4          0xffff000000ad0244  generic_bs_w_4
                  x5                        0x50
                  x6          0xffff00000067adec  kvprintf+0x470
                  x7                        0xd5
                  x8                         0x1
                  x9          0x9f067a1c30d67fd2
                  x10         0xffff0000023d9000  nfsheur+0x5480
                  x11         0xfefefefefefefeff
                  x12         0xffff000097000a63
                  x13             0xfeff00ff0100
                  x14                          0
                  x15                          0
                  x16                          0
                  x17                          0
                  x18         0xffff000097280560
                  x19         0xffff000002433000  epoch_array+0x1280
                  x20         0xffff000002401eb0  vpanic.buf
                  x21         0xffff00009c22c600
                  x22                          0
                  x23         0xffff000002401000  proc_id_reapmap+0x2870
                  x24         0xffffa000019efc80
                  x25                          0
                  x26                          0
                  x27         0xffff000002192e98  Giant+0x18
                  x28         0xffffa000019efc80
                  x29         0xffff000097280560
                  lr          0xffff000000673a68  kdb_enter+0x40
                  elr         0xffff000000673a6c  kdb_enter+0x44
                  sp          0xffff000097280560
                  kdb_enter+0x44: undefined       f907c27f
                  db:1:pfs>  show pcpu
                  cpuid        = 1
                  dynamic pcpu = 0x3eb20180
                  curthread    = 0xffff00009c22c600: pid 12 tid 100070 critnest 1 "pcib0,0: ath0"
                  curpcb       = 0xffff000097280b40
                  fpcurthread  = 0xffff0000e1a86200: pid 29607 "snort"
                  idlethread   = 0xffff000040ebb800: tid 100004 "idle: cpu1"
                  curvnet      = 0
                  db:1:pfs>  run lockinfo
                  db:2:lockinfo> show locks
                  No such command; use "help" to list available commands
                  db:2:lockinfo>  show alllocks
                  No such command; use "help" to list available commands
                  db:2:lockinfo>  show lockedvnods
                  Locked vnodes
                  db:1:pfs>  acttrace
                  
                  Tracing command clock pid 2 tid 100029 td 0xffff000096fb5c00 (CPU 0)
                  sched_switch() at sched_switch+0x868
                  mi_switch() at mi_switch+0x100
                  version() at version+0x12c
                  
                  Tracing command intr pid 12 tid 100070 td 0xffff00009c22c600 (CPU 1)
                  db_trace_self() at db_trace_self
                  _db_stack_trace_all() at _db_stack_trace_all+0xe8
                  db_command() at db_command+0x358
                  db_script_exec() at db_script_exec+0x1a4
                  db_command() at db_command+0x358
                  db_script_exec() at db_script_exec+0x1a4
                  db_script_kdbenter() at db_script_kdbenter+0x58
                  db_trap() at db_trap+0xf4
                  kdb_trap() at kdb_trap+0x284
                  handle_el1h_sync() at handle_el1h_sync+0x10
                  --- exception, esr 0
                  $d.6() at 0xffff000097000a63
                  db:1:pfs>  ps
                    pid  ppid  pgrp   uid  state   wmesg   wchan               cmd
                  80015 92122   412     0  S       nanslp  0xffff00000240378d  sleep
                  77724 44890    26     0  S       nanslp  0xffff00000240378c  sleep
                  80274 87627 86665   100  S       sbwait  0xffff0000df9e844c  perl
                  54117 87627 86665   100  S       sbwait  0xffff0000dfa4e8cc  perl
                  53941 87627 86665   100  S       sbwait  0xffff0000df9e6d4c  perl
                  18551 18369 17397     0  S       piperd  0xffff0000e14be998  sh
                  18369 17397 17397     0  S       wait    0xffffa0008ee11540  sh
                  18181 17397 17397     0  S       (threaded)                  sshg-blocker
                  100326                   S       piperd  0xffff0000e14bd000  sshg-blocker
                  100376                   S       nanslp  0xffff00000240378c  sshg-blocker
                  18028 17397 17397     0  S       piperd  0xffff0000e14be110  sshg-parser
                  17703 17397 17397     0  S       piperd  0xffff0000e14666c0  cat
                  17397 47272 17397     0  Ss      wait    0xffffa00099a58000  sh
                  17327     1 17327     0  Ss+     ttyin   0xffffa00000e604b0  getty
                  92236 87627 86665   100  S       sbwait  0xffff0000dfa5c8cc  squidGuard
                  92108 87627 86665   100  S       sbwait  0xffff0000dfa5ed4c  squidGuard
                  91847 87627 86665   100  S       sbwait  0xffff0000dfa5db4c  squidGuard
                  91544 87627 86665   100  S       sbwait  0xffff0000df9edb4c  squidGuard
                  29607     1 29607     0  Rs      (threaded)                  snort
                  100336                   RunQ                                snort
                  100374                   S       nanslp  0xffff00000240378d  snort
                  100375                   S       sbwait  0xffff0000dfa6844c  snort
                  57228 87627 86665   100  S       select  0xffffa00059604dc0  pinger
                  56920 87627 86665   100  S       sbwait  0xffff0000dfa0cd4c  perl
                  56138 87627 86665   100  S       sbwait  0xffff0000df9f4d4c  perl
                  54293 87627 86665   100  S       sbwait  0xffff0000dfa168cc  perl
                  51257 87627 86665   100  S       sbwait  0xffff0000dfa05b4c  perl
                  50784 87627 86665   100  S       sbwait  0xffff0000dfa6bb4c  perl
                  49572 87627 86665   100  S       sbwait  0xffff0000df9f56cc  squidGuard
                  48859 87627 86665   100  S       sbwait  0xffff0000df9f5fcc  squidGuard
                  u47486 87627c86665  n10: USha d  dsbLa txt0rfalfdata abfr8c  squidGuime
                   psqui=Gu
                  d▒TIM-1.0
                  WTMI-devel-1.0.0-1115f12
                  WTMI: system early-init
                  SVC REV: 5, CPU VDD voltage: 1.225V
                  

