TP-Link L-R480T+ User Manual
  1. Manuals
  2. Brands
  3. TP-Link Manuals
  4. Network Router
  5. L-R480T+
  6. User manual

TP-Link L-R480T+ User Manual

Load balance broadband router
Hide thumbs
Table of Contents

Advertisement

Quick Links

TL-R480T+
Load Balance Broadband Router
REV7.0.0
1910011057

Advertisement

Table of Contents
loading

Related Manuals for TP-Link L-R480T+

Summary of Contents for TP-Link L-R480T+

  • Page 1 TL-R480T+ Load Balance Broadband Router REV7.0.0 1910011057...

  • Page 2: Fcc Statement

    COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other brands and product names are trademarks of their respective holders. No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-LINK TECHNOLOGIES CO., LTD.

  • Page 3: Safety Information

    Продукт сертифіковано згідно с правилами системи УкрСЕПРО на відповідність вимогам нормативних документів та вимогам, що передбачені чинними законодавчими актами України. Safety Information When product has power button, the power button is one of the way to shut off the product; When ...

  • Page 4: Table Of Contents

    CONTENTS ........................1 Package Contents ....................2 Chapter 1 About this Guide Intended Readers ........................2 Conventions ...........................2 Overview of this Guide ......................2 ......................4 Chapter 2 Introduction Overview of the Router ......................4 Features..........................5 Appearance..........................6 2.3.1 Front Panel ........................6 2.3.2 Rear Panel.........................7 ..................8 Chapter 3 Quick Installation Guide Configure PC .........................8 Login ............................11 ......................17...
  • Page 5 Advanced ..........................51 4.5.1 NAT..........................51 4.5.2 Traffic Control ......................60 4.5.3 Session Limit ......................63 4.5.4 Load Balance......................65 4.5.5 Routing ........................70 Firewall..........................73 4.6.1 Anti ARP Spoofing ....................73 4.6.2 Attack Defense ......................76 4.6.3 MAC Filtering ......................78 4.6.4 Access Control......................79 4.6.5 App Control......................85 Services ..........................87 4.7.1 PPPoE Server......................87 4.7.2...
  • Page 6 ....................122 Appendix C Glossary...

  • Page 7: Package Contents

    Package Contents The following items should be found in your package:  One TL-R480T+ Load Balance Broadband Router One Power cord   One Console Cable  One Ethernet Cable  Quick Installation Guide Mounting kits for installing in a standard 19-inch rack ...

  • Page 8: Chapter 1 About This Guide

    Chapter 1 About this Guide This User Guide contains information for setup and management of TL-R480T+ Load Balance Broadband Router. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for Network Engineer and Network Administrator. 1.2 Conventions In this Guide the following conventions are used: The router or TL-R480T+ mentioned in this Guide stands for TL-R480T+ Load Balance...
  • Page 9 Appendix B FAQ Provides the possible solutions to the problems that may occur during the installation and operation of the router. Appendix C Glossary Lists the glossary used in this guide.

  • Page 10: Chapter 2 Introduction

    Chapter 2 Introduction Thanks for choosing the Load Balance Broadband Router TL-R480T+. 2.1 Overview of the Router The Load Balance Broadband Router TL-R480T+ from TP-LINK possesses excellent data processing capability and multiple powerful functions including Load Balance, Access Control, Bandwidth Control, IGMP Proxy, Session Limit, PPPoE Server and so on, which consumedly meet the needs of small and medium enterprises, hotels and communities with volumes of users demanding an efficient and easy-to-manage network with high security.

  • Page 11: Features

    + Featured Link Backup to switch all the new sessions from dropped line automatically to another for keeping an always on-line network. Easy-to-use  + Providing easy-to-use GUI with clear configuration steps and detailed help information for the users to configure the router simply. + Helping administrators to monitor the whole network status and take actions to malfunctions according to the recorded log information.

  • Page 12: Appearance

    Traffic Control  Supports Bandwidth Control  Supports Session Limit Security Built-in firewall supporting URL/MAC Filtering   Supports Access Control  Supports App Control  Supports Attack Defense  Supports IP-MAC Binding  Supports GARP (Gratuitous ARP) 2.3 Appearance 2.3.1 Front Panel The front panel of TL-R480T+ is shown as the following figure.

  • Page 13: Rear Panel

    Status Indication The linked device is running at 10Mbps or no device linked to the corresponding port. 100Mbps The linked device is running at 100Mbps. (Green light (WAN/LAN) On (Green/Yellow) indicates the corresponding port is working as a LAN port, and yellow indicates WAN port.) Interface Description ...

