Get online support
@Riezland @Anonymous
Much like basically everyone else on this thread, I've just discovered (when i actually needed to VPN back into my home network) that my VPN server was disabled on my router by TPG, without my consent, and without any courtesy of at least a notification of what was about to come.
Some feedback here is warranted.
It concerns me a great deal that TPG has super user (su) access to my modem and update it at will to a different firmware. That presents a massiave security hole in my mind which I never signed up for. I don't understand how having a VPN Server on my modem/router is a security concern enough to warrant TPG updating my firmware without ever notifying me, yet, the very fact that TPG can just waltz into my router (and hence my home network) as a super user doesn't concern you at all?
Have been with TPG for more than 10 years now, and while you are not known for your customer service, I've always been happy with you as I generally know what I am doing around computer networks. But this is rather abhorrent and a violation of some basic trust between a customer and their vendor.
Hi @deantsou01 I don't beleive that anywhere in the T's & C's that VPN is supported, in addition it does say [We reserve the right to provide access to the Internet via Proxy Servers].
I think any technical descision to remove such an option was for your's and everyone else on the network's benefit.
In the user manual for the Archer VR1600v, there is a section on VPN servers. When I signed up for TPG NBN, I specifically checked that the modem provided by TPG would have this function. When you get a piece of hardware, you would often check that that piece of hardware can support certain functionality before you buy it.
This is like you deciding to buy a phone because it supports Bluetooth, and without your consent or even giving you the option to opt out, the vendor of the phone updates your phone's software remotely to disable Bluetooth, and now you can no longer connect your phone to your wireless bluetooth headset or car's hands free system.
Hi TPG,
Can you please advise answers to our questions below in relation to this subject (VPN / security / service), so that I may pass onto my group who are all TPG customers. The relevant background information as per our phone conversations has been summarised below for ease of reference.
1 - Please confirm or advise otherwise that the VPN Server functionality has been removed permanaently from the TPLink VR1600 modem that we use to connect to the Internet, and that this is a permanent security upgrade for our benefit?
2 - Please confirm or advise otherwise that the removal of the system logs, and bandwidth monitoring from the VR1600 modem similarly will result in a security benefit for TPG customers?
3 - Please confirm or advise otherwise that the use of TLS1.0 protocol in any communications of the VR1600 modem is not a security concern, and that we do not need to worry about this from a security perspective?
4 - Please advise any and all actions required to be taken on customer side to ensure the continued and best possible network and customer security is provided by TPG's security team, without interuption?
5 - Please advise which modem is recommended by TPG to replace or supplement the VR1600 in regards to VPN server functions? Alternatively please advise the steps required to reinstate the VPN functionality, as built into the modem either as supplied at time of purchase, or as improved to comply with TPG security standards?
6 - Please advise the specific improvements in security that have been gained by this decision to modify the VR1600 and remove the VPN server function? This need not be a technical response, just enough for our members to know what improvements were made - they can use WolframAlfa to detail the specifics themselves.
We were a little taken aback when TPG disclosed it had modified the firmware of our modem, to remove functionality, without our consent, and at unavoidable and considerable inconvenience and expense, but the advice from your staff has helped me convince the others that this was a necessary security upgrade. (As I convinced the rest of the group to utilise a common provided to standardise our equiment/services I do feel responsible to all of them when things like this, which really shouldn't happen, do.)
Before we incur further cost in purchasing and commissioning new modems, and documentation updates at each property we would like assurance that this feature is permanently removed from our device/service with TPG and won't be reenabled some time after we have gone to this effort and cost.
Incidentally, at least one member has received professional advice that advises the removal is not (by itself) beneficial from a security perspective, and that it apparent even to the layperson as we are simply purchasing new hardware to replicate the feature removed from our hardware but I think I have talked him around based on the responses TPG has given, and he now wants reassurance about the permanancy of the change.
Another member received advice that the removal of the feature from our hardware is in breach of Australian Consumer Law and common law property rights. I haven't been able to convince him otherwise, I expect I will end up paying for his modem.
I think I have managed to convince the group on the need for them to pay for the new modems as increased Internet security in light of advice from TPG on this forum. The ransomware attack we experienced in February has been a great cost to all involved and it is of some comfort that this change will be to our benefit in a security sense. We are awaiting experts report, and hopefully insurance will cover the significant costs of this attack, I just hope the lack of system logs will not be detrimental in this regard, fingers crossed!
