TP-Link TL-ER6120 User Manual
  1. Manuals
  2. Brands
  3. TP-Link Manuals
  4. Network Router
  5. SafeStream TL-ER6120
  6. User manual

TP-Link TL-ER6120 User Manual

Gigabit dual-wan vpn router
Hide thumbs Also See for TL-ER6120:
Table of Contents

Advertisement

Quick Links

See also: User Manual , Installation Manual
TL-ER6120
Gigabit Dual-WAN VPN Router
REV1.2.1
1910011310

Advertisement

Table of Contents
loading

Related Manuals for TP-Link TL-ER6120

Summary of Contents for TP-Link TL-ER6120

  • Page 1 TL-ER6120 Gigabit Dual-WAN VPN Router REV1.2.1 1910011310...

  • Page 2: Fcc Statement

    No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-LINK TECHNOLOGIES CO., LTD. Copyright © 2015 TP-LINK TECHNOLOGIES CO., LTD. All rights reserved. http://www.tp-link.com FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules.

  • Page 3: Safety Information

    Продукт сертифіковано згідно с правилами системи УкрСЕПРО на відповідність вимогам нормативних документів та вимогам, що передбачені чинними законодавчими актами України. Safety Information When product has power button, the power button is one of the way to shut off the product; When ...

  • Page 4: Table Of Contents

    CONTENTS ........................1 Package Contents ....................2 Chapter 1 About this Guide Intended Readers ........................2 Conventions ........................... 2 Overview of this Guide ......................2 ......................4 Chapter 2 Introduction Overview of the Router ......................4 Features ..........................5 Appearance ..........................6 2.3.1 Front Panel ........................
  • Page 5 3.3.3 Session Limit ......................55 3.3.4 Load Balance ......................57 3.3.5 Routing ........................61 Firewall ..........................66 3.4.1 Anti ARP Spoofing ....................66 3.4.2 Attack Defense ......................69 3.4.3 MAC Filtering ......................71 3.4.4 Access Control ......................71 3.4.5 App Control ......................77 VPN............................
  • Page 6 Network Topology ....................... 125 Configurations ........................125 4.3.1 Internet Setting ...................... 125 4.3.2 VPN Setting ......................127 4.3.3 Network Management .................... 133 4.3.4 Network Security ....................137 ........................ 143 Chapter 5 CLI Configuration ........................143 Interface Mode ........................146 Online Help ........................147 Command Introduction .......................

  • Page 7: Package Contents

    Package Contents The following items should be found in your package: One TL-ER6120 Router  One Power Cord  One Console Cable  Two mounting brackets and other fittings  Installation Guide  Resource CD  Note: Make sure that the package contains the above items. If any of the listed items is damaged or missing,...

  • Page 8: Chapter 1 About This Guide

    Chapter 1 About this Guide This User Guide contains information for setup and management of TL-ER6120 router. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for Network Engineer and Network Administrator. 1.2 Conventions In this Guide the following conventions are used: The router or TL-ER6120 mentioned in this Guide stands for TL-ER6120 SafeStream Gigabit ...
  • Page 9 Appendix A Hardware Lists the hardware specifications of this router. Specifications Appendix B FAQ Provides the possible solutions to the problems that may occur during the installation and operation of the router. Appendix C Glossary Lists the glossary used in this guide.

  • Page 10: Chapter 2 Introduction

    Thanks for choosing the SafeStream Gigabit Dual-WAN VPN Router TL-ER6120. 2.1 Overview of the Router The SafeStream Gigabit Dual-WAN VPN Router TL-ER6120 from TP-LINK possesses excellent data processing capability and multiple powerful functions including IPsec/PPTP/L2TP VPN, Load Balance, Access Control, Bandwidth Control, Session Limit, IM/P2P Blocking, PPPoE Server and so on, which consumedly meet the needs of small and medium enterprise, hotels and communities with volumes of users demanding a efficient and easy-to-manage network with high security.

  • Page 11: Features

    Dual-WAN Ports  + Providing two 10/100/1000M WAN ports for users to connect two Internet lines for bandwidth expansion. + Supporting multiple Load Balance modes, including Bandwidth Based Balance Routing, Application Optimized Routing, and Policy Routing to optimize bandwidth usage. + Featured Link Backup to switch all the new sessions from dropped line automatically to another for keeping an always on-line network.

  • Page 12: Appearance

    Supports GARP (Gratuitous ARP)  Deploys One-Click restricting of IM/P2P applications  2.3 Appearance 2.3.1 Front Panel The front panel of TL-ER6120 is shown as the following figure. LEDs  Status Indication The router is powered on The router is powered off or power supply is abnormal...

  • Page 13: Rear Panel

    Reset button (about 4~5 seconds). After the SYS LED goes out, release the Reset button. If the SYS LED is flashing with a high frequency about two or three seconds, it means the router is restored successfully. 2.3.2 Rear Panel The rear panel of TL-ER6120 is shown as the following figure.
  • Page 14 Power Socket  Connect the female connector of the power cord to this power socket, and the male connector to the AC power outlet. Please make sure the voltage of the power supply meets the requirement of the input voltage (100-240V~ 50/60Hz). Grounding Terminal ...

  • Page 15: Chapter 3 Configuration

    Figure 3-1 Status 3.1.2 System Mode The TL-ER6120 can work in three modes: NAT, Non-NAT and Classic. If your router is hosting your local network’s connection to the Internet with a network topology as the Figure 3-2 shown, you can set it to NAT mode.
  • Page 16 Figure 3-2 Network Topology - NAT Mode If your router is connecting the two networks of different areas in a large network environment with a network topology as the Figure 3-3 shown, and forwards the packets between these two networks by the Routing rules, you can set it to Non-NAT mode.
  • Page 17 Figure 3-4 Network Topology – Classic Mode Choose the menu Network→System Mode to load the following page. Figure 3-5 System Mode You can select a System Mode for your router according to your network need. NAT Mode  NAT (Network Address Translation) mode allows the router to translate private IP addresses within internal networks to public IP addresses for traffic transport over external networks, such as the Internet.