  • Page 14: Chapter 3 Quick Installation Guide

    Chapter 3 Quick Installation Guide After connecting the TL-R480T+ router into your network, you should configure it. This chapter describes how to configure the basic functions of your TL-R480T+ Load Balance Broadband Router. These procedures only take you a few minutes. You can access the Internet via the router immediately after it has been successfully configured.
  • Page 15 Step 2: On the next screen, right click Local Area Connection (LAN), and then select Properties. Figure 3-2 Step 3: On the next screen, select General tab, highlight Internet Protocol (TCP/IP), and then click the Properties button. Figure 3-3...
  • Page 16 Step 4: Configure the IP address as shown in Figure 3-4. After that, click OK. Figure 3-4 Note: You can configure the PC to get an IP address automatically, select “Obtain an IP address automatically” and “Obtain DNS server address automatically” on the screen above. For Windows 98 OS or earlier, the PC and router may need to be restarted.

  • Page 17: Login

    Figure 3-6 You can check it by following the steps below: Note: ● Is the connection between your PC and the router correct? The LEDs of LAN port which you link to the device and the LEDs on your PC's adapter should be lit. ●...
  • Page 18 After a successful login, the “Quick Setup” screen will pop up as the Figure 3-8 shows. If it does not prompt, you can click the Quick Setup on the left of the main menu. Then click <Next>. Figure 3-8 Quick Setup Select the total number of WAN ports you prefer to use as the Figure 3-9 shows.
  • Page 19 Select the WAN port you want to use as the Figure 3-10 shows, and then click <Next> to load the WAN Connection Type screen. Figure 3-10 WAN Port Select the connection type provided by your ISP as the Figure 3-11 shows. Three popular types are provided here.
  • Page 20 If you choose PPPoE, you will see the screen as the Figure 3-12 shows. Enter the Account Name and Password provided by your ISP (Internet Service Provider). Figure 3-12 WAN Connection Type - PPPoE Click <Next> to dial up, and the process will take a few minutes. The process of configuring the network parameters is shown as Figure 3-14.
  • Page 21 Figure 3-14 WAN Connection Type - Dynamic IP If you choose Static IP, you should enter the detailed IP information provided by your ISP in Figure 3-15. Figure 3-15 WAN Connection Type - Static IP Then click <Next>. The process for configuring the network parameters is shown as Figure 3-16. If you close the screen during the process, the configuration will still be continued in the background.
  • Page 22 Figure 3-16 WAN Connection Type - Static IP Connecting After that, you will see the next screen. Click <Finish> to complete the quick installation or click <Continue> to configure other WAN ports. Figure 3-17 Configuration Completed -16-...

  • Page 23: Chapter 4 Configuration

    Chapter 4 Configuration 4.1 Status The Status page shows the system information, the port connection status and other information related to this router. Choose the menu Status to load the following page. Figure 4-1 Status -17-...

  • Page 24: Quick Setup

    4.2 Quick Setup Please refer to the Chapter 3 Quick Installation Guide. 4.3 Network 4.3.1 WAN 4.3.1.1 WAN Mode TL-R480T+ provides four available WAN ports. You can set the number of WAN ports on this page. Choose the menu Network→WAN→WAN Mode to load the following page. Figure 4-2 WAN Mode ...
  • Page 25 Tips: ● It is allowed to set the IP addresses of multiple WAN ports within the same subnet. However, to guarantee a normal communication, make sure that the WAN ports can access the same network, such as Internet or a local area network. ●...
  • Page 26 Default Gateway: Optional. Enter the Gateway assigned by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the physical network. It can be set in the range of 576-1500. The default MTU is 1500. You are recommended to keep the default value if no other MTU value is provided by your ISP.
  • Page 27 Figure 4-4 WAN – Dynamic IP The following items are displayed on this screen:  Dynamic IP Connection Type: Select Dynamic IP if your ISP assigns the IP address automatically. Click <Obtain> to get the IP address from your ISP’s server. Click <Release>...
  • Page 28 Get IP Address by The broadcast requirement may not be supported by a few ISPs. Unicast: Select this option if you can not get the IP address from your ISP even with a normal network connection. This option is not required generally.
  • Page 29 Primary DNS: Displays the IP address of your ISP’s Primary DNS. Secondary DNS: Displays the IP address of your ISP’s Secondary DNS. PPPoE If your ISP (Internet Service Provider) has provided the account information for the PPPoE connection, please choose the PPPoE/Russian PPPoE connection type (Used mainly for DSL Internet service). Figure 4-5 WAN - PPPoE -23-...
  • Page 30 The following items are displayed on this screen:  PPPoE Settings Connection Type: Select PPPoE/Russian PPPoE if your ISP provides xDSL Virtual Dial-up connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet and release the current IP address.
  • Page 31 ISP Address: Optional. Enter the ISP address provided by your ISP. It is null by default. Optional. Enter the Service Name provided by your ISP. It is null by Service Name: default. Primary DNS: Enter the IP address of your ISP’s Primary DNS. Optional.
  • Page 32  PPPoE Status Displays the status of PPPoE connection. Status: “Disabled” indicates that the PPPoE connection type is  not applied. “Connecting” indicates that the router is obtaining the IP  parameters from your ISP. “Connected” indicates that the router has successfully ...
  • Page 33 L2TP If your ISP (Internet Service Provider) has provided the account information for the L2TP connection, please choose the L2TP/Russian L2TP connection type. Figure 4-6 WAN - L2TP -27-...
  • Page 34 The following items are displayed on this screen:  L2TP Settings Connection Type: Select L2TP/Russian L2TP if your ISP provides an L2TP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet and release the current IP address.
  • Page 35 IP Address: If Static IP is selected, configure the IP address of WAN port. If Dynamic IP is selected, the IP address of WAN port obtained is displayed. Subnet Mask: If Static IP is selected, configure the subnet mask of WAN port.
  • Page 36 Primary DNS: Displays the IP address of your ISP’s Primary DNS. Secondary DNS: Displays the IP address of your ISP’s Secondary DNS. PPTP If your ISP (Internet Service Provider) has provided the account information for the PPTP connection, please choose the PPTP/Russian PPTP connection type. Figure 4-7 WAN - PPTP -30-...
  • Page 37 The following items are displayed on this screen:  PPTP Settings Connection Type: Select PPTP/Russian PPTP if your ISP provides a PPTP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet and release the current IP address.
  • Page 38 IP Address: If Static IP is selected, configure the IP address of WAN port. If Dynamic IP is selected, the IP address of WAN port obtained is displayed. Subnet Mask: If Static IP is selected, configure the subnet mask of WAN port.
  • Page 39 Secondary DNS: Displays the IP address of your ISP’s Secondary DNS. BigPond If your ISP (Internet Service Provider) has provided the account information for the BigPond connection, please choose the BigPond connection type. Figure 4-8 WAN – Bigpond The following items are displayed on this screen: ...
  • Page 40 Account Name: Enter the Account Name provided by your ISP. If you are not clear, please consult your ISP. Enter the Password provided by your ISP. If you are not clear, please Password: consult your ISP. Auth Server: Enter the address of authentication server. It can be IP address or server name.

