TP-Link TL-ER6020 manual ARP Scanning

Page 76
3.4.1.2ARP Scanning

You can view the information of the entries and edit them by the Action buttons.

The first entry in Figure 3-46indicates: The IP address of 192.168.1.101 and MAC address of 00-19-66-83-53-CF have been bound and this entry is activated.

Manual background Note:

If all the entries in the binding list are disabled and “Permit the packets of IP-MAC Binding entries only” option is selected and saved, the WEB management page of the Router cannot be login. At the moment, you should restore the Router to factory default and login again.

3.4.1.2ARP Scanning

ARP Scanning feature enables the Router to scan the IP address and corresponding MAC address and display them on the List of Scanning Result.

Choose the menu Firewall→Anti ARP Spoofing→ARP Scanning to load the following page.

Figure 3-47 ARP Scanning

Enter the start and the end IP addresses into the Scanning IP Range field. Then click the <Scan> button, the Router will scan all the active hosts within the scanning range and display the result in the list.

The entries displayed on the List of Scanning Result do not mean the IP and MAC addresses are already bound. The current status for the entry will display in the “Status” field.

---Indicates that the IP and MAC address of this entry are not bound and may be replaced by error ARP information.

Indicates that this entry is imported to the list on IP-MAC Binding page, but not effective yet.