  • Page 18: Wan

    3.1.3 WAN TL-ER6120 provides the following six Internet connection types: Static IP, Dynamic IP, PPPoE/Russian PPPoE, L2TP/Russian L2TP, PPTP/Russian PPTP and BigPond. To configure the WAN, please first select the type of Internet connection provided by your ISP (Internet Service Provider).
  • Page 19 Static IP  Connection Type: Select Static IP if your ISP has assigned a static IP address for your computer. IP Address: Enter the IP address assigned by your ISP. If you are not clear, please consult your ISP. Subnet Mask: Enter the Subnet Mask assigned by your ISP.
  • Page 20 Figure 3-7 WAN – Dynamic IP The following items are displayed on this screen: Dynamic IP  Connection Type: Select Dynamic IP if your ISP assigns the IP address automatically. Click <Obtain> to get the IP address from your ISP’s server. Click <Release>...
  • Page 21 Use the following DNS Select this option to enter the DNS (Domain Name Server) address Server: manually. Primary DNS: Enter the IP address of your ISP’s Primary DNS (Domain Name Server). If you are not clear, please consult your ISP. Secondary DNS: Optional.
  • Page 22 PPPoE If your ISP (Internet Service Provider) has provided the account information for the PPPoE connection, please choose the PPPoE connection type (Used mainly for DSL Internet service). Figure 3-8 WAN - PPPoE The following items are displayed on this screen: -16-...
  • Page 23 PPPoE Settings  Connection Type: Select PPPoE if your ISP provides xDSL Virtual Dial-up connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet connection and release the current IP address. Account Name: Enter the Account Name provided by your ISP.
  • Page 24 Service Name: Optional. Enter the Service Name provided by your ISP. It's null by default. Primary DNS: Enter the IP address of your ISP’s Primary DNS. Secondary DNS: Optional. Enter the IP address of your ISP’s Secondary DNS. Secondary Connection: Here allows you to configure the secondary connection.
  • Page 25 response from your ISP. Please ensure that your settings are correct and your network is connected well. Consult your ISP if this problem remains. IP Address: Displays the IP address assigned by your ISP. Gateway Address: Displays the Gateway Address assigned by your ISP. Primary DNS: Displays the IP address of your ISP’s Primary DNS.
  • Page 26 Figure 3-9 WAN - L2TP The following items are displayed on this screen: L2TP Settings  Connection Type: Select L2TP if your ISP provides a L2TP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect>...
  • Page 27 Server IP: Enter the Server IP provided by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the physical network. It can be set in the range of 576-1460. The default MTU is 1460. It is recommended to keep the default value if no other MTU value is provided by your ISP.
  • Page 28 Downstream Specify the bandwidth for receiving packets on the port. Bandwidth: L2TP Status  Status: Displays the status of PPPoE connection. “Disabled” indicates that the L2TP connection type is not applied.  “Connecting” indicates that the router is obtaining the IP ...
  • Page 29 Figure 3-10 WAN - PPTP The following items are displayed on this screen: PPTP Settings  Connection Type: Select PPTP if your ISP provides a PPTP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect>...
  • Page 30 Server IP: Enter the Server IP provided by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the physical network. It can be set in the range of 576-1460. The default MTU is 1460. It is recommended to keep the default value if no other MTU value is provided by your ISP.
  • Page 31 PPTP Status  Status: Displays the status of PPTP connection. “Disabled” indicates that the PPTP connection type is not  applied. “Connecting” indicates that the router is obtaining the IP  parameters from your ISP. “Connected” indicates that the router has successfully obtained ...
  • Page 32 Figure 3-11 WAN – Bigpond The following items are displayed on this screen: BigPond Settings  Connection Type: Select BigPond if your ISP provides a BigPond connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect>...
  • Page 33 Auth Mode: You can select the proper Active mode according to your need. Manual: Select this option to manually activate or terminate the  Internet connection by the <Connect> or <Disconnect> button. It’s optimum for the dial-up connection charged on time. Always-on: Select this option to keep the connection always on.

  • Page 34: Lan

    Note: To ensure the BigPond connection re-established normally, please restart the connection at least 5 seconds after the connection is off. 3.1.4 LAN 3.1.4.1 On this page, you can configure the parameters for LAN port of this router. Choose the menu Network→LAN→LAN to load the following page. Figure 3-12 LAN The following items are displayed on this screen: ...
  • Page 35 Figure 3-13 DHCP Settings The following items are displayed on this screen: DHCP Settings  DHCP Server: Enable or disable the DHCP server on your router. To enable the router to assign the TCP/IP parameters to the computers in the LAN automatically, please select Enable.

  • Page 36: Dhcp Reservation

    Primary DNS: Optional. Enter the Primary DNS server address provided by your ISP. It is recommended to enter the IP address of the LAN port of the router. Secondary DNS: Optional. If a Secondary DNS Server address is available, enter it. 3.1.4.3 DHCP Client On this page, you can view the information about all the DHCP clients connected to the router.

  • Page 37: Dmz

    DMZ (Demilitarized Zone) is a network which has fewer default firewall restrictions than the LAN does. TL-ER6120 provides a DMZ port to allow all the local hosts connected to this port to be exposed to the Internet for some special-purpose services, such as such as Internet gaming and video-conferencing.
  • Page 38 Hosts in DMZ can directly communicate with LAN using the private IP addresses within the different subnet of LAN. Figure 3-17 DMZ – Private Mode 3.1.5.1 This page allows you to configure the DMZ port of TL-ER6120. Choose the menu Network→DMZ→DMZ to load the following page. Figure 3-18 DMZ -32-...