  • Page 41: Lan

     BigPond Status Displays the status of BigPond connection. Status: “Disabled” indicates that the BigPond connection type is not  applied. “Connecting” indicates that the router is obtaining the IP  parameters from your ISP. “Connected” indicates that the router has successfully obtained ...
  • Page 42 The following items are displayed on this screen:  IP Address: Enter the LAN IP address of the router. 192.168.0.1 is the default IP address. The Hosts in LAN can access the router via this IP address. It can be changed according to your network.
  • Page 43 The following items are displayed on this screen:  DHCP Settings DHCP Server: Enable or disable the DHCP server on your router. Select Enable to make the router automatically assign TCP/IP parameters to the computers in the LAN. Start IP Address: Enter the Start IP address to define a range for the DHCP server to assign dynamic IP addresses.

  • Page 44: Dhcp Reservation

    Figure 4-11 DHCP Client You can view the information of the DHCP clients in this table. Click the Refresh button for the updated information. 4.3.2.4 DHCP Reservation DHCP Reservation feature allows you to reserve an IP address for the specified MAC address. The client with this MAC address will always get the same IP address each time when it accesses the DHCP server.

  • Page 45: Iptv

    Status: Activate or Inactivate the corresponding entry.  List of Reserved Address In this table, you can view the information of the entries and edit them by the Action buttons. Up to 512 DHCP static address entries can be supported for LAN by this router. The first entry in Figure 4-12 indicates: The IP address 192.168.0.101 is reserved for the computer with the MAC address 00-19-66-83-53-CF, and this entry is activated.

  • Page 46: Mac Address

    Tips: ● Among the WAN ports, only WAN1(Port1) can be used for IPTV service. ● When IGMP Proxy option is Enabled, you need to ensure the Block IP options under the Firewall→Attack Defense→Attack Defense is not selected. ● If the data traffic is heavy when you use IPTV function, it is recommended to increase the parameters of Stationary source UDP Flood and Multi-connections UDP Flood on the page of Firewall→Attack Defense→Attack Defense, or deselect the options.

  • Page 47: Switch

    The following items are displayed on this screen:  MAC Address Port: Displays the port type of the router. Displays the current MAC address of the port. Current MAC Address: MAC Clone: It is only available for WAN port. Click the <Restore Factory MAC> button to restore the MAC address to the factory default value or click the <Clone Current PC’s MAC>...
  • Page 48 Figure 4-15 Statistics The following items are displayed on this screen:  Statistics Unicast: Displays the number of normal unicast packets received or transmitted on the port. Displays the number of normal broadcast packets received or Broadcast: transmitted on the port. Pause: Displays the number of flow control frames received or transmitted on the port.

