TP-Link manual Advanced Security, TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide

Page 62
4.9.2 Advanced Security

TL-WR841N/TL-WR841ND300Mbps Wireless N Router User Guide

disable the Router’s firewall.

zSPI Firewall - SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through the session conforms to the protocol. SPI Firewall is enabled by factory default. If you want all the computers on the LAN exposed to the outside world, you can disable it.

¾VPN - VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec, PPTP, or L2TP protocols to pass through the Router’s firewall.

zPPTP Passthrough - Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass through the Router, keep the default, Enabled.

zL2TP Passthrough - Layer 2 Tunneling Protocol (L2TP) is the method used to enable Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to pass through the Router, keep the default, Enabled.

zIPSec Passthrough - Internet Protocol Security (IPSec) is a suite of protocols for ensuring private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services. To allow IPSec tunnels to pass through the Router, keep the default, Enabled.

¾ALG - It is recommended to enable Application Layer Gateway (ALG) because ALG allows customized Network Address Translation (NAT) traversal filters to be plugged into the gateway to support address and port translation for certain application layer "control/data" protocols such as FTP, TFTP, H323 etc.

zFTP ALG - To allow FTP clients and servers to transfer data across NAT, keep the default Enable.

zTFTP ALG - To allow TFTP clients and servers to transfer data across NAT, keep the default Enable.

zH323 ALG - To allow Microsoft NetMeeting clients to communicate across NAT, keep the default Enable.

zRTSP ALG - To allow some media player clients to communicate with some streaming media servers across NAT, click Enable.

Click the Save button to save your settings.

4.9.2 Advanced Security

Choose menu “Security Advanced Security”, you can protect the Router from being attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in Figure 4-40.

RTSP ALG - To allow some media player clients to communicate with some streaming media servers across NAT, click Enable.