  • Page 39: Mac Address

    In a complex network topology with all the ARP bound devices, if you want to use TL-ER6120 instead of the current router in a network node, you can just set the MAC address of TL-ER6120‘s LAN port the same to the MAC address of the previous router, which can avoid all the devices under this network node to update their ARP binding tables.

  • Page 40: Switch

    To avoid a conflict of MAC address on the local area network, it’s not allowed to set the MAC address of the router’s LAN port to the MAC address of the current management PC. 3.1.7 Switch Some basic switch port management functions are provided by TL-ER6120, which facilitates you to monitor the traffic and manage the network effectively. 3.1.7.1...
  • Page 41 Choose the menu Network→Switch→Statistics to load the following page. Figure 3-20 Statistics The following items are displayed on this screen: Statistics  Unicast: Displays the number of normal unicast packets received or transmitted on the port. Broadcast: Displays the number of normal broadcast packets received or transmitted on the port.

  • Page 42: Port Mirror

    Normal: Displays the number of the received packets (including error frames) that are between 64 bytes and the maximum frame length. The maximum untagged frame this router can support is 1518 bytes long and the maximum tagged frame is 1522 bytes long. Oversize: Displays the number of the received packets (including error frames) that are longer than the maximum...
  • Page 43 General  Enable Port Mirror: Check the box to enable the Port Mirror function. If unchecked, it will be disabled. Mode: Select the mode for the port mirror function. Options include: Ingress: When this mode is selected, only the incoming packets sent ...

  • Page 44: Rate Control

    Check the box before Enable Port Mirror to enable the Port Mirror function and select the Ingress & Egress mode. Select Port 3 to be the Mirroring Port to monitor all the packets of the other ports. Select all the other ports to be the Mirrored Ports. Click the <Save>...

  • Page 45: Port Config

    Ingress Mode: Select the Ingress Mode for each port. Options include: All Frames: Select this option to limit all the frames.  Broadcast & Multicast: Select this option to limit broadcast frame and  multicast frame. Broadcast: Select this option to limit the broadcast frame. ...

  • Page 46: Port Status

    LAN. However, hosts in different VLANs cannot communicate with one another directly. Therefore, broadcast packets are limited in a VLAN. TL-ER6120 provides the Port VLAN function, which allows you to create multiple logical VLANs for the LAN ports based on their port numbers.

  • Page 47: User Group

    Figure 3-25 Port VLAN The following items are displayed on this screen: Port VLAN  Network: Displays the current logical network of the physical port. VLAN: Select the desired VLAN for the port. Tips: ● The Port VLAN can only be created among the LAN ports. ●...

  • Page 48: User

    The following items are displayed on this screen: Group Config  Group Name: Specify a unique name for the group. Description: Give a description for the group. It's optional. List of Group  In this table, you can view the information of the Groups and edit them by the Action buttons. 3.2.2 User On this page, you can configure the User for the group.
  • Page 49 Figure 3-28 View Configuration The following items are displayed on this screen: View Config  View: Select the desired view for configuration. User Name: Select the name of the desired User. Available Group: Displays the Groups that the User can join. Selected Group: Displays the Groups to which this User belongs.

  • Page 50: Advanced

    3.3 Advanced 3.3.1 NAT NAT (Network Address Translation) is the translation between private IP and public IP, which allows private network users to visit the public network using private IP addresses. With the explosion of the Internet, the number of available IP addresses is not enough. NAT provides a way to allow multiple private hosts to access the public network with one public IP at the same time, which alleviates the shortage of IP addresses.
  • Page 51  Mapping IP Address: Enter the Original IP Address in the first checkbox and Translated IP Address in the second checkbox. TL-ER6120 allows mapping from LAN port to WAN port and DMZ in LAN Mode. Interface: Select an interface for forwarding data packets.
  • Page 52 3.3.1.3 Multi-Nets NAT Multi-Nets NAT function allows the IP under LAN or DMZ port within multiple subnets to access the Internet via NAT. Choose the menu Advanced→NAT→Multi-Nets NAT to load the following page. Figure 3-31 Multi-Nets NAT The following items are displayed on this screen: Multi-Nets NAT ...
  • Page 53 Application Example: Network Requirements The LAN subnet of TL-ER6120 is 192.168.0.0 /24, the subnet of VLAN2 under a three layer switch is 192.168.2.0 /24, while the subnet of VLAN3 is 192.168.3.0 /24. The IP of VLAN for cascading the switch to the router is 192.168.0.2. Now the hosts within VLAN2 and VLAN3 desire to access the Internet.

  • Page 54: Virtual Server

    Then set the corresponding Static Route entry, enter the IP address of the interface connecting the router and the three layer switch into the Next Hop field. Choose the menu Advanced→Routing→Static Route to load the following page. The Static Route entry is as follows: 3.3.1.4 Virtual Server Virtual server sets up public services in your private network, such as DNS, Email and FTP, and...

  • Page 55: Port Triggering

    Virtual Server  Name: Enter a name for Virtual Server entries. Up to 28 characters can be entered. External Port: Enter the service port or port range the router provided for accessing external network. All the requests from Internet to this service port or port range will be redirected to the specified server in local network.
  • Page 56 Figure 3-33 Port Triggering The following items are displayed on this screen: Port Triggering  Name: Enter a name for Port Triggering entries. Up to 28 characters can be entered. Trigger Port: Enter the trigger port number or the range of port. Only when the trigger port initiates connection will all the corresponding incoming ports open and provide service for the applications, otherwise the incoming ports will not open.
  • Page 57 Note: ● The Trigger Port and Incoming Port should be set in the range of 1-65535. The Incoming Port can be set in a continuous range such as 8690-8696. ● The router supports up to 16 Port Triggering entries. Each entry supports at most 5 groups of trigger ports and overlapping between the ports is not allowed.