  • Page 49: Port Mirror

    Normal: Displays the number of the received packets (including error frames) that are between 64 bytes and the maximum frame length. The maximum untagged frame this router can support is 1518 bytes long and the maximum tagged frame is 1522 bytes long. Oversize: Displays the number of the received packets (including error frames) that are longer than the maximum...
  • Page 50 Mode: Select the mode for the port mirror function. Options include: Ingress: When this mode is selected, only the incoming packets  sent by the mirrored port will be copied to the mirroring port. Egress: When this mode is selected, only the outgoing packets sent ...

  • Page 51: Rate Control

    Application Example To monitor all the traffic and analyze the network abnormity for an enterprise’s network, please set the Port Mirror function as below: Check the box before Enable Port Mirror to enable the Port Mirror function and select the Ingress &...

  • Page 52: Port Config

    The following items are displayed on this screen:  Rate Control Displays the port number. Port: Ingress Limit: Specify whether to enable the Ingress Limit feature. Ingress Rate: Specify the limit rate for the ingress packets. Egress Limit: Specify whether to enable Egress Limit feature. Specify the limit rate for the egress packets.

  • Page 53: Port Status

    Negotiation Mode: Select the Negotiation Mode for the port. Allows you to configure the parameters for all the ports at one time. All Ports: 4.3.5.5 Port Status On this page, you can view the current status of each port. Choose the menu Network→Switch→Port Status to load the following page. Figure 4-19 Port Status 4.3.5.6 Port VLAN...

  • Page 54: User Group

    Figure 4-20 Port VLAN The following items are displayed on this screen:  Port VLAN Displays the current logical network of the physical port. Network: Select the desired VLAN for the port. VLAN: Tips: The Port VLAN can only be created among the LAN ports. 4.4 User Group The User Group function is used to group different users for unified management, so that you can perform other applications such as Bandwidth Control, Session Limit, and Access Control etc.

  • Page 55: User

    The following items are displayed on this screen: Group Config  Group Name: Specify a unique name for the group. Give a description for the group. It is optional. Description: List of Group  In this table, you can view the information of the Groups and edit them by the Action buttons. 4.4.2 User On this page, you can configure the User for the group.
  • Page 56 Choose the menu User Group→View to load the following page. Figure 4-23 View Configuration The following items are displayed on this screen: View Config  View: Select the desired view for configuration. Select the name of the desired User. User Name: Available Group: Displays the Groups that the User can join.

  • Page 57: Advanced

    Selected Member: Displays the members of this group, including Users and Groups. 4.5 Advanced 4.5.1 NAT NAT (Network Address Translation) is the translation between private IP and public IP, which allows private network users to visit the public network using private IP addresses. With the explosion of the Internet, the number of available IP addresses is not enough.
  • Page 58 Host IP Address: Enter the IP address of the host specified as NAT DMZ server. 4.5.1.2 One-to-One NAT On this page, you can configure the One-to-One NAT. Choose the menu Advanced→NAT→One-to-One NAT to load the following page. Figure 4-25 NAT Setup The following items are displayed on this screen: One-to-One NAT ...
  • Page 59 The first entry in Figure 4-25 indicates: The IP address of host1 in local network is 192.168.0.128 and the WAN IP address after NAT mapping is specified to be 222.135.48.128. The data packets are transmitted from WAN1 port. DMZ Forwarding and this entry are both activated. Note: One-to-One NAT entries take effect only when the Connection Type of WAN is Static IP.
  • Page 60 Note: ● Multi-Nets NAT entry takes effect only when cooperating with the corresponding Static Route entries. ● For detailed setting of subnet mask, please refer to the Appendix B FAQ. Application Example  Network Requirements The LAN subnet of TL-R480T+ is 192.168.0.0 /24, the subnet of VLAN2 under a three layer switch is 192.168.2.0 /24, while the subnet of VLAN3 is 192.168.3.0 /24.
  • Page 61  Configuration procedure Establish the Multi-Nets NAT entries with Subnet/Mask of VLAN2 and VLAN3. The configured entries are as follows: Then set the corresponding Static Route entry, enter the IP address of the interface connecting the router and the three layer switch into the Next Hop field. Choose the menu Advanced→Routing→Static Route to load the following page.

  • Page 62: Virtual Server

    4.5.1.4 Virtual Server Virtual server can be used for setting up public services in your private network, such as DNS, Email and FTP. Virtual server can define a service port. All the service requests to this port will be transmitted to the LAN server appointed by the router via IP address.

  • Page 63: Port Triggering

    Internal Server IP: Enter the IP address of the specified internal server for the entry. All the requests from the Internet to the specified LAN port will be redirected to this host. Status: Activate or inactivate the entry. Note: ● The External port and Internal Port should be set in the range of 1-65535.
  • Page 64 Figure 4-28 Port Triggering The following items are displayed on this screen: Port Triggering  Name: Enter a name for Port Triggering entries. Up to 28 characters can be entered. Interface: Select an interface for forwarding data packets. Trigger Port: Enter the trigger port number or range of port numbers.
  • Page 65 Note: ● The Trigger Port and Incoming Port should be set in the range of 1-65535. The Incoming Port can be set in a continuous range such as 8690-8696. ● The router supports up to 16 Port Triggering entries. Each entry supports at most 5 groups of trigger ports and overlapping between the ports is not allowed.