-71-

Image 76
Contents TL-ER6020 Gigabit Dual-WAN VPN Router REV1.0.1 1910010852FCC STATEMENT COPYRIGHT & TRADEMARKSCE Mark Warning CONTENTS Chapter 1 About this GuideChapter 4 Application Network RequirementsGlossary Hardware SpecificationsChapter 5 CLI Package Contents  One TL-ER6020 Router  One Power Cord  One Console Cable Two mounting brackets and other fittings  Installation Guide The following items should be found in your packageSymbol Chapter 1 About this Guide1.1 Intended Readers 1.2 ConventionsLists the hardware specifications of this Router SpecificationsAppendix B FAQ Provides the possible solutions to the problems that may occur during Powerful Data Processing Capability  Powerful FirewallChapter 2 Introduction 2.1 Overview of the Router2.2 Features  Dual-WAN Ports Easy-to-use Hardware2.3 Appearance 2.3.1 Front PanelTraffic Control Security Reset button  LEDsStatus Indication Power Socket 2.3.2 Rear Panel Grounding Terminal  Kensington Security SlotChapter 3 Configuration 3.1 Network3.1.1 Status 3.1.2 System ModeFigure 3-2 Network Topology - NAT Mode Figure 3-3 Network Topology - Non-NAT Mode NAT Mode 3.1.3 WAN  Non-NAT Mode Classic Mode 1 Static IP Static IP 2 Dynamic IP Upstream BandwidthDownstream Specify the bandwidth for receiving packets on the port Dynamic IP  Dynamic IP Status 3 PPPoEFigure 3-8 WAN - PPPoE  PPPoE Settings on. The connection can be re-established automatically when it576-1492. The default MTU is 1480. It is recommended to keep the Enter the Account Name provided by your ISP. If you are not clearHere allows you to configure the secondary connection. Dynamic IP Dynamic IP is selected, the obtained subnet address of WAN port is4 L2TP  PPPoE Statuscorrect and your network is connected well. Consult your ISP if  L2TP Settings Figure 3-9 WAN - L2TPInternet connection by the Connect or Disconnect button. It  L2TP Status 5 PPTP  PPTP SettingsFigure 3-10 WAN - PPTP Account Name 6 BigPond  PPTP Status StatusPrimary DNS Secondary DNS Upstream Bandwidth Downstream Bandwidth  BigPond Settings  BigPond Status 3.1.4 LAN 3.1.4.1 LAN3.1.4.2 DHCP  LAN DHCP Settings 3.1.4.3 DHCP Client 3.1.4.4 DHCP Reservation DHCP Reservation 3.1.5 DMZ List of Reserved Address 3.1.5.1 DMZ 3.1.6 MAC Address  DMZSet the MAC Address for LAN port Set the MAC Address for WAN portSet the MAC Address for DMZ port  MAC Address3.1.7 Switch 3.1.7.1 Statistics3.1.7.2 Port Mirror  StatisticsPort Mirror GeneralMirroring Port 3.1.7.3 Rate Control Application Example3.1.7.4 Port Config  Rate Control Port Config 3.1.7.5 Port Status3.1.7.6 Port VLAN 3.2 User Group Port VLAN  Group Config 3.2.1 Group3.2.2 User  List of Group User Config  View Config3.2.3 View  List of User3.3 Advanced 3.3.1.1 NAT Setup3.3.1 NAT 3.3.1.2 One-to-One NAT  NAPT NAT-DMZ  One-to-One NAT List of Rules 3.3.1.3 Multi-Nets NAT Multi-Nets NAT  list of Rules Application Example Network RequirementsConfiguration procedure 3.3.1.4 Virtual Server  Virtual Server Protocol3.3.1.5 Port Triggering  Port TriggeringStatus 3.3.1.6 ALG 3.3.2 Traffic Control ALG  Default Limit 3.3.2.1 Setup General 3.3.2.2 Bandwidth Control  Interface Bandwidth Bandwidth Control Rule data flow might pass. Individual WAN port cannot be selected if3.3.3 Session Limit 3.3.3.1 Session Limit3.3.4.1 Configuration 3.3.4 Load Balance3.3.3.2 Session List  Session Limit3.3.4.2 Policy Routing 3.3.4.3 Link Backup You can select Timing or Failover Mode 3.3.4.4 Protocol TimingFailover Status :3.3.5 Routing 3.3.5.1 Static Route Protocol  List of Protocol Static Route 3.3.5.2 RIP Choose the menu Advanced→Routing→RIP to load the following page 3.3.5.3 Route Table  List of RIP3.4.1 Anti ARP Spoofing 3.4 Firewall3.4.1.1 IP-MAC Binding  IP-MAC Binding 3.4.1.2 ARP Scanning 3.4.2 Attack Defense 3.4.1.3 ARP ListFigure 3-49 Attack Defense 3.4.3 MAC Filtering  MAC FilteringEnable Attack Packet Anomaly3.4.4.1 URL Filtering 3.4.4 Access Control URL Filtering Rule Configuration Procedure Select the mode for URL Filtering. “Keyword’’ indicates that all the Access Rules 3.4.4.3 Access Rules3.4.4.2 Web Filtering group on3.2.1 Group Select the service for the entry. Only the service belonging to theother service types can still pass through the Router. You can add Select the Source IP Range for the entries, including the following3.4.4.4 Service Priority Service  List of Service3.4.5.1 Control Rules 3.4.5 App Control Control Rules 3.4.5.2 Database 3.5 VPN 3.5.1 IKE3.5.1.1 IKE Policy  IKE PolicySA Lifetime Specify ISAKMP SA Lifetime in IKE negotiation  List of IKE Policy 3.5.1.2 IKE Proposal IKE Proposal 3.5.2 IPsec  List of IKE Proposal3.5.2.1 IPsec Policy  IPsec PolicyPolicy Name can be entered IKE Mode policy on VPN→IKE→IKE Policy pagewhich PCs on the remote network are covered by this policy. Its Gateway of the remote peer should be set to the IP address of Manual Mode Phase2. As it is independent of the key created in Phase1, thisde-encrypted. Without PFS, the key in Phase2 is created based de-encrypted, the key in Phase2 is easy to be de-encrypted, in3.5.2.2 IPsec Proposal  List of IPsec Policy IPsec IPsec Proposal 3.5.2.3 IPsec SA  List of IPsec ProposalAuthentication 3.5.3 L2TP/PPTP3.5.3.1 L2TP/PPTP Tunnel Protocol L2TP/PPTP Tunnel Enter the account name of L2TP/PPTP tunnel. It should be configured Select the IP Pool Name to specify the address range for the servers List of Configurations 3.5.3.2 IP Address Pool IP Address Pool  List of IP Pool3.6 Services 3.6.1 PPPoE Server3.5.3.3 List of L2TP/PPTP Tunnel 3.6.1.1 GeneralFigure 3-66 General The following items are displayed on this screen 3.6.1.2 IP Address Pool 3.6.1.3 Account  Account 3.6.1.4 Exceptional IP is 48. If Enable Advanced Account Features is not selected, the List of Account 3.6.1.5 List of Account 3.6.2 E-Bulletin Exceptional IP  E-Bulletin IntervalTitle Specify the interval to release the bulletin3.6.3 Dynamic DNS  List of E-Bulletin3.6.3.1 DynDNS  Dyndns DDNS List of DynDNS Account 3.6.3.2 No-IP No-IP DDNS 3.6.3.3 PeanutHull  List of No-IP Account PeanutHull DDNS  List of PeanutHull Account 3.6.3.4 Comexe Comexe DDNS 3.6.4 UPnP  List of Comexe Account3.7 Maintenance 3.7.1 Admin Setup3.7.1.1 Administrator  Administrator3.7.1.2 Login Parameter Re-enter the new password for confirmation Remote Management 3.7.1.3 Remote Management List of Subnet 3.7.2 Management 3.7.2.1 Factory Defaults3.7.2.2 Export and Import 3.7.2.3 Reboot  Configuration Version Export  Import3.7.2.4 Firmware Upgrade 3.7.3 License3.7.4.1 Interface Traffic Statistics 3.7.4 Statistics Interface Traffic Statistics 3.7.4.2 IP Traffic Statistics  Advanced WAN Information3.7.5 Diagnostics 3.7.5.1 Diagnostics Traffic Statistics  IP Traffic Statistics Ping  Tracert List of WAN status 3.7.5.2 Online DetectionDisplays whether the Online Detection is enabled 3.7.6 Time  Config Current Time 3.7.7 Logs  List of LogsLevel Error conditionsSeverity The system is unusableChapter 4 Application 4.1 Network Requirements4.2 Network Topology 4.3 Configurations 4.3.1 Internet Setting4.3.1.1 System Mode 4.3.1.3 Link Backup4.3.1.2 Internet Connection 4.3.2 VPN Setting 1 IKE SettingSettings 4.3.2.1 IPsec VPN IKE Policy AuthenticationMD5 Encryption3DES IPsec Proposal 2 IPsec SettingproposalIPsec1  IPsec Policy proposalIPsec1 you just created4.3.2.2 PPTP VPN Setting  IP Address Pool L2TP/PPTP Tunnel L2TP/PPTPEnable ProtocolPPTP ModeServer UsernamePPTP Passwordabcdefg4.3.3 Network Management 4.3.3.1 User Group Group  User4.3.3.2 App Control  View1 Enable Bandwidth Control 4.3.3.3 Bandwidth Control3 Bandwidth Control Rule 2 Interface BandwidthKeep the default value 4.3.4 Network Security 4.3.3.4 Session Limit1 Scan and import the entries to ARP List 4.3.4.1 LAN ARP Defense2 Set IP-MAC Binding Entry Manually 3 Set Attack Defense 4.3.4.2 WAN ARP Defense00-11-22-33-44-aa 4.3.4.4 Traffic Monitoring 4.3.4.3 Attack Defense1 Port Mirror 2 Statistics Figure 4-23 IP Traffic Statistics 5.1 Configuration Chapter 5 CLIFigure 5-2 Connection Description Figure 5-3 Select the port to connectFigure 5-4 Port Settings Figure 5-5 Connection Properties Settings 1485.2 Interface Mode Accessing Path Logout or Access the next modeenable adminenable Show command historyIP configuration IP mac bind configuration5.4 Command Introduction 5.4.2 ip-mac5.4.1 ip TP-LINK ip get lan Lan Ip Lan MaskTP-LINK # sys reboot This command will reboot system, Continue?Y/N TP-LINK # sys restoreThis command will restore system, Continue?Y/N TP-LINK # sys export configPassword admin File name config.bin Try to get the configuration file config.binGet configuration file config bin succeed, file size is 7104 bytes TP-LINK sys show CPU Used Rate 1% TP-LINK # sys updateTP-LINK user get Username admin Password admin TP-LINK user set password Enter old passwordEnter new password Confirm new password TP-LINK # user get Username admin Password adminView the history command 5.4.6 exitTP-LINK history 1. history 2. sys show 3. historyAppendix A Hardware Specifications PowerStandards PortsAppendix B FAQ 4. Make sure that the NAT DMZ service is disabled Appendix C Glossary GlossaryAH(Authentication Header) data authentication, and anti-replay services. ESP encapsulatesfor services such as IPSec that require keys. Before any IPSec Glossary Telnet is used for remote terminal connection, enabling users to enterprise
Related manuals
Manual 28 pages 30.84 Kb

