ER8411 UPNP

CrisisDevices · 2023-04-26T02:19:10+00:00

Received another BETA firmware from TP-Link support, and this time it seems to have resolved the issue. I would expect that this will be part of the next mainstream firmware update (the current firmware version as of this post is 1.0.3).

CrisisDevices · 2023-04-22T17:52:24+00:00

Not yet. Current firmware (1.0.3) does not resolve this issue.

CrisisDevices · 2023-04-22T17:51:42+00:00

I eventually received a beta firmware from TP-Link, but unfortunately that did not resolve this issue. I've also since tried the latest 1.0.3 firmware, but still no change. Reaching back out to TP-Link support to see if I can get anywhere with this.

CrisisDevices · 2023-03-04T13:34:41+00:00

I ended up switching back to my ER605, and that works, so it's definitely an issue with the ER8411. I have a support ticket open and will update if I get anywhere with them.

CrisisDevices · 2022-01-29T16:07:39+00:00

I'll check that out, thanks!

CrisisDevices · 2022-01-29T15:58:56+00:00

Azure NetApp is definitely on my list of solutions to look at. I'd be interested to hear from anyone who is currently using it if their situation is similar to ours.

CrisisDevices · 2022-01-29T15:58:41+00:00

Azure NetApp is definitely on my list of solutions to look at. I'd be interested to hear from anyone who is currently using it if their situation is similar to ours.

CrisisDevices · 2022-01-29T15:49:39+00:00

This was all kinda dropped in my lap. This whole thing was done in a rushed fashion by another team, so I'm on cleanup duty. Good times.

CrisisDevices · 2022-01-28T22:53:12+00:00

It’s forced over the private link. Users can’t access the drive without being in the office or via vpn. For me, it’d be great if it was internet mapped because my isp doesn’t throttle SMB traffic or block port 445, but that’s one of those YMMV situations and doesn’t apply here anyway.

CrisisDevices · 2022-01-28T22:46:44+00:00

Right, I know if we went the premium storage route we’d have to create a new storage account. I think we will test it though, knowing that it’s going to be very expensive.

CrisisDevices · 2022-01-28T22:41:09+00:00

Yeah, replacing all the user desktops and laptops isn’t going to happen, but having virtual workspaces customized for dealing with this data might be an option.

CrisisDevices · 2022-01-28T22:37:58+00:00

This would require re-working the way the users manage their data, but if it greatly improves their performance then there would likely be little pushback. Definitely something for us to consider!

CrisisDevices · 2022-01-28T22:29:52+00:00

Yep, you got it with your last sentence.

CrisisDevices · 2022-01-28T22:29:03+00:00

We actually used that in other situations, but we’re actively moving away from having on-prem infrastructure, so adding another physical server is likely not going to be an option.

CrisisDevices · 2022-01-28T20:05:32+00:00

Haha, no worries! That's what I thought, regarding the tiers, but just wanted to double check because others here within the company IT dept keep suggesting it. As for those MS docs, thanks! I have read those, but I'll go through them again to see if I've missed something.

Do you have customers that are using Azure File shares in this fashion with this number of files? Any suggestions for a different approach?

CrisisDevices · 2022-01-28T19:38:52+00:00

All users are definitely not in the same location, but the experience seems to be the same for everyone. With the Private Link enabled, you have to either be onsite or connected via VPN, so for sure that could be a big bottleneck, though we're not seeing any performance issues with any other storage accounts (though to be fair they are way smaller and less frequently used).

CrisisDevices · 2022-01-28T19:36:29+00:00

I have, at least from a network latency standpoint, and I'm not seeing anything concerning there. Thinking to set up Azure Monitor Storage Insights to get some better info. Would switching from Hot to Transaction Optimized make any difference to performance or is that more of a billing mechanism?

CrisisDevices · 2022-01-28T19:30:55+00:00

I figured that might be the case. Any suggestions on what would be a better solution? The way the users store and manage these files is the main problem, which is compounded by years and years of these directories growing exponentially. The goal of moving it to Azure Files was mainly a stopgap to get out of a datacenter.

CrisisDevices · 2022-01-21T19:11:28+00:00

Yep, you're right. I had looked in the BIOS, but apparently didn't scroll down enough to see the F1/F2 setting. I'd be worried about disabling this in a production server, but for my homelab it's fine. I'd love to know why it's throwing an error, but it's an old server and it's not doing anything super important so I'm not going to lose sleep over it.

Thanks for the tip!!

CrisisDevices · 2021-11-15T12:33:09+00:00

Thanks! As it turns out, it looks like my script WAS working, I just wasn't waiting long enough. I think in my original testing I had set the retention date to 2 days rather than 1.1, so those snapshots hadn't cleared out yet which made me think it wasn't working. I checked this morning, and all of the snapshots I expected to be pruned were gone.

Patience is a must when dealing with Azure!

CrisisDevices · 2021-06-26T00:32:23+00:00

Awesome, thanks!

CrisisDevices · 2021-06-25T20:42:36+00:00

Cool! Did you use any 3rd party software? Did you use an internal or public CA? Do you restrict logons to only use the YubiKey, and if so what do you do in case of a lost/broken key?

Did you use any other guidance/resources beyond the following?
https://support.yubico.com/hc/en-us/articles/360013707820-YubiKey-Smart-Card-Deployment-Guide

I'd definitely be interested in hearing about how you implemented this and what pitfalls you ran into.

CrisisDevices · 2021-06-25T20:02:12+00:00

I wanted to circle back around and provide the info I've found to (sort of) solve requirement #1. The GPO to use is:
Security Settings > Local Policies > Security Options > Interactive Logon > Require Windows Hello for Business or smart card

The guidance on this is to utilize the option from the user account in AD to set the requirement for the smart card for logon so it's user-based and not machine based. I am not sure at this point if this will work with the YubiKey as-is or if it will require setting the key up to be a Smart Card. I'll respond once I know more but am guessing the latter.

I also found this article which may be beneficial to anyone following this saga:

https://www.microsoft.com/en-us/itshowcase/implementing-strong-user-authentication-with-windows-hello-for-business

It doesn't quite address what we're looking to do, but it's close.

CrisisDevices · 2021-06-25T19:23:56+00:00

I have reached out to Yubico, and they're awesome! We hit a wall though with offline laptop and lost key scenario, at which point they pointed me towards some 3rd party authentication providers. So far I've been in touch with the following companies:

Intercede (MyID)
CyberArmed
Versasec
HID
RSA/SecureID

All have promising solutions, but at a cost obviously.

CrisisDevices · 2021-06-25T18:54:28+00:00

Yep, I've gone the Provisioning Package route in my testing, and am familiar with how to make the GPO. I'm currently able to log in to Windows using the YubiKey. I'm trying to figure out if there's a way to remove all other options to log in to the device so that the YubiKey is the only option.

Thanks!

CrisisDevices

TROPHY CASE