USG40, UDP behavior with TPLINK Tapo security cameras
Options
Hello,
Naturally, this question should be more targeted to TP-LINK, but I ask some information here as well.
I purchased TP-Link Tapo Security camera in my LAN network. The camera itself is working fine and connections through TP-Link cloud is working ok. When I was looking for my USG40 logs, I can see that Tapo camera is continuously trying to connect Amazon cloud in Ireland with UDP traffic and the answers are blocked. The log file is full of sequences like this:
Sessions from the TP-Link cam to Amazon:
UDP: tapo.cam.ip.address:19381 -> 54.228.218.124:3478
UDP: tapo.cam.ip.address:19382 -> 54.48.246.100:3478
UDP: tapo.cam.ip.address:19381 -> 54.48.246.100:3478
Returning traffic:
UDP: 52.48.246.100:3479 -> my.usg.ip.address:19382
UDP: 52.229.218.124:3478 -> my.usg.ip.address:19382
Don't know really what this traffic is and I don't assume it is any kind of security issue. The IP and port numbers in the returning traffic does not seem to match. I was highlighting the issues in bold. Difficult to believe, Amazon was having issues in their cloud either, so I'm a little empty handed here.
Any idea from anyone?
Regards
Kelmi
Naturally, this question should be more targeted to TP-LINK, but I ask some information here as well.
I purchased TP-Link Tapo Security camera in my LAN network. The camera itself is working fine and connections through TP-Link cloud is working ok. When I was looking for my USG40 logs, I can see that Tapo camera is continuously trying to connect Amazon cloud in Ireland with UDP traffic and the answers are blocked. The log file is full of sequences like this:
Sessions from the TP-Link cam to Amazon:
UDP: tapo.cam.ip.address:19381 -> 54.228.218.124:3478
UDP: tapo.cam.ip.address:19382 -> 54.48.246.100:3478
UDP: tapo.cam.ip.address:19381 -> 54.48.246.100:3478
Returning traffic:
UDP: 52.48.246.100:3479 -> my.usg.ip.address:19382
UDP: 52.229.218.124:3478 -> my.usg.ip.address:19382
Don't know really what this traffic is and I don't assume it is any kind of security issue. The IP and port numbers in the returning traffic does not seem to match. I was highlighting the issues in bold. Difficult to believe, Amazon was having issues in their cloud either, so I'm a little empty handed here.
Any idea from anyone?
Regards
Kelmi
0
All Replies
-
In my understanding, it could be TP-Link cloud is on AWS, so that there are the session communicate between TP-Link camera and IP address of AWS.
The camera record the data transmission to TP-Link cloud, so client can monitor image in real-time.
Since it's the UDP traffic, and the return session was initiated by Server, for exactly internal process, you probably need to check with TP-Link.0
Categories
- All Categories
- 383 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 200 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight