I’ll definitely agree that the Secure Content Caching problem is “a bit more complex”. We recently purchased a MediaFast 500 for a 50-user accounting firm and were disappointed to find that we were instantly flooded with user complaints: banking sites wouldn’t allow login, RDP sessions to client sites failed during login, authenticator and other apps couldn’t communicate with their web services, IoT devices couldn’t access online updates, etc.
The complaints came so quickly that we couldn’t keep up, so we just ended up disabling Secure Caching for now, which defeated the purpose of purchasing the relatively expensive MediaFast. We were simply overwhelmed trying to appease the users while researching the domains to blacklist for caching for them. There’s no way we could have done that for every application/service the users complained about, let alone for all future domains they might access.
Peplink should really take a deeper look at real-world usability for this feature and avoid caching secure data that interferes with secure site logins, RDP sessions, VPNs, and the like. Caching graphics and text is fine, but most other data just breaks the experience for the majority of public web sites (which use HTTPS) today.
I know we REALLY would have benefitted from an up-front description of the requirement to load the certificate on each computer/device if it would have been disclosed IN THE SALES LITERATURE or on the product information section of the website. Instead, we found out during the setup that we had to install the certificate ONLY by clicking on a small “help” button, and even then, we were redirected several times to find the appropriate information on Peplink’s site showing how to access/install the certificate. Also, it would have been helpful to know that secure content caching was an all-or-nothing feature for everyone accessing the router unless we defined separate subnets in advance for wireless guests, IoT equipment, etc. All together, the lack of up-front information really makes this feature disappointing for use in a small business with an existing, single-subnet network that needs a fast, easy way to implement caching.
We’ll revisit the feature for testing as we can with our client, but their first bad experience has really not been pleasant. Hopeful that this can be improved for ease-of-use in future firmware updates.