TP-Link manual TL-WR940N Wireless N Router, 37 Basic Security, z z z

Page 64

Figure 4-37 Basic Security

TL-WR940NWireless N Router

Figure 4-37 Basic Security

¾Firewall - A firewall protects your network from the outside world. Here you can enable or disable the Router’s firewall.

z SPI Firewall - SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through the session conforms to the protocol. SPI Firewall is enabled by factory default. If you want all the computers on the LAN exposed to the outside world, you can disable it.

¾VPN - VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec, PPTP, or L2TP protocols to pass through the Router’s firewall.

z

z

z

PPTP Passthrough - Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass through the Router, keep the default, Enabled.

L2TP Passthrough - Layer 2 Tunneling Protocol (L2TP) is the method used to enable Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to pass through the Router, keep the default, Enabled.

IPSec Passthrough - Internet Protocol Security (IPSec) is a suite of protocols for ensuring private, secure communications over Internet Protocol (IP) networks, through the use of cryptographic security services. To allow IPSec tunnels to pass through the Router, keep the default, Enabled.

-56-

Image 64

Contents TL-WR940N Wireless N Router Rev 1.1.0COPYRIGHT & TRADEMARKS FCC STATEMENTFCC RF Radiation Exposure Statement CE Mark WarningNational restrictions CountryKorea Warning Statements Industry Canada StatementNCC Notice DECLARATION OF CONFORMITY ETSI EN 300 328 V1.7.1ETSI EN 301 489-1 V1.8.12008& ETSI EN 301 489-17 EN 550222006 +A12007 EN 550241998+A12001+A22003 EN 61000-3-22006+A12009+A22009 ENPackage Contents CONTENTSChapter 4.6.5 4.15.1 Package Contents TL-WR940N Wireless N RouterFlexible Access Control Simple InstallationChapter 1.Introduction 1.1 Overview of the Router1.4 Panel Layout 1.3 Main Features1.4.1 The Front Panel Wireless N Router 1.4.2 The Rear PanelTL-WR940N Indication¾ RESET Chapter 2.Connecting the Router 2.2 Installation Environment Requirements2.3 Connecting the Router 2.1 System RequirementsFigure 2-1 Hardware Installation of the TL-WR940N Wireless N Router Chapter 3.Quick Installation Guide 3.1 TCP/IP ConfigurationPlease check the connection following these steps Figure 3-1 Success result of Ping commandFigure 3-2 Failure result of Ping command 1. Is the connection between your PC and the Router correct?3.2 Quick Installation Guide Figure 3-5 Quick Setup Figure 3-6 Choose WAN Connection TypeFigure 3-7 Quick Setup - PPPoE Figure 3-8 Quick Setup - MAC CloneFigure 3-9 Quick Setup - MAC Clone Figure 3-10 Quick Setup - Static IPNote Dialog z PSK Password - You can enter ASCII or Hexadecimal characters Figure 3-13 Quick Setup - Finish 4.1 Login Chapter 4.Configuring the Router4.2 Status 4.3 Quick Setup 4.4 QSSPlease refer to 3.2 Quick Installation Guide Figure 4-1 Router StatusI. By PBC Method OneMethod Two Method Three The QSS Configuration Screen of Wireless AdapterTL-WR940N Wireless N Router II. By PIN Method Two Enter the PIN from my Router 4.5.1 WAN 4.5 Networkadded to the network Figure 4-5 WAN - Dynamic IP Figure 4-6 WAN - Static IP Figure 4-7 WAN - PPPoE Figure 4-8 PPPoE Advanced Settings NSW / ACT - nsw.bigpond.net.au QLD - qld.bigpond.net.au Figure 4-10 L2TP Settings Figure 4-11 PPTP Settings z Dynamic IP - Connections which use dynamic IP address assignment z Static IP - Connections which use static IP address assignment4.5.2 LAN 4.5.3 MAC CloneFigure 4-12 LAN Figure 4-13 MAC Address Clone4.6.1 Wireless Settings 4.6 WirelessOnly the PC on your LAN can use the MAC Address Clone function Figure 4-15 Wireless Settings ¾ Mode - Select the desired mode. The default setting is 11bgn mixed 4.6.2 Wireless Security ¾ WPA /WPA2 - Enterprise - It’s based on Radius Server Encryption - You can select either Automatic, or TKIP or AES 4.6.3 Wireless MAC Filtering Figure 4-20 Wireless MAC address