TP-Link TL-ER604W Network Security, LAN ARP Defense, Scan and import the entries to ARP List

Page 148

Figure 4-15 Session Limit

4.3.4 Network Security

You can enable the IP-MAC Binding function to defend the ARP attack from local or public network and enable Sending GARP packets function to defend ARP attack. Moreover, you can enable DoS Defense function to implement flood defense and Packet Anomaly Defense. Moreover, you can enable Port Mirror function and Statistics function to monitor the real-time traffic of the local network.

4.3.4.1LAN ARP Defense

You can configure IP-MAC Binding manually or by ARP Scanning. For the first time configuration, please bind most of the ARP information by ARP Scanning. For some special items not bound, you can bind them manually.

1)Scan and import the entries to ARP List

Specify ARP Scanning range.

Choose the menu Firewall→Anti ARP Spoofing→ARP Scanning to load the configuration page. No ARP attack in the local network is the premise of ARP Scanning.

Figure 4-16 ARP Scanning

Turn on all the hosts that need to be bound. Then click the <Scan> button, the scanning result will display as below.

Figure 4-17 Scanning Result

-143-

Image 148

Contents TL-ER604W Copyright & Trademarks FCC Statement Contents III Hardware Specifications 148 Application 130149 Glossary 151Package Contents Symbol Description Intended ReadersConventions Overview of this GuideOverview of the Router Features Traffic Control WirelessSecurity Appearance Front Panel LEDs Status IndicationRear Panel Network System ModeStatus Page WAN Mode  NAT Mode Non-NAT Mode  Classic Mode WAN Mode 3.2 WAN1Tips Static IPWAN Static IP Following items are displayed on this screen  Static IPDynamic IP  Dynamic IPConnection Type Host NameGet IP Address by UnicastUse the following DNS ServerPPPoE WAN PPPoEPassword Active ModeSettings Keep Alive Account NameService Name ISP AddressSecondary Connection Subnet AddressGateway Address L2TP L2TP Settings 10 WAN L2TP Following items are displayed on this screenSecondary Default GatewayConnection  L2TP Status Pptp Pptp Settings Server IPInternet connection by the Connect or Disconnect  Pptp Status BigPond BigPond Settings 12 WAN Bigpond Following items are displayed on this screen BigPond Status ISP4.1 LAN 4 LANDhcp  Dhcp Settings Dhcp Reservation Dhcp Client Dhcp Reservation MAC Address  List of Reserved AddressSet the MAC Address for LAN port Set the MAC Address for WAN portSwitch Statistics MAC Address PortPort Mirror  StatisticsEnable Port Mirror ModeMirroring Port Mirrored PortApplication Example Rate Control Rate Control Port Config  Port ConfigPort Vlan Port Status Port Vlan Wireless Wireless SettingWireless Setting  Wireless Setting Wireless Parameter Description Ssid BroadcastAP Isolation SecurityWPA/WPA2 WEP Key Format Multi-SSIDHexadecimal and Ascii formats are  Multi-SSID Config  GeneralEnable/Disable Guest NetworkEncryption Group KeyAuth Type 1.3 WDS  List of GroupScan  ParameterBSSIDto be bridged Key TypeWireless Advanced  Wireless AdvancedKey ： Short GIMAC Filtering  Filtering Rules Host Status Rule List Group User Group Host Status  User Config  Group ConfigUser  View Config View List of User ViewAdvanced NAT Setup1 NAT One-to-One NAT  One-to-One NAT List of Rules Multi-Nets NAT Multi-Nets NAT Configuration procedure Application Example Network RequirementsVirtual Server Interface  Virtual ServerProtocol Port Triggering  Port Triggering1.6 ALG 38 ALG Following items are displayed on this screenSetup Traffic Control323 ALG IPsec ALGControl Control all the timeLimited UpstreamBandwidth Control