  • Page 58: Traffic Control

    SIP ALG: Enable or disable SIP ALG. The default setting is enabled. It is recommended to keep the default setting if no special requirement. IPsec ALG: Enable or disable IPsec ALG. The default setting is enabled. It is recommended to keep default if no special requirement. PPTP ALG: Enable or disable PPTP ALG.
  • Page 59 Enable Bandwidth Select this option to enable Bandwidth Control all the time. Control all the time: Enable Bandwidth With this option selected, the Bandwidth Control will take effect when the Control When: bandwidth usage reaches the specified value. Default Limit ...
  • Page 60 Figure 3-36 Bandwidth Control The following items are displayed on this screen: Bandwidth Control Rule  Direction: Select the data stream direction for the entry. The direction of arrowhead indicates the data stream direction The DMZ port displays in the drop-down list only when the DMZ port is enabled.

  • Page 61: Session Limit

    Effective Time: Specify the time for the entry to take effect. Description: Give a description for the entry. Status: Activate or inactivate the entry. List of Rules  You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 3-36 indicates: The users within group “sales”...

  • Page 62: Session List

    Figure 3-37 Session Limit The following items are displayed on this screen: General  Enable Session Check here to enable Session Limit, otherwise all the Session Limit Limit: entries will be disabled. Session Limit  Group: Select a group to define the controlled users. Max.

  • Page 63: Load Balance

    Figure 3-38 Session List In this table, you can view the session limit information of users configured with Session Limit. Click the <Refresh> button to get the latest information. 3.3.4 Load Balance In this part, you can configure the traffic sharing mode of the WAN ports to optimize the resource utilization.
  • Page 64 Figure 3-40 Policy Routing The following items are displayed on this screen: General  Protocol: Select the protocol for the entry in the drop-down list. If the protocol you want to set is not in the list, you can add it to the list on 3.3.4.4 Protocol page.
  • Page 65 Status: Activate or inactivate the entry. List of Rules  You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 3-40 indicates: All the packets with Source IP between 192.168.0.100 and 192.168.0.199 and Destination IP between 116.10.20.28 and 116.10.20.29 will be forwarded from WAN1 port, regardless of the port and protocol.
  • Page 66 General  WAN Ports: Displays all the WAN ports in use. You can drag the light-blue WAN button to primary and backup WAN list. The color of WAN button changing to gray indicates that the WAN port is already in the primary and backup WAN list.

  • Page 67: Routing

    3.3.4.4 Protocol On this page, you can specify the protocol for routing rules conveniently. A protocol constitutes of the name and number. The router predefines three commonly used protocols such as TCP, UDP and TCP/UDP. Moreover, you can also add new protocols as your wish. Choose the menu Advanced→Load Balance→Protocol to load the following page.
  • Page 68 Commonly used in small-sized network with fixed topology, Static Route does not change along with the network topology automatically. The administrator should modify the static route information manually as long as the network topology or link status is changed. Choose the menu Advanced→Routing→Static Route to load the following page. Figure 3-43 Static Route The following items are displayed on this screen: Static Route...
  • Page 69 List of Rules  You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 3-43 indicates: If there are packets being sent to a device with IP address of 211.162.1.0 and subnet mask of 255.255.255.0, the router will forward the packets from WAN1 port to the next hop of 211.200.1.1.
  • Page 70 (Variable Length Subnet Mask), simple plain text authentication, MD5 cryptograph authentication, CIDR (Classless Inter-Domain Routing) and multicast. TL-ER6120 supports both RIPv1 version and RIPv2 version, thus you can configure the RIP version based on the actual need to improve the network performance.
  • Page 71 General  Interface: Displays the interfaces which has been physically connected or assigned static IP. Status: Enable or disable RIP protocol. RIP Version: Select RIPv1 or RIPv2. RIPv2 supports multicast and broadcast. Password If RIPv2 is enabled, set the Password Authentication according to the actual Authentication: network situation, and the password should not be more than 15 characters.

  • Page 72: Firewall

    Figure 3-45 RIP The following items are displayed on this screen: Route Table  Destination: The Destination of route entry. Gateway: The Gateway of route entry. Flags: The Flags of route entry. The Flags describe certain characteristics of the route. Logical Interface: The logical interface of route entry.
  • Page 73 packets, which results in a breakdown of the normal communication. Thus, ARP defense technology is generated to prevent the network from this kind of attack. 3.4.1.1 IP-MAC Binding IP-MAC Binding functions to bind the IP address, MAC address of the host together and only allows the Hosts matching the bound entries to access the network.

  • Page 74: Arp Scanning

    Description: Give a description for the entry. Status: Activate or inactivate the entry. List of Rules  You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 3-46 indicates: The IP address of 192.168.1.101 and MAC address of 00-19-66-83-53-CF have been bound and this entry is activated.

  • Page 75: Attack Defense

    Indicates that the IP and MAC address of this entry are not bound and may be replaced by error ARP information. Indicates that this entry is imported to the list on IP-MAC Binding page, but not effective yet. Indicates that the IP and MAC address of this entry are already bound. To bind the entries in the list, check these entries and click the <Import>...
  • Page 76 Figure 3-49 Attack Defense The following items are displayed on this screen: General  Flood Defense: Flood attack is a commonly used DoS (Denial of Service) attack, including TCP SYN, UDP, ICMP and so on. It is recommended to select all the Flood Defense options and specify the corresponding thresholds.