I was told in initial phone query that TPG had faced extra costs because of Covid19 and more people working from home so have been proceeding on the implication that rather than being a service / feature of hardware which has been removed, instead we are paying for the increased security of having the VPN Server functionality removed from the VR1600 and the separate benefit of having VPN sever functionality provided by a secure method, allowing VPN necessary to working from home.
Thank you in advance.
@Anonymous wrote:Hi @gbartlett28,
Welcome to the community!
We provide the modem for all our NBN plans as they are sold as an Internet & Home Phone Bundle,currently our supplied modem/router do not support the VPN feature, we will definitely take this into consideration for any future firmware upgrades. We'd like to set your expectation that we can no longer downgrade the modem/router from previous released firmware.
In the mean time if you wish to use VPN you have option to use a 3rd party modem/router or a VPN application supplied by VPN provider.
Regards,
I had a VPN set up. I don't use it often, but when I do it needs to work because I'm not at home to fix things.
I don't recall a notice from TPG saying that the VPN functionality was scheduled to be disabled.
I want to know, under the terms of my contract with TPG, who owns my modem? If I own it, then surely TPG should not be disabling functionality without asking me.
Your solution of using third-party VPN means that I need to buy additional hardware.
What do you have to say?
Attn TPG Support,
This VPN removal has now broken my home security system. You are saying the only option is a different router - but then VOIP doesn't work. Are TPG really saying that I have to now change to another NBN provider in order to get the service I need? That is how I am reading it. I have started the search for alternatives. If there is any chance the OPENVPN service will be restored in the TPG routers firmware - please advise asap so that I can avoid the pain of changing ISP. I will also call support once for confirmation. Thank you!
Well - no need to reply TPG. I spoke to support and their advice was change NBN providers. No problem. Don't like the customer service but appreciate the honesty. Bye.
I think you removed the VPN service just to better controll and monitor user activity and sell it to third party
"In the best interests of our network and customer security, our vendor and security team have chosen to disable the VPN Server functionality on the TPLink VR1600
If you wish to use VPN server functionality, we recommend you install 3rd party software on your PC/server which will address your needs."
That's a laughable solution. It's like saying council telling everyone that ducted heater in my house is a security issue and that it is removed. But if you want, you can buy a portable heater from the market.
First of all, my security is none of your concern. You are just an ISP, not my mother. How come you, at your whim, disable features in the modem that I BOUGHT?
If you were so concerned about our security, you should have at least made that feature opt-in. That way those people who opt-in will know the risks and others can have their "so-called" security. Removing features without explicit consent or even a notice doesn't sit right with me.
I am a loyal TPG customer for 5 years but looks like I will need to look for a better provider like so many other members here. Disgusting behavior by TPG!
This is particularly weird - OpenVPN is reputed to be fast, secure, and reliable. Yet you claim:
...In the best interests of our network and customer security, our vendor and security team have chosen to disable the VPN Server functionality on the TPLink VR1600
...
Can you substantiate the security concern please? If this was PPTP VPNwe were talking about, then I'd be asking why you still had it on this long! But OpenVPN being a security concern, please! What is the PHB smoking???
@AtHarsh wrote:"In the best interests of our network and customer security, our vendor and security team have chosen to disable the VPN Server functionality on the TPLink VR1600
If you wish to use VPN server functionality, we recommend you install 3rd party software on your PC/server which will address your needs."
That's a laughable solution. It's like saying council telling everyone that ducted heater in my house is a security issue and that it is removed. But if you want, you can buy a portable heater from the market.
First of all, my security is none of your concern. You are just an ISP, not my mother. How come you, at your whim, disable features in the modem that I BOUGHT?
If you were so concerned about our security, you should have at least made that feature opt-in. That way those people who opt-in will know the risks and others can have their "so-called" security. Removing features without explicit consent or even a notice doesn't sit right with me.
I am a loyal TPG customer for 5 years but looks like I will need to look for a better provider like so many other members here. Disgusting behavior by TPG!
Yep it's a complete disgrace they damage peoples property, I can't believe they';ve gotten away this disgraceful atittude, I'm not even a goddamn TPG customer!