                  Make sure to upvote

                  1 Reply Last reply Reply Quote 0
                  • J
                    JonathanLee @johnpoz
                    last edited by May 6, 2024, 11:37 PM

                    @johnpoz It has version 3.6 would that work with the OpenWRT software built for version 2? It looks like the same device

                    Make sure to upvote

                    J 1 Reply Last reply May 6, 2024, 11:38 PM Reply Quote 0
                    • J
                      johnpoz LAYER 8 Global Moderator @JonathanLee
                      last edited by May 6, 2024, 11:38 PM

                      @JonathanLee There are hardware changes, its quite possible 3.6 hardware is not supported at this time.. I did a query for 3 and 3.6 and seems people were asking about it.

                      You would need to check with their forums.

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      J 2 Replies Last reply May 7, 2024, 12:11 AM Reply Quote 0
                      • J
                        JonathanLee @johnpoz
                        last edited by May 7, 2024, 12:11 AM

                        @johnpoz

                        https://forum.openwrt.org/t/tl-wa1201-v3-6/197094

                        Done let's see what they say about the V3.6.

                        Plus if they have info on turning off cloud calls for US users.

                        Make sure to upvote

                        1 Reply Last reply Reply Quote 1
                        • J
                          JonathanLee @johnpoz
                          last edited by May 8, 2024, 4:57 PM

                          @johnpoz I shipped it back so I can get one that will allow me to install OpenWRT on it so I can disable the cloud call outs.

                          Make sure to upvote

                          1 Reply Last reply Reply Quote 0
                          • J
                            JonathanLee
                            last edited by May 14, 2024, 6:42 PM

                            OpenWRT took my Archer A9 from 300mbps to 30mbps it does not fully support 2.4ghz only 5ghz right now for my version

                            Make sure to upvote

                            J 1 Reply Last reply May 14, 2024, 7:01 PM Reply Quote 0
                            • J
                              johnpoz LAYER 8 Global Moderator @JonathanLee
                              last edited by May 14, 2024, 7:01 PM

                              @JonathanLee said in Possible tp-link issues/Access Points have constant connection with n-use1-devs-gw.tplinkcloud.com:

                              Archer A9

                              huh - there is no way you were getting 300mbps real world speeds on 2.4.. Just not possible Unless your talking AX 2.4, and then yeah 300 would be possible.. Is your client AX? Other than Iot devices not sure what device these days would be talking on 2.4 to be honest.

                              300 is possible as a PHY, but its not real world speeds.