  • Page 77: Mac Filtering

    MAC Filtering 3.4.3 On this page, you can control the Internet access of local hosts by specifying their MAC addresses. Choose the menu Firewall→MAC Filtering→MAC Filtering to load the following page. Figure 3-50 MAC Filtering The following items are displayed on this screen: General ...
  • Page 78 Choose the menu Firewall→Access Control→URL Filtering to load the following page. Figure 3-51 URL Filtering The following items are displayed on this screen: General  To control the access to Internet for hosts in your private network, you are recommended to check the box before Enable URL Filtering and select a filtering rule based on the actual situation.

  • Page 79: Web Filtering

    List of Rules  You can view the information of the entries and edit them by the Action buttons. Application Example: Network Requirements: Prevent the local hosts from accessing Internet website www.aabbcc.com anytime and downloading the files with suffix of “exe” at 8:00-20:00 from Monday to Friday. Configuration Procedure: Select Keywords mode and type ”exe“...

  • Page 80: Access Rules

    3.4.4.3 Access Rules Choose the menu Firewall→Access Control→Access Rules to load the following page. Figure 3-53 Access Rule The following items are displayed on this screen: Access Rules  Policy: Select a policy for the entry: Block: When this option is selected, the packets obeyed the rule ...
  • Page 81 Source: Select the Source IP Range for the entries, including the following three ways: IP/MASK: Enter an IP address or subnet mask. ("0.0.0.0/32"  means any IP). Group: Select a predefined group of users. You can set the group  on3.2.1 Group.
  • Page 82 3.4.4.4 Service The Service function allows you to specify the protocol and port number to be filtered for Firewall function conveniently. Protocol name and port range constitute a service type. The router predefines three commonly used services such as HTTP, FTP and TELNET and you can also add customized services if needed.

  • Page 83: App Control

    List of Service  You can view the information of the entries and edit them by the Action buttons. Note: The service types predefined by the system cannot be modified. App Control 3.4.5 3.4.5.1 Control Rules On this page, you can enable the Application Rules function. Choose the menu Firewall→App Control→Control Rules to load the following page.
  • Page 84 Control Rules  Object: Specify the object for the entry. You can select “Group” to limit the predefined group, or select “ANY” to limit all the users. Group: If select “Group” as object, you can select the group in the drop-down list. To establish new group, please refer to 3.2.1 Group.

  • Page 85: Vpn

    The database refers to all the applications in the application list on the Application Rules page, you can download the latest database from http://www.tp-link.com, Click the <Browse> button and select the file, and then click the <Upgrade> button to upgrade the database.

  • Page 86: Ike Policy

    phase 2, the IKE peers use the ISAKMP SA established in Phase 1 to negotiate the parameters for security protocols in IPsec and create IPsec SA to secure the transmission data. 3.5.1.1 IKE Policy On this page you can configure the related parameters for IKE negotiation. Choose the menu VPN→IKE→IKE Policy to load the following page.
  • Page 87 Exchange Mode: Select the IKE Exchange Mode in phase 1, and ensure the remote VPN peer uses the same mode. Main: Main mode provides identity protection and exchanges more  information, which applies to the scenarios with higher requirement for identity protection. Aggressive: Aggressive Mode establishes a faster connection but ...

  • Page 88: Ike Proposal

    3.5.1.2 IKE Proposal On this page, you can define and edit the IKE Proposal. Choose the menu VPN→IKE→IKE Proposal to load the following page. Figure 3-59 IKE Proposal The following items are displayed on this screen: IKE Proposal  Proposal Name: Specify a unique name to the IKE proposal for identification and management purposes.

  • Page 89: Ipsec

    DH Group: Select the DH (Diffie-Hellman) group to be used in key negotiation phase 1. The DH Group sets the strength of the algorithm in bits. Options include DH1, DH2 and DH5. DH1: 768 bits  DH2: 1024 bits  DH3: 1536 bits ...
  • Page 90 Figure 3-60 IPsec Policy The following items are displayed on this screen: General  You can enable/disable IPsec function for the router here. IPsec Policy  Policy Name: Specify a unique name to the IPsec policy. Up to 28 characters can be entered.
  • Page 91 Remote Subnet: Specify IP address range on your remote network to identify which PCs on the remote network are covered by this policy. It's formed by IP address and subnet mask. WAN: Specify the local WAN port for this Policy. The "Remote Gateway"...
  • Page 92 Status: Activate or inactivate the entry. Manual Mode  IPsec Proposal: Select the IPsec Proposal. Only one proposal can be selected on Manual mode. You need to first create the IPsec Proposal. Incoming SPI: Specify the Incoming SPI (Security Parameter Index) manually. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa.

  • Page 93: Ipsec Proposal

    ESP Encryption Key-Out: Specify the outbound ESP Encryption Key manually if ESP protocol is used in the corresponding IPsec Proposal. The outbound key here must match the inbound ESP encryption key at the other end of the tunnel, and vice versa. List of IPsec Policy IPsec ...
  • Page 94 IPsec Proposal  Proposal Name: Specify a unique name to the IPsec Proposal for identification and management purposes. The IPsec proposal can be applied to IPsec policy. Security Protocol: Select the security protocol to be used. Options include: (Authentication Header) provides data origin...
  • Page 95 ESP Encryption: Select the algorithm used to encrypt the data for ESP encryption. Options include: NONE: Performs no encryption. DES: DES (Data Encryption Standard) encrypts a 64-bit block of plain text with a 56-bit key. The key should be 8 characters. 3DES: Triple DES, encrypts a plain text with 168-bit key.