  • Page 66: Traffic Control

    H.323 ALG: Enable or disable H.323 ALG. The default setting is enabled. H.323 is used for various applications such as NetMeeting and VoIP. SIP ALG: Enable or disable SIP ALG. The default setting is enabled. It is recommended to keep the default setting if no special requirement.
  • Page 67 The following items are displayed on this screen: General  Select this option to disable Bandwidth Control. Disable Bandwidth Control: Enable Bandwidth Select this option to enable Bandwidth Control all the time. Control all the time: With this option selected, the Bandwidth Control will take effect when the Enable Bandwidth Control When:...

  • Page 68: Bandwidth Control

    4.5.2.2 Bandwidth Control On this page, you can configure the Bandwidth Control function. Choose the menu Advanced→Traffic Control→Bandwidth Control to load the following page. Figure 4-31 Bandwidth Control The following items are displayed on this screen:  Bandwidth Control Rule Direction: Select the data stream direction for the entry.

  • Page 69: Session Limit

    Guaranteed Specify the Guaranteed Downstream Bandwidth for this entry. Bandwidth (Down): Specify the Limited Downstream Bandwidth for this entry. Limited Bandwidth (Down): Effective Time: Specify the time for the entry to take effect. Give a description for the entry. Description: Status: Activate or inactivate the entry.

  • Page 70: Session List

    Figure 4-32 Session Limit The following items are displayed on this screen:  General Check here to enable Session Limit, otherwise all the Session Limit Enable Session Limit: entries will be disabled.  Session Limit Group: Select a group to define the controlled user. Max.

  • Page 71: Load Balance

    Choose the menu Advanced→Session Limit→Session List to load the following page. Figure 4-33 Session List In this table, you can view the session limit information of users configured with Session Limit. Click the <Refresh> button to get the latest information. 4.5.4 Load Balance On this part, you can configure how the traffic load is shared by the WAN ports to optimize the resource utilization.
  • Page 72 Choose the menu Advanced→Load Balance→Policy Routing to load the following page. Figure 4-35 Policy Routing The following items are displayed on this screen:  General Protocol: Select the protocol for the entry in the drop-down list. If the protocol you want to set is not in the list, you can add it to the list on 4.5.4.4 Protocol page.

  • Page 73: Link Backup

    Effective Time: Specify the time for the entry to take effect. Status: Activate or inactivate the entry. Select this option to specify the priority for the added entries. The latest Priority: enabled entry will be displayed at the end of the list by default. List of Rules ...
  • Page 74 Figure 4-36 Link Backup The following items are displayed on this screen:  General Displays all the WAN ports in use. You can drag the light-blue WAN button to WAN Ports: primary and backup WAN list. The color of WAN button changing to gray indicates that the WAN port is already in the primary and backup WAN list.
  • Page 75 Failover: Specify the premise for Failover Mode. The backup WAN port will be enabled only when the premise is met. Specify the backup effective time if Timing Mode has been selected. Then the Backup Effective Time: backup WAN port will be enabled, while the primary WAN port is disabled in the specified time period.

  • Page 76: Routing

    Figure 4-37 Protocol The following items are displayed on this screen: Protocol  Name: Enter a name to indicate a protocol. The name will display in the drop-down list of Protocol on Access Rule page. Number: Enter the Number of the protocol in the range of 0-255. ...
  • Page 77 Figure 4-38 Static Route The following items are displayed on this screen: Static Route  Destination: Enter the destination host the route leads to. Enter the Subnet Mask of the destination network. Subnet Mask: Next Hop: Enter the gateway IP address to which the packet should be sent next. Interface: Select the physical network interface, through which this route is accessible.
  • Page 78 The first entry in Figure 4-38 indicates: If there are packets being sent to a device with IP address of 211.162.1.0 and subnet mask of 255.255.255.0, the router will forward the packets from WAN1 port to the next hop of 211.200.1.1. Application Example ...

  • Page 79: Firewall

    Add a static routing rule for LAN3 by referring to step 1. The static routing rules are shown in the following figure. 4.6 Firewall 4.6.1 Anti ARP Spoofing ARP (Address Resolution Protocol) is used to analyze and map IP addresses to the corresponding MAC addresses so that packets can be delivered to their destinations correctly.
  • Page 80 Figure 4-39 IP-MAC Binding The following items are displayed on this screen: General  It is recommended to check all the options. You should import the IP and MAC address of the host to List of IP-MAC Binding and enable the corresponding entry before enabling “Permit the packets matching the IP-MAC Binding entries only”.

  • Page 81: Arp Scanning

     List of Rules You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 4-39 indicates: The IP address of 192.168.1.101 and MAC address of 00-19-66-83-53-CF have been bound and this entry is activated. Note: If all the entries in the binding list are disabled and “Permit the packets of IP-MAC Binding entries only”...