Session Limit Session LimitLimited Bandwidth Session List  List of Session LimitLoad Balance ConfigurationPolicy Routing WAN Link Backup 45 Link Backup Following items are displayed on this screenWAN Config ProtocolTiming FailoverRouting Static Route Protocol  List of Protocol47 Static Route Following items are displayed on this screen  Static Route5.2 RIP 48 RIP Following items are displayed on this screen  List of RIPRoute Table Anti ARP Spoofing FirewallIP-MAC Binding ARP Scanning  IP-MAC BindingARP List Attack Defense Enable Attack Flood DefensePacket Anomaly DefenseAccess Control MAC FilteringURL Filtering  MAC Filtering URL Filtering Rule ObjectAccess Rules Web Filtering Access Rules ServicePolicy SourceService Group on 3.3.1 GroupDestination Priority Service  List of ServiceName Dest. PortApp Control Control Rules Control Rules ApplicationVPN Database1 IKE IKE Policy62 IKE Policy Following items are displayed on this screen  IKE PolicyIKE Proposal 63 IKE Proposal Following items are displayed on this screen  IKE ProposalIPsec Policy IPsec List of IKE Proposal Policy Name  IPsec PolicyLocal Subnet Policy Mode Remote SubnetRemote Gateway IKE PolicyAH Authentication Key-In ESP Authentication Key-InAH Authentication Key-Out ESP Authentication Key-Out List of IPsec Policy IPsec IPsec Proposal IPsec Proposal  List of IPsec Proposal 3 L2TP/PPTP Protocol Media Tunnel Length of Header AuthenticationIPsec SA 3.1 L2TP/PPTP Tunnel  L2TP/PPTP TunnelTunnel Max ConnectionsL2TP/PPTP Server Pre-shard Key List of Configurations IP Address PoolList of L2TP/PPTP Tunnel  IP Address PoolPPPoE Server ServicesGeneral 70 General Following items are displayed on this screen IP Address Pool Account  AccountIP Address Assigned Static IP AddressExceptional IP Is 48. If Enable Advanced Account Features is not selected, List of Account List of Account Bulletin Exceptional IP  E-Bulletin IntervalTitle Publisher Dynamic DNS List of E-Bulletin DynDNS  Dyndns Ddns List of DynDNS Account No-IP No-IP Ddns  List of No-IP Account PeanutHull PeanutHull Ddns Comexe  List of PeanutHull Account Comexe Ddns UPnP List of Comexe Account Maintenance Admin SetupAdministrator  List of UPnP MappingLogin Parameter  AdministratorRemote Management  Remote ManagementManagement Factory Defaults List of Subnet Reboot  Configuration VersionExport and Import  ExportFirmware Upgrade LicenseStatistics Interface Traffic Statistics Interface Traffic Statistics 123IP Traffic Statistics  Advanced WAN InformationDiagnostics Diagnostics Traffic Statistics  IP Traffic Statistics Ping Online Detection Tracert Time PingDNS Lookup Port Displays the detected WAN port DetectionLogs  Config  List of LogsSeverity Send System LogsApplication Network RequirementsInternet Setting Network Topology ConfigurationsSystem Mode System Mode Internet ConnectionVPN Setting IKE SettingSettings IPsec VPN IKE Policy IKE1IPsec Setting  IPsec Proposal IPsec Policy PFS DH1Pptp VPN Setting  IP Address Pool L2TP/PPTP Tunnel Network Management User Group Group  UserApp Control  ViewEnable Bandwidth Control 11 App RulesBandwidth Control Rule LAN WAN1LAN ARP Defense Network SecurityScan and import the entries to ARP List Set IP-MAC Binding Entry Manually WAN ARP DefenseSet Attack Defense Attack Defense 20 Attack Defense 145Traffic Monitoring StatisticsPage Appendix a Hardware Specifications Environmental and PhysicalAppendix B FAQ Page Appendix C Glossary Glossary DescriptionAllows dissimilar communication devices to communicate Port or device that connects to a LAN. Other devices Enterprise

Related manuals

Manual 4 pages 13.1 Kb