TL-ER6020 specifications

The TP-Link TL-ER6020 is a robust and efficient router designed for small to medium-sized businesses seeking reliable network performance and advanced features. Combining dual WAN capability with comprehensive security features, it ensures that businesses can maintain consistent and secure internet connectivity, even during peak usage times or in the event of a failure from one ISP.

One of the primary features of the TL-ER6020 is its dual WAN support, which allows users to connect two different internet sources. This not only enhances reliability through load balancing but also ensures redundancy. In cases where the primary WAN connection fails, the router can seamlessly switch to the secondary connection, minimizing downtime and maintaining business operations.

Security is a critical aspect of any network appliance, and the TL-ER6020 does not disappoint. It comes equipped with multiple security features, including advanced firewall capabilities, IP/MAC/URL filtering, and DoS attacks prevention. These tools work together to provide a secure network environment, safeguarding sensitive business data from unauthorized access and potential threats.

The router also supports VLAN (Virtual Local Area Network) technology, which allows businesses to segment their networks for better performance and security. By creating separate networks for different departments or functions, companies can enhance their network management and control traffic flow more efficiently.

Additionally, the TL-ER6020 features quality of service (QoS) capabilities that prioritize network traffic based on user needs. This ensures that critical applications, such as VoIP or video conferencing, receive the bandwidth they require for optimal performance, while less critical traffic is deprioritized during peak times.

For user management, the TL-ER6020 includes an intuitive web-based interface that simplifies configuration and monitoring. Administrators can easily manage network settings, view statistics, and troubleshoot issues without the need for extensive technical expertise.

In terms of physical specifications, the TL-ER6020 is built with reliability in mind, featuring cooling vents to prevent overheating and an efficient power supply. Its compact design allows for easy placement in various environments, whether in a server room or on a desk.

Overall, the TP-Link TL-ER6020 is a solid choice for businesses looking to build a secure, versatile, and high-performance network. Its combination of dual WAN capabilities, strong security features, VLAN support, and QoS make it a comprehensive solution for modern networking needs.