Filtering4. Click the Save button to save this entry 4.6.4 Wireless Advanced to access for Filtering Rules4.6.5 Wireless Statistics 4.7 DHCP 4.7.1 DHCP SettingsThis page will be refreshed automatically every 5 seconds ¾ Default Domain - Optional. Input the domain name of your network 4.7.2 DHCP Clients List 4.7.3 Address ReservationTo Reserve IP addresses 4.8 ForwardingTo modify or delete an existing entry To set up a virtual server entry 4.8.1 Virtual Servers4.8.2 Port Triggering Figure 4-31 Add or Modify a Virtual Server EntryTo add a new rule, follow the steps below 4.8.3 DMZ 3. Incoming Port Range cannot overlap each other4.8.4 UPnP To assign a computer or server to be a DMZ server4.9 Security 4.9.1 Basic SecurityFigure 4-37 Basic Security z z z4.9.2 Advanced Security 4.9.3 Local Management 4.9.4 Remote Management Figure 4-39 Local Management4.10Parental Control Figure 4-40 Remote ManagementTo add a new entry, please follow the steps below 7. Click the Save button 4.11Access Control 4.11.1 RuleTo add a new rule, please follow the steps below Figure 4-45 Access Control Rule ManagementFigure 4-46 Add or Modify Internet Access Control Entry 4.11.2 Host Figure 4-47 Host SettingsFigure 4-48 Add or Modify a Host Entry Figure 4-49 Add or Modify a Host Entry4.11.3 Target Figure 4-50 Target SettingsFigure 4-51 Add or Modify an Access Target Entry Figure 4-52 Add or Modify an Access Target Entry4.11.4 Schedule To add a new schedule, follow the steps belowFigure 4-54 Advanced Schedule Settings 4.12 Advanced RoutingFigure 4-55 Advanced Routing 4.12.1 Static Routing List Other configurations for the entriesTo add static routing entries 4.13Bandwidth Control 4.12.2 System Routing Table4.13.1 Control Settings 4.13.2 Rules List4.14.1 Binding Setting 4.14IP & MAC Binding SettingTo add/modify a Bandwidth Control rule, follow the steps below To add IP & MAC Binding entries, follow the steps below To modify or delete an existing entry, follow the steps belowTo find an existing entry, follow the steps below Figure 4-64 Binding SettingFigure 4-66 Find IP & MAC Binding Entry 4.14.2 ARP ListFigure 4-67 ARP List 4.15Dynamic DNS 4.15.1 Comexe.cn DDNSTo set up for DDNS, follow these instructions 4.15.2 Dyndns.org DDNS4.15.3 No-ip.com DDNS Figure 4-69 Dyndns.org DDNS SettingsFigure 4-70 No-ip.com DDNS Settings 4.16System ToolsFigure 4-71 The System Tools menu 4.16.1 Time Settings To set time manually4.16.2 Diagnostic To set time automaticallyTo set Daylight Saving 2. The time will be lost if the router is turned offFigure 4-73 Diagnostic Tools 4.16.3 Firmware Upgrade To upgrade the Routers firmware, follow these instructions below4.16.5 Backup & Restore 4.16.4 Factory Defaults4. The Router will reboot after the upgrading has been finished 4.16.6 Reboot 4.16.7 Password 4.16.8 System LogFigure 4-80 System Log Figure 4-81 Mail Account Settings 4.16.9 Statistics Figure 4-82 StatisticsStatistics Table Appendix A FAQ 1. How do I configure the Router to access Internet by ADSL users?Figure A-3 MAC Clone 3. I want to use Netmeeting, what do I need to do?Figure A-4 Virtual Servers Figure A-5 Add or Modify a Virtual server Entry Figure A-6 DMZ4. I want to build a WEB Server on the LAN, what should I do? 5. The wireless stations cannot connect to the Router field of the Web browserAppendix B Configuring the PCs 1. Install TCP/IP component¾ Setting IP address automatically Now you have two ways to configure the TCP/IP protocol belowshown in the Figure below Figure B-2¾ Setting IP address manually Figure B-3Figure B-4 Appendix C Specifications WirelessGeneral Environmental and PhysicalAppendix D Glossary identifying a wireless local area network. For the wireless devices in a network to communicate with each other, all devices must be configured with the same SSID. This is typically the configuration parameter for a wireless PC card. It corresponds to the ESSID in the wireless Access Point and to the wireless network name