  • Page 82: Attack Defense

    To bind the entries in the list, check these entries and click the <Import> button, then the settings will take effect if the entries do not conflict with the existed entries. Note: If the local hosts suffered from ARP attack, you cannot add IP-MAC Binding entries on this page. Please add entries manually on 4.6.1.1 IP-MAC Binding.
  • Page 83 Figure 4-42 Attack Defense The following items are displayed on this screen:  General Flood Defense: Flood attack is a kind of commonly used DoS (Denial of Service), which including TCP SYN, UDP, ICMP and so on. It is recommended to check all the Flood Defense options and specify the corresponding thresholds.

  • Page 84: Mac Filtering

    Enable Attack With this box checked, the router will record the defense logs. Defense Logs: Tips: When IPTV works in Automatic mode, ensure that the Block IP options is not selected. MAC Filtering 4.6.3 On this page, you can control the access to the Internet of local host by specifying their MAC addresses.

  • Page 85: Access Control

     List of Rules You can view the information of the entries and edit them by the Action buttons. 4.6.4 Access Control 4.6.4.1 URL Filtering URL (Uniform Resource Locator) specifies where an identified resource is available and the mechanism for retrieving it. URL Filter functions to filter the Internet URL address, so as to provide a convenient way for controlling the access to Internet from LAN hosts.
  • Page 86  URL Filtering Rule Select the range in which the URL Filtering takes effect: Object: Group: URL Filtering will take effect to all the users in group.  ANY: URL Filtering will take effect to all the users.  Select the mode for URL Filtering. “Keywords’’ indicates that all Mode: the URL addresses including the specified keywords will be filtered.
  • Page 87 4.6.4.2 Web Filtering On this page, you can filter the desired web components. Choose the menu Firewall→Access Control→Web Filtering to load the following page. Figure 4-45 Web Filtering Check the box before Enable Web Filtering and select the web components to be filtered. 4.6.4.3 Access Rules Choose the menu Firewall→Access Control→Access Rules to load the following page.
  • Page 88 Figure 4-46 Access Rule The following items are displayed on this screen: Access Rules  Policy: Select a policy for the entry: Block: When this option is selected, the packets obeyed the rule  will not be allowed to pass through the router. Allow: When this option is selected, the packets obeyed the rule ...
  • Page 89 Source: Select the Source IP Range for the entries, including the following three ways: IP/MASK: Enter an IP address or subnet mask. ("0.0.0.0/32"  means any IP). Group: Select a predefined group of users. You can set the group  on4.4.1 Group.
  • Page 90 4.6.4.4 Service The Service function allows you to specify the protocol and port number to be filtered for Firewall function conveniently. Protocol name and port range constitute a service type. The router predefines three commonly used services such as HTTP, FTP and TELNET and you can also add customized services if needed.

  • Page 91: App Control

     List of Service You can view the information of the entries and edit them by the Action buttons. Note: The service types predefined by the system cannot be modified. App Control 4.6.5 4.6.5.1 Control Rules On this page, you can enable the Application Rules function. Choose the menu Firewall→App Control→Control Rules to load the following page.
  • Page 92  Control Rules Specify the object for the entry. You can select “Group” to limit the Object: predefined group, or select “ANY” to limit all the users. Group: If select “Group” as object, you can select the group in the drop-down list. To establish new group, please refer to 4.4.1 Group.

  • Page 93: Services

    The database refers to all the applications in the application list on the Application Rules page. You can download the latest database from http://www.tp-link.com. Click the <Browse> button and select the file, and then click the <Upgrade> button to upgrade the database. 4.7 Services 4.7.1 PPPoE Server The router can be configured as a PPPoE server to specify account and IP address to users in LAN and...
  • Page 94 PPPoE User Isolation: Specify whether to allow the Dial-in Users to communicate with one another. Enter the Primary/Secondary DNS server address. The default is Primary/Secondary DNS: 0.0.0.0. Max Sessions: Specify the maximum number of the sessions for PPPoE server. The default is 256.
  • Page 95 4.7.1.2 IP Address Pool On this page, you can define or edit the IP Address Pool. Choose the menu Services→PPPoE Server→IP Address Pool to load the following page. Figure 4-51 IP Address Pool The following items are displayed on this screen: IP Address Pool ...
  • Page 96 Figure 4-52 Account The following items are displayed on this screen: Account  Enter the account name. This name should not be the same with the Account Name: one in L2TP/PPTP connection settings. Password: Enter the password. IP Address Assigned Select the IP Address Assigned Mode for IP assignment.
  • Page 97 Description: Enter the description for management and search purposes. Up to 28 characters can be entered. Activate or inactivate the entry. Status: MAC Binding: Select a MAC Binding type from the pull-down list. Options include: Disable: Select this option to disable the MAC Binding function. ...
  • Page 98 Figure 4-53 Exceptional IP The following items are displayed on this screen: Exceptional IP  IP Address Range: Specify the start and the end IP address to make an exceptional IP address range. This range should be in the same IP range with LAN port of the router.

