So I just added a TP-Link switch (TL-SG3428X) and access point (EAP670) to my network, using OPNSense for routing, and was previously using a TP-Link SX-3008F switch as an aggregate (which I no longer need). I’m still within the return window for the new switch and access point, and have to admit the sale prices were my main reason with going for these items. I understand there have been recent articles mentioning TP-Link and security risks, so I’m thinking if I should consider returning these, and upping my budget to go for ubiquity? The AP would only be like $30 more for an equivalent, so that’s negligible, but a switch that meets my needs is about 1.6x more, however still only has 2 SFP+ ports, while I need 3 at absolute minimum.

I’m generally happy with the performance, however there is a really annoying bug where if I reboot a device, the switch drops down to 1G speed instead of 10G, and I have to tinker with the settings or reboot the switch to get 10G working again. This is true for the OPNSense uplink, my NAS and workstation. Same thing happened with the 3008F, and support threads on the forums have not been helpful.

In any case, any opinions of switching to ubiquity would be worth it?

  • Dr Jekell
    link
    English
    13 hours ago

    So I just added a TP-Link switch (TL-SG3428X) and access point (EAP670) to my network, using OPNSense for routing, and was previously using a TP-Link SX-3008F switch as an aggregate (which I no longer need). I’m still within the return window for the new switch and access point, and have to admit the sale prices were my main reason with going for these items.

    I’ve heard the TP-Link Omada lineup being called a budget friendly Ubiquity alternative and a number of reviewers have said that while the Omada ecosystem is not as fully featured as the Ubiquity ecosystem it can hold it’s own.

    I understand there have been recent articles mentioning TP-Link and security risks, so I’m thinking if I should consider returning these, and upping my budget to go for ubiquity?

    From what I understand about TP-Link and security risks is that it mostly affected the consumer line rather than the Omada business lineup and had two main causes.

    First is consumers just buying whatever is cheapest at the time, plugging it in, doing minimal configuration, not updating the firmware regularly and then connecting whatever random IOT crap they brought to it blowing holes in the firewall giving hackers ample opportunities to easily get in.

    Second is TP-Link (along with a lot of other networking equipment Mfg) used to follow the “use a wizard to give the device a base config then let the customer configure the rest”, leaving a lot of things open or not configured as it was expected that the customer was knowledgeable enough to do it properly.

    Now a days companies are much more security conscious and have designed the base setup to be locked down, requiring strong encryption, strong passwords even going towards automatically installing firmware updates.

    Given that the Omada lineup is their business line they will generally be on top of any security concerns.

    The AP would only be like $30 more for an equivalent, so that’s negligible, but a switch that meets my needs is about 1.6x more, however still only has 2 SFP+ ports, while I need 3 at absolute minimum.

    Another one to look at would be the Mikrotik CRS328-24P-4S+RM, which seems to tick most of your boxes (24 Gig RJ45 ports with 4 10 Gig SPF+ ports).

    It would have to be managed either through Winbox or through the web UI which may or may not be a downside.

    I’m generally happy with the performance, however there is a really annoying bug where if I reboot a device, the switch drops down to 1G speed instead of 10G, and I have to tinker with the settings or reboot the switch to get 10G working again. This is true for the OPNSense uplink, my NAS and workstation. Same thing happened with the 3008F, and support threads on the forums have not been helpful.

    I am guessing that this is an issue with the SFP+ ports using copper RJ45 transceivers?

    Have you:

    • Confirmed that the transceivers are properly compatible with TP-Link switches
    • Fully updated the firmware on the switch, transceivers (if possible) and client network cards
    • Tested new cables
    • Checked the settings on the switch, transceivers and client network cards to see if there is a problem with link negotiation

    In any case, any opinions of switching to ubiquity would be worth it?

    From what I understand about Ubiquity is if you have plans to expand your network setup with cameras, doorbells, intercoms, etc in the future then it may be worth it but it’s going to hit you in the wallet.

    But then again Ubiquity is pushing their SSO cloud account hard, so that may be a downside.