  • Page 96: L2Tp/Pptp

    3.5.3 L2TP/PPTP Layer 2 VPN tunneling protocol consists of L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol). Both L2TP and PPTP encapsulate packet and add extra header to the packet by using PPP (Point to Point Protocol). Table depicts the difference between L2TP and PPTP. Protocol Media Tunnel...
  • Page 97 Figure 3-63 L2TP/PPTP Tunnel The following items are displayed on this screen: General  Enable VPN-to-Internet: Specify whether to enable VPN-to-Internet function. If enabled, the VPN client is permitted to access the LAN of the server and Internet. Hello Interval: Specify the interval to send hello packets.
  • Page 98 Mode: Specify the working mode for this router. Options include: Client: In this mode, the device sends a request to the remote  L2TP/PPTP server initiatively for establishing a tunnel. Server: In this mode, the router responds the request from the ...

  • Page 99: Ip Address Pool

    Client IP: Enter the IP address of the client which is allowed to connect to this L2TP/PPTP server. The default IP "0.0.0.0" means any IP address is acceptable. IP Address Pool: Select the IP Pool Name to specify the address range for the server's IP assignment.

  • Page 100: Services

    IP Address Pool  Pool Name: Specify a unique name to the IP Address Pool for identification and management purposes. IP Address Range: Specify the start and the end IP address for IP Pool. The start IP address should not exceed the end address and the IP ranges must not overlap. List of IP Pool ...
  • Page 101 The PPPoE configuration can be implemented on General, IP Address Pool, Account, Exceptional IP and List of Account pages. 3.6.1.1 General On this page, you can configure PPPoE function globally. Choose the menu Services→PPPoE Server→General to load the following page. Figure 3-66 General The following items are displayed on this screen: General...
  • Page 102 Max Echo-Requests: Specify the maximum number of Echo-Requests sent by the server to wait for response. The default is 10. The link will be dropped when the number of the unacknowledged LCP echo requests reaches your specified Max Echo-Requests. Idle Timeout: Enter the maximum idle time.
  • Page 103 Figure 3-67 IP Address Pool The following items are displayed on this screen: IP Address Pool  Pool Name: Specify a unique name to the IP Address Pool for identification and management purposes. IP Address Range: Specify the start and the end IP address for IP Pool. The start IP address should not exceed the end address and the IP address ranges must not overlap.
  • Page 104 Figure 3-68 Account The following items are displayed on this screen: Account  Account Name: Enter the account name. This name should not be the same with the one in L2TP/PPTP connection settings. Password: Enter the password. IP Address Assigned Select the IP Address Assigned Mode for IP assignment.
  • Page 105 Status: Activate or inactivate the entry. MAC Binding: Select a MAC Binding type from the pull-down list. Options include: Disable: Select this option to disable the MAC Binding function.  Manual: Select this option to bind the account to a MAC address ...

  • Page 106: E-Bulletin

    Exceptional IP  IP Address Range: Specify the start and the end IP address to make an exceptional IP address range. This range should be in the same IP range with LAN port or DMZ port of the router. The start IP address should not exceed the end address and the IP address ranges must not overlap.
  • Page 107 Figure 3-71 E-Bulletin The following items are displayed on this screen: General  Enable E-Bulletin: Specify whether to enable electronic bulletin function. Interval: Specify the interval to release the bulletin. Enable Logs: Specify whether to log the E-Bulletin. E-Bulletin  Title: Enter a title for the bulletin.

  • Page 108: Dynamic Dns

    Object: Select the object of this bulletin. Options include: ANY: The bulletin will be released to all the users and the PCs on the  LAN. Group: The bulletin will be released to the users in the selected group.  You can click <...
  • Page 109 The router, as a DDNS client, cannot provide DDNS service. Prior to using this function, be sure you have registered on the official websites of DDNS service providers for username, password and domain name. TL-ER6120 router offers PeanutHull DDNS client, Dyndns DDNS client, NO-IP DDNS client and Comexe DDNS client.
  • Page 110 WAN Port: Displays the WAN port for which Dyndns DDNS is selected. DDNS Status: Displays the current status of DDNS service Offline: DDNS service is disabled.  Connecting: client is connecting to the server.  Online: DDNS works normally.  Authorization fails: The Account Name or Password is incorrect.
  • Page 111 Domain Name: Enter the Domain Name that you registered with your DDNS service provider. DDNS Service: Activate or inactivate DDNS service here. WAN Port: Displays the WAN port for which No-IP DDNS is selected. DDNS Status: Displays the current status of DDNS service Offline: DDNS service is disabled.
  • Page 112 PeanutHull DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of PeanutHull for register. Password: Enter the password of your DDNS account. DDNS Service: Activate or inactivate DDNS service here.
  • Page 113 Figure 3-75 Comexe DDNS The following items are displayed on this screen: Comexe DDNS  Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of Comexe for register.

  • Page 114: Upnp

    DDNS Service: Activate or inactivate DDNS service here. WAN Port: Displays the WAN port for which Comexe DDNS is selected. DDNS Status: Displays the current status of DDNS service. Offline: DDNS service is disabled.  Connecting: Client is connecting to the server. ...

  • Page 115: Maintenance

    General  UPnP Function: Enable or disable the UPnP function globally. List of UPnP Mapping  After UPnP is enabled, all UPnP connection rules will be displayed in the list of UPnP Mapping. The NO.1 entry in Figure 3-76 indicates: TCP data received on port 12856 of the WAN port in the router will be forwarded to port 12856 in 192.168.0.101 server in LAN.
  • Page 116 New Password: Enter a new password for the router. Confirm New Re-enter the new password for confirmation. Password: Note: ● The factory default password and user name are both admin. ● You should enter the new user name and password when next login if the current username and password has been changed.

  • Page 117: Remote Management

    Note: ● The default Web Management Port is 80. If the port is changed, you should type in the new address, such as http://192.168.0.1:XX (“XX” is the new management port number). E.g: If the Web Management Port is changed to 88, type http://192.168.0.1:88 in the address filed to login the router.