  • Page 99: E-Bulletin

    4.7.2 E-Bulletin With E-Bulletin function, bulletin information can be released to the specified users. On this page you can edit the bulletin content and specify the receiving user group. Choose the menu Services→E-Bulletin to load the following page. Figure 4-55 E-Bulletin The following items are displayed on this screen: General ...

  • Page 100: Dynamic Dns

    Enable Logs: Specify whether to log the E-Bulletin. E-Bulletin  Title: Enter a title for the bulletin. Enter the content of the bulletin. Content: Object: Select the object of this bulletin. Options include: ANY: The bulletin will be released to all the users and the PCs on the ...
  • Page 101 As many ISPs use DHCP to assign public IP addresses in WAN, the public IP address assigned to the client is unfixed. In this way, it is very difficult for other clients to get the latest IP address of this client for access.
  • Page 102 The following items are displayed on this screen: Dyndns DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of Dyndns for register. Password: Enter the password of your DDNS account.
  • Page 103 Figure 4-57 NO-IP DDNS The following items are displayed on this screen: No-IP DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of No-IP for register. Enter the password of your DDNS account.
  • Page 104 DDNS Status: Displays the current status of DDNS service Offline: DDNS service is disabled.  Connecting: Client is connecting to the server.  Online: DDNS works normally.  Authorization fails: The Account Name or Password is incorrect.  Please check and enter it again. Invalid Domain name: The Domain Name is incorrect or unregistered.
  • Page 105 The following items are displayed on this screen: PeanutHull DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of PeanutHull for register. Password: Enter the password of your DDNS account.
  • Page 106 Figure 4-59 Comexe DDNS The following items are displayed on this screen: Comexe DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of Comexe for register. Password: Enter the password of your DDNS account.

  • Page 107: Upnp

     List of Comexe Account In this table, you can view the existing DDNS entries or edit them by the Action button. 4.7.4 UPnP Devices based on UPnP (Universal Plug and Play) protocol from different manufacturer can automatically discover and communicate with one another. If UPnP groupware are installed in the host in LAN and UPnP function is enabled for the router, the host in LAN can automatically open the corresponding port to allow the UPnP application in WAN to access the resource of the host in LAN via this port, so that the functions limited to NAT can work...

  • Page 108: Maintenance

    Note: ● When using UPnP function, make sure the UPnP is enabled for the router, and the operating system and applications in the host support UPnP service. ● As some Trojan and viruses can open the specific port using UPnP service resulting in hacker attack on the host, be careful of using UPnP service.
  • Page 109 Note: ● The factory default password and user name are both admin. ● You should enter the new user name and password when next login if the current username and password has been changed. ● The new user name and password must not exceed 31 characters in length and must consist of numbers or letters.

  • Page 110: Remote Management

    Note: ● The default Web Management Port is 80. If the port is changed, you should type “http://IP address: port” to login the router. E.g.: If the Web Management Port is changed to 88, type http://192.168.0.1:88 in the address filed to login the router. ●...

  • Page 111: Management

    Figure 4-63 Remote Management The following items are displayed on this screen:  Remote Management Subnet/Mask: Specify a single IP address or network address for the hosts desired to access the router from external network. Status: Activate or inactivate the entry. ...
  • Page 112 Figure 4-65 Export and Import The following items are displayed on this screen:  Configuration Version Displays the current configuration version of the router.  Export Click the <Export> button to save the current configuration as a file to your computer. You are suggested to take this measure before upgrading or modifying the configuration.

  • Page 113: Snmp

    Figure 4-66 Reboot Click the <Reboot> button to reboot the router. The configuration will not be lost after rebooting. The Internet connection will be temporarily interrupted while rebooting. Note: To avoid damage, please do not turn off the device while rebooting. 4.8.2.4 Firmware Upgrade Choose the menu Maintenance→Management →Firmware Upgrade to load the following page.
  • Page 114 Choose the menu Maintenance→SNMP→SNMP to load the following page. Figure 4-68 SNMP The following items are displayed on this screen:  General Enable or disable the SNMP function. SNMP: Device Name: Enter the name of the router. Enter the location of the router. Location: Contact: Enter the name of the network administrator for the router, as well as a...

  • Page 115: Statistics

    4.8.4 Statistics 4.8.4.1 Interface Traffic Statistics Interface Traffic Statistics screen displays the detailed traffic information of each port and extra information of WAN ports. Choose the menu Maintenance→Statistics→Interface Traffic Statistics to load the following page. Figure 4-69 Interface Traffic Statistics The following items are displayed on this screen: ...

