Hi.
I have come across an issue with the Mediafast. It consists on it caching stuff that should not be chached. Two examples I have experienced.
-
We installed a MFA-750 in a university, however it happens that this university has its own radio station. So when the caching is on, it will not allow the traffic to refresh as it brings it back from the SSD, and thus it does not work properly. Once the caching is off the problem goes away. I understand that i can fix this by placing the radio station devices on a separate VLAN, and then NOT cache this VLAN at all, however in this particular case, this is not viable.
-
We have a MFA-750 installed with 50 Speedfusion peers in star configuration. Each of the peers is in a monitoring site. So when we PPTP in the MFA, and try to reach the end points, the cache brings the information back from ssd and not from the actual device we need to access.
I think that if we could decide a type of traffic, port, IP, mac or somehow isolateany specific source or destination to be outside of the caching (on the same network), would be very useful.
Thanks,
Alex
can’t you just blacklist the IP addresses and URLs that you don’t want the system to cache?
1 Like
you can also specify extensions (like the streaming extension) of files to include
1 Like
Thanks Peter… It is a bit more complex but we finally managed to get the customer to agree on VLans and so, we can now Black/White list and it is now working fine.
Thanks again for you help.
Alex
1 Like
I’ll definitely agree that the Secure Content Caching problem is “a bit more complex”. We recently purchased a MediaFast 500 for a 50-user accounting firm and were disappointed to find that we were instantly flooded with user complaints: banking sites wouldn’t allow login, RDP sessions to client sites failed during login, authenticator and other apps couldn’t communicate with their web services, IoT devices couldn’t access online updates, etc.
The complaints came so quickly that we couldn’t keep up, so we just ended up disabling Secure Caching for now, which defeated the purpose of purchasing the relatively expensive MediaFast. We were simply overwhelmed trying to appease the users while researching the domains to blacklist for caching for them. There’s no way we could have done that for every application/service the users complained about, let alone for all future domains they might access.
Peplink should really take a deeper look at real-world usability for this feature and avoid caching secure data that interferes with secure site logins, RDP sessions, VPNs, and the like. Caching graphics and text is fine, but most other data just breaks the experience for the majority of public web sites (which use HTTPS) today.
I know we REALLY would have benefitted from an up-front description of the requirement to load the certificate on each computer/device if it would have been disclosed IN THE SALES LITERATURE or on the product information section of the website. Instead, we found out during the setup that we had to install the certificate ONLY by clicking on a small “help” button, and even then, we were redirected several times to find the appropriate information on Peplink’s site showing how to access/install the certificate. Also, it would have been helpful to know that secure content caching was an all-or-nothing feature for everyone accessing the router unless we defined separate subnets in advance for wireless guests, IoT equipment, etc. All together, the lack of up-front information really makes this feature disappointing for use in a small business with an existing, single-subnet network that needs a fast, easy way to implement caching.
We’ll revisit the feature for testing as we can with our client, but their first bad experience has really not been pleasant. Hopeful that this can be improved for ease-of-use in future firmware updates.
3 Likes