  • Page 118: Management

    Figure 3-79 Remote Management The following items are displayed on this screen: Remote Management  Subnet/Mask: Specify a single IP address or network address for the hosts desired to access the router from external network. Status: Activate or inactivate the entry. List of Subnet ...
  • Page 119 Figure 3-81 Export and Import The following items are displayed on this screen: Configuration Version  Displays the current Configuration version of the router. Export  Click the <Export> button to save the current configuration as a file to your computer. You are suggested to take this measure before upgrading or modifying the configuration.

  • Page 120: License

    Figure 3-83 Firmware Upgrade To upgrade the router is to get more functions and better performance. Go to http://www.tp-link.com download the updated firmware. Type the path and file name of the update file into the “File” field. Or click the <Browse> button to locate the update file.

  • Page 121: Statistics

    Figure 3-84 License 3.7.4 Statistics 3.7.4.1 Interface Traffic Statistics Interface Traffic Statistics screen displays the detailed traffic information of each port and extra information of WAN ports. Choose the menu Maintenance→Statistics→Interface Traffic Statistics to load the following page. Figure 3-85 Interface Traffic Statistics The following items are displayed on this screen: Interface Traffic Statistics ...
  • Page 122 Rate Rx: Displays the rate for receiving data frames. Rate Tx: Displays the rate for transmitting data frames. Packets Rx: Displays the number of packets received on the interface. Packets Tx: Displays the number of packets transmitted on the interface. Bytes Rx: Displays the bytes of packets received on the interface.

  • Page 123: Diagnostics

    General  Enable IP Traffic Allows you to enable or disable IP Traffic Statistics. Statistics: Allows you to enable/disable refreshing the IP Traffic Statistics Enable Auto-refresh: automatically. The default refresh interval is 10 seconds. Traffic Statistics  Direction: Select the direction in the drop-down list to get the Flow Statistics of the specified direction.
  • Page 124 Figure 3-87 Diagnostics The following items are displayed on this screen: Ping  Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if you select “Auto”, the router will select the interface of destination automatically. After clicking <Start> button, the router will send Ping packets to test the network connectivity and reachability of the host and the results will be displayed in the box below.

  • Page 125: Time

    3.7.5.2 Online Detection On this page, you can detect the WAN port is online or not. Choose the menu Maintenance→Diagnostics→Online Detection to load the following page. Figure 3-88 Online Detection The following items are displayed on this screen: General  Port: Select the port to be detected.
  • Page 126 Choose the menu Maintenance→Time→Time to load the following page. Figure 3-89 Time The following items are displayed on this screen: Current Time  System Time: Displays the current date and time of the router. Time Zone: Displays the current time zone of the router. Status: Displays the status of time capturing.

  • Page 127: Daylight Saving Time

    3.7.6.2 Daylight Saving Time On this page you can configure the Daylight Saving Time of the router. Choose the menu Maintenance→Time→Daylight Saving Time to load the following page. Figure 3-90 Daylight Saving Time The following items are displayed on this screen: Daylight Saving Time(DST) State ...

  • Page 128: Logs

    Date Mode: Specify the DST configuration in Date mode. This configuration is one-off in use. Time Offset: Specify the time adding in minutes when Daylight  Saving Time comes. Start/End Time: Select the start time and end time of Daylight ...
  • Page 129 Level Description Severity The system is unusable. Emergency Action must be taken immediately. alerts Critical conditions critical Error conditions errors Warnings conditions warnings Normal but significant conditions notifications Informational messages informational Debug-level messages debugging -123-...

  • Page 130: Chapter 4 Application

    Chapter 4 Application 4.1 Network Requirements The company has established the server farms in the headquarters to provide the Web, Mail and FTP services for all the staff in the headquarters and the branch offices, and to transmit the commercial confidential data to its partners.

  • Page 131: Network Topology

    4.2 Network Topology 4.3 Configurations You can configure the router via the PC connected to the LAN port of this router. To log in to the router, the IP address of your PC should be in the same subnet of the LAN port of this router. (The default subnet of LAN port is 192.168.0.0/24.).

  • Page 132: Internet Connection

    Choose the menu Network→System Mode to load the following page. Select the NAT mode and the <Save> button to apply. Figure 4-1 System Mode 4.3.1.2 Internet Connection Configure the Static IP connection type for the WAN1 and WAN2 ports of the router. Choose the menu Network→WAN→WAN1 to load the following page.

  • Page 133: Vpn Setting

    To enable the hosts in the remote branch office (WAN: 116.31.85.133, LAN: 172.31.10.1) to access the servers in the headquarters, you can create the VPN tunnel via the TP-LINK VPN routers between the headquarters and the remote branch office to guarantee a secured communication. The following takes IPsec settings of the router in the headquarters for example.
  • Page 134 DH Group: Click the <Add> button to apply. Figure 4-4 IKE Proposal IKE Policy  Choose the menu VPN→IKE→IKE Policy to load the configuration page. Settings: Policy Name: IKE_1 Exchange Mode: Main IKE Proposal: proposal_IKE_1 (you just created) Pre-shared Key: aabbccddee SA Lifetime: 3600...
  • Page 135 Figure 4-5 IKE Policy Tips: For the VPN router in the remote branch office, the IKE settings should be the same as the router in the headquarters. IPsec Setting To configure the IPsec function, you should create an IPsec Proposal firstly. IPsec Proposal ...
  • Page 136 Figure 4-6 IPsec Proposal IPsec Policy  Choose the menu VPN→IPsec→IPsec Policy to load the configuration page. Settings: IPsec: Enable Policy Name: IPsec_1 Status: Activate Mode LAN-to-LAN Local Subnet: 192.168.0.0/24 Remote Subnet: 172.31.10.0/24 WAN: WAN1 Remote Gateway: 116.31.85.133 Exchange Mode IKE Policy: IKE_1 IPsec Proposal:...
  • Page 137 Figure 4-7 IPsec Policy Tips: For the VPN router in the remote branch office, the IPsec settings should be consistent with the router in the headquarters. The Remote Gateway of the remote router should be set to the IP address of the router in the headquarters.
  • Page 138 L2TP/PPTP Tunnel  Choose the menu VPN→L2TP/PPTP→L2TP/PPTP Tunnel to load the following page. Check the box of Enable VPN-to-Internet to allow the PPTP clients to access the local enterprise network and the Internet. Then continue with the following settings for the PPTP Tunnel. Settings: L2TP/PPTP: Enable...