                              Why did you pick up an A9 if your plans were to put openwrt on it, it says right on their page that 2.4 is unsupported on that model.

                              https://openwrt.org/toh/hwdata/tp-link/tp-link_archer_a9_v6

                              Unsupported Functions: WiFi 2.4GHz

                              Just get a real AP and call it a day.. I show the unifi U6 like for 99$, or the U6+ for 129 which is 4 streams vs 2..

                              An intelligent man is sometimes forced to be drunk to spend time with his fools
                              If you get confused: Listen to the Music Play
                              Please don't Chat/PM me for help, unless mod related
                              SG-4860 24.11 | Lab VMs 2.8, 24.11

                              J 1 Reply Last reply May 15, 2024, 3:07 PM Reply Quote 0
                              • J
                                JonathanLee @johnpoz
                                last edited by JonathanLee May 15, 2024, 3:12 PM May 15, 2024, 3:07 PM

                                @johnpoz it was false advertising they had it as number one for use with OpenWrt. Weird right it works good in WiFi G speeds, the developers want the logs off it, but I set it back to tp link firmware with TFTP already. I am gonna configure it again. OpenWrt is good stuff

                                Make sure to upvote

                                J HLPPCH 2 Replies Last reply May 15, 2024, 3:35 PM Reply Quote 0
                                • J
                                  johnpoz LAYER 8 Global Moderator @JonathanLee
                                  last edited by May 15, 2024, 3:35 PM

                                  @JonathanLee said in Possible tp-link issues/Access Points have constant connection with n-use1-devs-gw.tplinkcloud.com:

                                  OpenWrt is good stuff

                                  I agree - but that hardware that doesn't have 2.4 fully functional in openwrt and you want/need 2.4 kind of makes it not good stuff..

                                  Who advertised as number 1 for openwrt.. openwrt doesn't really make recommendations on hardware to use.. What the hell do you think a company is going to say about their product.. Yeah its number one for "anything" they want to say..

                                  Again - get yourself a real AP not something you have to put 3rd party on to even make it usable and call it a day..

                                  Openwrt is great for if you have some soho wifi router laying around and you want to make actual use of it.. And openwrt will allow it to do xyz, vlans for one is the big one that none of the native firmware supports even when their hardware does..

                                  I rarely have to even think about my APs - they work, I never have to reboot them, the only time I do is when I upgrade their firmware. Really the only time I Play with them is want to try a new feature they implemented - like when you could finally do vlan assigned by radius.. Yeah got it work, and then thought have no actually need for it other than being only to broadcast one ssid and have devices join different vlans.. Its cool and all - but in to be honest not really needed.. My ssids and vlans all ready setup, why complex it up, etc.

                                  I played with the ppsk when they enabled that - again slick.. might be useful.. But then again everything already setup, no reason to complex it up.

                                  If you want to play with openwrt - great more power to you, completely agree its some great stuff. But get some AP to play with it on, get another AP that actually provides your network its wifi..

                                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                                  If you get confused: Listen to the Music Play
                                  Please don't Chat/PM me for help, unless mod related
                                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                                  J 1 Reply Last reply Jul 22, 2024, 7:52 AM Reply Quote 1
                                  • HLPPCH
                                    HLPPC Galactic Empire @JonathanLee
                                    last edited by May 31, 2024, 6:06 PM

                                    @JonathanLee

                                    I have a working zenarmor/sensei netmap setup. It can more than likely block all of that noise. My WAPs do that too if I connect them through a VPN in Windows ICS, but magically stop when connected to pfSense or OPNsense running zenarmor. Not to say they are always working properly, but the tls inspection is great. Zenarmor automatically binds all tls to a single thread. Maybe crowdsec would work great too idk

                                    1 Reply Last reply Reply Quote 1
                                    • J
                                      JonathanLee @johnpoz
                                      last edited by Jul 22, 2024, 7:52 AM

                                      @johnpoz thank you again for the OpenWRT recommendation. It is amazing, I have it running on an Archer C7. Never going back to the stock firmware it is amazing. I am perplexed at how they got that to run on such a small set of code. Just wow!! (I still love my pfSense never leaving it) but I got to tell you OpenWRT can hold its own with the 7000+ packages even my favorite Squid is on it.

                                      Make sure to upvote

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                        This community forum collects and processes your personal information.
                                        consent.not_received