- 53 -

Page 61 Page 63
Image 62
Page 61 Page 63
Contents TL-WR841N TL-WR841ND 300Mbps Wireless N Router Rev 1910010635COPYRIGHT & TRADEMARKS FCC STATEMENTNational restrictions FCC RF Radiation Exposure StatementCE Mark Warning CountryNCC Notice Industry Canada StatementKorea Warning Statements Page Model No. TL-WR841N/TL-WR841ND Product Description 300Mbps Wireless N RouterDECLARATION OF CONFORMITY ETSI EN 300 328 V1.7.1Chapter 2. Connecting the Router CONTENTSPackage Contents Chapter 3. Quick Installation Guide4.7.2 Appendix C Specifications Appendix A FAQAppendix B Configuring the PC Appendix D GlossaryPackage Contents TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User GuideChapter 1. Introduction Flexible Access ControlSimple Installation 1.1 Overview of the RouterThe differences between them are 1.3 Main Features1.2 Conventions ¾ TL-WR841N Router with 2 fixed antennasName 1.4 Panel Layout1.4.1 The Front Panel Statusz Used as RESET button 1.4.2 The Rear Panelz Used as WPS button 2.3 Connecting the Router Chapter 2. Connecting the Router2.2 Installation Environment Requirements 2.1 System Requirements7. Power on your PC and Cable/DSL Modem Chapter 3. Quick Installation Guide 3.1 TCP/IP ConfigurationPlease check the connection following these steps 3.2 Quick Installation Guide Enter key300Mbps Wireless N Router User Guide TL-WR841N/TL-WR841NDFigure 3-7 Quick Setup - PPPoE Figure 3-8 Quick Setup - MAC CloneFigure 3-9 Quick Setup - MAC Clone Figure 3-10 Quick Setup - Static IPFigure 3-11 Quick Setup - Wireless z PSK Password - You can enter ASCII or Hexadecimal characters 4.6 Wireless4.2 Status Chapter 4. Configuring the Router4.1 Login 4.4 WPS 4.3 Quick SetupPlease refer to 3.2 Quick Installation Guide Figure 4-1 Router StatusI. Use the Wi-Fi Protected Setup Button II. Enter the client device’s PIN on the Router III. Enter the Router’s PIN on your client device4.5 Network 4.5.1 WANFigure 4-6 WAN - Dynamic IP TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide Figure 4-8 WAN - PPPoE to have elapsed before your Internet access disconnects TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide NSW / ACT - nsw.bigpond.net.au TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide Figure 4-12 PPTP Settings z Static IP - Connections which use static IP address assignment 4.5.2 MAC Clonez Dynamic IP - Connections which use dynamic IP address assignment 4.5.3 LAN Only the PC on your LAN can use the MAC Address Clone function4.6 Wireless 4.6.1 Wireless SettingsFigure 4-16 Wireless Settings TL-WR841N/TL-WR841ND 300Mbps Wireless N Router User Guide 4.6.2 Wireless Security Figure 4-18 Wireless Security Encryption - You can select either Automatic, or TKIP or AES 4.6.3 Wireless MAC Filtering Figure 4-22 Wireless MAC FilteringTo modify or delete an existing entry 4.6.4 Wireless Advanced 4.6.5 Wireless Statistics This page will be refreshed automatically every 5 seconds 4.7.1 DHCP Settings4.7 DHCP 4.7.2 DHCP Client List 4.7.3 Address Reservation To Reserve an IP address4.8 Forwarding 4.8.1 Virtual ServersTo set up a virtual server entry 4.8.2 Port Triggering To add a new rule, follow the steps below 4.8.3 DMZ 3. Incoming Ports cannot overlap each otherFigure 4-36 DMZ 4.8.4 UPnPTo assign a computer or server to be a DMZ server 4.9 Security 4.9.1 Basic Security4.9.2 Advanced Security Figure 4-40 Advanced Security 4.9.3 Local Management 4.9.4 Remote Management Figure 4-42 Remote Management4.10 Parental Control To add a new entry, please follow the steps below7. Click the Save button 4.11Access Control 4.11.1 RuleThere are two methods to add a new rule Method One If the MAC Address is selected, you can see the following item If the IP Address is selected, you will see the following items Method Two Figure 4-52 Add Internet Access Control Entry 4.11.2 Host Figure 4-53 Host Settings4.11.3 Target Figure 4-56 Target Settings Figure 4-57 Add or Modify an Access Target Entry Figure 4-58 Add or Modify an Access Target Entry4.11.4 Schedule To add a new schedule, follow the steps belowFigure 4-61 Advanced Routing Menu 4.12Advanced RoutingFigure 4-60 Advanced Schedule Settings 4.12.1 Static Routing To add static routing entries, follow the steps below4.13 Bandwidth Control 4.12.2 System Routing Table4.13.1 Control Settings 4.13.2 Rules ListTo add/modify a Bandwidth Control rule, follow the steps below 4.14 IP & MAC Binding Setting4.14.1 Binding Settings Figure 4-69 Binding Settings To add IP & MAC Binding entries, follow the steps belowTo modify or delete an existing entry, follow the steps below Figure 4-70 IP & MAC Binding Settings4.14.2 ARP List To find an existing entry, follow the steps below4.15 Dynamic DNS 4.15.1 Comexe.cn DDNSTo set up for DDNS, follow these instructions 4.15.2 Dyndns.org DDNSFigure 4-75 No-ip.com DDNS Settings 4.15.3 No-ip.com DDNSFigure 4-74 Dyndns.org DDNS Settings 4.16.1 Time Settings 4.16 System ToolsTo set time manually To set Daylight Saving 4.16.2 DiagnosticTo set time automatically 2. The time will be lost if the router is turned offFigure 4-78 Diagnostic Tools 4.16.3 Firmware Upgrade To upgrade the Routers firmware, follow these instructions below4 The Router will reboot after the upgrading has been finished 4.16.4 Factory Defaults4.16.5 Backup & Restore 4.16.6 Reboot 4.16.7 Password 4.16.8 System LogFigure 4-86 Mail Account Settings 4.16.9 Statistics z z z z zStatistics Table SYN Tx ResetUDP Tx ModifyAppendix A FAQ 1. How do I configure the Router to access Internet by ADSL users?3. I want to use NetMeeting, what do I need to do? Figure A-5 Add or Modify a Virtual server Entry 4. I want to build a WEB Server on the LAN, what should I do? Figure A-7 Basic Security5. The wireless stations cannot connect to the Router Figure B-1 Appendix B Configuring the PC1. Configure TCP/IP component shown in the Figure below ¾ Setting IP address automaticallyNow you have two ways to configure the TCP/IP protocol below Figure B-2¾ Setting IP address manually Figure B-3Now click OK to keep your settings General Appendix C SpecificationsWireless Environmental and PhysicalAppendix D Glossary hosts to the Internet over an always-on connection by simulating a dial-up connection
Top Page Image Contents