  • Page 116: Diagnostics

    Figure 4-70 IP Traffic Statistics The following items are displayed on this screen:  General Enable IP Traffic Allows you to enable or disable IP Traffic Statistics. Statistics: Enable Auto-refresh: Allows you to enable/disable refreshing the IP Traffic Statistics automatically. The default refresh interval is 5 seconds. ...
  • Page 117 Figure 4-71 Diagnostics The following items are displayed on this screen:  Ping Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if you select “Auto”, the router will select the interface of destination automatically. After clicking <Start> button, the router will send Ping packets to test the network connectivity and reachability of the host and the results will be displayed in the box below.
  • Page 118  Tracert Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if Auto is selected, the router will select the interface of destination automatically. After clicking the <Start> button, the router will send Tracert packets to test the connectivity of the gateways during the journey from the source to destination of the test data and the results will be displayed in the box below.

  • Page 119: Time

     List of WAN status Port: Displays the detected WAN port. Detection: Displays whether the Online Detection is enabled. WAN Status: Display the detecting results. Time 4.8.6 4.8.6.1 Time System Time is the time displayed while the router is running. On this page you can configure the system time and the settings here will be used for other time-based functions like Access Rule, PPPoE and Logs.

  • Page 120: Daylight Saving Time

     Config Get UTC: When this option is selected, you can configure the time zone and the IP address for the NTP server. The router will get UTC automatically if it has connected to an NTP server. Time Zone: Select the time zone for the router. ...

  • Page 121: Logs

    The following items are displayed on this screen:  Daylight Saving Time(DST) State Show the work state of DST.  Daylight Saving Time(DST) Config DST Status: Enable or disable the DST. Predefined Mode: Select a predefined DST configuration. USA: Second Sunday in March, 02:00 – First Sunday in November, ...
  • Page 122 Figure 4-75 Logs  List of Logs List of Logs displays the system log information in log buffer.  Config Enable Auto-refresh: With this option selected, the page will refresh automatically every 5 seconds. Severity: Displays the severity level of the log information. You can select a severity level to display the log information with the same level.

  • Page 123: Nat Table

    Level Description Severity Debug-level messages debugging 4.8.8 NAT Table NAT Table corresponds to a mapping relation, which displays the connection sessions in network to help user check forwarding status and troubleshoot network. Choose the menu Maintenance→NAT Table→NAT Table to load the following page. Figure 4-76 NAT Table The following items are displayed on this screen: Filter Setting...
  • Page 124 Aging Time: Displays the time which the link lasts (Unit: second). Out Link: Displays the WAN port which is used in the link. Sorted by: Select the rule for displaying the NAT Table. You can click table headers to sort items. -118-...

  • Page 125: Appendix A Hardware Specifications

    Appendix A Hardware Specifications IEEE 802.3, 802.3u Standards and Protocols TCP/IP, PPPoE, DHCP, ICMP, NAT, SNTP, HTTP, DNS One 10/100 Auto-Negotiation WAN RJ45 port (Auto MDI/MDIX) Three adjustable 10/100M Auto-Negotiation WAN/LAN RJ45 ports (Auto MDI/MDIX) Ports One 10/100M Auto-Negotiation LAN RJ45 port (Auto MDI/MDIX) One Console Port 10Base-T: UTP/STP of Cat.

  • Page 126: Appendix Bfaq

    Appendix B FAQ Q1. What can I do if I cannot access the web-based configuration page? For the first login, please try the following steps: Make sure the cable is well connected to the LAN port of the router. The corresponding LED should flash or be solid light.
  • Page 127 Q3: What can I do if the router with the remote management function enabled cannot be accessed by the remote computer? Make sure that the IP address of the remote computer is in the subnet allowed to remotely access the router. If the router’s management port has been modified, please log into the router with the new address, such as http://192.168.0.1:XX (“XX”...

  • Page 128: Appendix C Glossary

    Appendix C Glossary Glossary Description Application Level Gateway (ALG) is application specific translation agent that allows an application on a host in one ALG ( Application Layer address realm to connect to its counterpart running on a host in Gateway) different realm transparently.
  • Page 129 Glossary Description H.323 allows dissimilar communication devices to communicate with each other by using a standardized communication H.323 protocol. H.323 defines a common set of CODECs, call setup and negotiating procedures, and basic data transport methods. The protocol used by Web browsers and Web servers to HTTP(Hypertext Transfer transfer files, such as text and graphic files.
  • Page 130 Glossary Description Standardized data link layer address that is required for every port or device that connects to a LAN. Other devices in the MAC address(Media network use these addresses to locate specific ports in the Access Control address) network and to create and update routing tables and data structures.
  • Page 131 Glossary Description TCP(Transfer Control Connection-oriented transport layer protocol that provides Protocol) reliable full-duplex data transmission. TCP/IP(Transmission Common name for the suite of protocols to support the Control Protocol/ Internet construction of worldwide Internetworks. TCP and IP are the two Protocol) best-known protocols in the suite.

This manual is also suitable for:

Tl-r480t+Tl-r470t+Tl-r480t+

Table of Contents