T-Link Kasa REPLACING a device

Configuration
1

I recently had an HS200 switch (Hardware V3, Firmware: 1.1.14) totally fail, that is, it would no longer power-on (no lights, no nothing…)

Since the dead HS200 was configured and working with HA and fully isolated from the internet I had to do the following before replacing it:

  • PiHole: Disable Blacklist entry for: tplinkcloud.com
  • Router: Update firewalls rules to DISABLE “Drop Traffic” IN|OUT internet traffic to my Kasa devices
  • Router: Forget the dead HS200, (disassociate my assigned fixed IP address from the dead MAC address)
  • Phone: log in to the Kasa App to ensure that all works with “cloud” control

Once that was all done, I proceeded as follows:

  • Hole in the wall: I physically removed the dead HS200 and replaced it with a “new” one ((Hardware V3, Firmware: 1.0.3).
  • Phone: Add the new HS200 to my IOT network through the Kasa App.
  • Phone: When naming the new HS200, I added a “2” to the name of the device (as in: Name2)
  • Router: Once the HS200 was visible on my network, I reassigned the original fixed IP address to the new MAC address
  • HA(Pi): Restart Home Assistant

It kind of, mostly worked. I ended up with Name and Name2 as devices in the TP-Link integration. I deleted the original Name and renamed Name2 to Name I restarted Home Assistant again. Success and Joy!

Now for the bad news:

  • This morning I had the bright idea that I might be able to reset/fix the dead HS200
  • Applied power (with the appropriate connections)
  • It looked like a normal power-on for about 2 seconds, then over a period of 5 to 10 seconds (not sure) the wihite circle flashed, Amber/Green flashing on WiFI LED… then dead…
  • So what’s the big deal, just throw the dead HS200 in the trash… no problem
  • BUT… my new “Name” HS200 works AOK in the Kasa App but no longer works with Home Assistant (all other devices still work)
  • I restart HA, the TP-Link integration somehow picked up the now DHCP assigned address of the dead HS200 when I attempted to power it up.
  • More restarts, no success.
  • Delete the “Name” device from the TP-Link integration, more restarts.
  • Still unable to get the TP-Link integration to “adopt” the new HS200 (same IP address as always)

I have a backup that I can restore from 2 days ago, but before I do:
Where is the TP-Link configuration stored???

I’d like to fix this so that I understand what went wrong. If I restore the backup to get it working I will have just “bypassed” the issue.

Thanks!

2

I’d still like to know…

but in the mean time, I re-booted the HA host instead of just restarting HA. That seems to have fixed the issue. My “new” HS200 was added to the TP-Link integration.

As I mentioned earlier, I had to UNblock and provide access to tplinkcloud.com and allow the kasa devices access to the mothership to activate/add the new device Can anyone detect when tplink access was gramted/removed?

PiHole dashboard.

image
image1039×399 77.9 KB

With access to tplink stuff, only 7.2% of DNS queries were blocked, when I disable access to tplink land, then 47% of DNS queries are blocked. Those are some “chatty” devices.

3

Wow. Last week, I created vlans on my router to separate all the home automation devices and IOT stuff from my computers & phones on the main vlan.
Initially, I intended to block internet access from the IOT-LAN, but when I tried to reinstall all the devices to the new subnet, NONE of them (except one older Kasa/TP Link device) would install without Internet access! So, I had to go back into the router and modify the firewall rules to allow IOT-LAN access to internet. :scream:
(But at least I’ve isolated them on their own LAN, and I can access the IOT-LAN from the (main) LAN, but not the other way around! I just can’t keep them from “phoning home.” )
(I also discovered many have NO SECURITY and it cannot be changed. Some even have IP6 addresses, just waiting for anyone to come along who understands the hardware & how to access them, and start to play with them!)

Anyway, it never occurred to me to block them with my Pi-Hole. I might try that!
(I’m just getting accustomed to it, only recently installed it. So far, it’s great at blocking ads. It hadn’t occurred to me (yet) to use it for “other things,” lol.)
Great idea!

4

13 devices over 24 hours, 47382 (PiHole) blocks,

image

My Unifi KASA OUT rule gets triggered about 100 times an hour:
(prevents drops all outbound WAN communication)

Kasa Devices = IP addresses of my 13 KASA devices

image
image803×940 38.8 KB