  • Page 139: Network Management

    4.3.3 Network Management To manage the enterprise network effectively and forbid the Hosts within the IP range of 192.168.0.30-192.168.0.50 to use IM/P2P application, you can set up a User Group and specify the network bandwidth limit and session limit for this group. The detailed configurations are as follows. 4.3.3.1 User Group Create a User Group with all the Hosts in the IP range of 192.168.0.30-192.168.0.50 as its group...
  • Page 140 User  Choose the menu User Group→User to load the configuration page. Click the <Batch> button to enter the batch processing screen. Then continue with the following settings: Settings: Action: Start IP Address: 192.168.0.30 End IP Address: 192.168.0.50 Prefix Username: User Start No.: Step:...
  • Page 141 Application: Click the <Application List> button and select the applications desired to be blocked on the popup window. Status: Activate Figure 4-11 App Rules 4.3.3.3 Bandwidth Control To enable Bandwidth Control, you should configure the total bandwidth of interfaces and the detailed bandwidth control rule first.
  • Page 142 Interface Bandwidth Choose the menu Network→WAN→WAN1 to load the configuration page. Configure the Upstream Bandwidth and Downstream Bandwidth of the interface as Figure 4-13 shows. The entered bandwidth value should be consistent with the actual bandwidth value. Bandwidth Control Rule Choose the menu Advanced→Traffic Control→Bandwidth Control to load the configuration page.

  • Page 143: Network Security

    Max. Sessions: Status: Activate Click the <Add> button to apply. Figure 4-15 Session Limit 4.3.4 Network Security You can enable the IP-MAC Binding function to defend the ARP attack from local or public network and enable Sending GARP packets function to defend ARP attack. Moreover, you can enable DoS Defense function to implement flood defense and Packet Anomaly Defense.
  • Page 144 Figure 4-17 Scanning Result Choose the menu Firewall→Anti ARP Spoofing→IP-MAC Binding to load the configuration page. Select the ARP entries needed to be bound or click the <Select All> button, and then click the <Import>button. The ARP List will display as the following figure shows. Figure 4-18 ARP List Set IP-MAC Binding Entry Manually Configure the IP-MAC Binding entry manually and add it to ARP List.
  • Page 145 Figure 4-19 IP-MAC Binding 4.3.4.2 WAN ARP Defense To prevent the WAN ARP attack, you can bind the default gateway and IP address of WAN port. Obtain the MAC address of WAN port by ARP Scanning first. Choose the menu Firewall→Anti ARP Spoofing→ARP Scanning to load the configuration page. Enter the default gateway of the WAN port such as 58.51.128.254 in the Scanning Range field and click the <Scan>...

  • Page 146: Traffic Monitoring

    Figure 4-20 Attack Defense 4.3.4.4 Traffic Monitoring Port Mirror Choose the menu Network→Switch→Port Mirror to load the configuration page. Check the box before Enable Port Mirror and select the Ingress&Egress mode. Select the Port 5 for the Mirroring Port and the Port 3 and the Port 4 for the Mirrored ports. Click the <Save> button to apply. -140-...
  • Page 147 Figure 4-21 Port Mirror Statistics Choose the menu Maintenance→Statistics to load the page. Load the Interface Traffic Statistics page to view the traffic statistics of each physical interface of the router as Figure 4-22 shows. Figure 4-22 Interface Traffic Statistics Load the IP Traffic Statistics page, and Check the box before Enable IP Traffic Statistics and Enable Auto-refresh, then click the <Save>...
  • Page 148 Figure 4-23 IP Traffic Statistics After all the above steps, the enterprise network will be operated based on planning. -142-...

  • Page 149: Chapter 5 Cli

    Chapter 5 CLI TL-ER6120 provides a Console port for CLI (Command Line Interface) configuration, which enables you to configure the router by accessing the CLI from console (such as Hyper Terminal) or Telnet. The following part will introduce the steps to access CLI via Hyper Terminal and some common CLI commands.
  • Page 150 Figure 5-2 Connection Description Select the port (The default port is COM1) to connect in Figure 5-3, and click OK. Figure 5-3 Select the port to connect Configure the port selected in the step above as the following Figure 5-4 shows. Configure Bits per second as 115200, Data bits as 8, Parity as None, Stop bits as 1, Flow control as None, and then click OK.
  • Page 151 Figure 5-4 Port Settings Choose File → Properties → Settings on the Hyper Terminal window as Figure 5-5 shows, then choose VT100 or Auto detect for Emulation and click OK. Figure 5-5 Connection Properties Settings -145-...

  • Page 152: Interface Mode

    Figure 5-6 Log in the Router 5.2 Interface Mode The CLI of TL-ER6120 offers two command modes: User EXEC Mode and Privileged EXEC Mode. User EXEC Mode only allows users to do some simple operations such as view the system information, while Privileged EXEC Mode allows you to manage and configure the router.

  • Page 153: Online Help

    Accessing Path Prompt Logout or Access the next mode User EXEC Primary mode once TP-LINK > Use the exit command to disconnect Mode connected with the router. the router (except that the router is connected through Console port). Use the enable command to access Privileged EXEC mode.
  • Page 154 For example: ←Press Space and ? button TP-LINK > ip - Get the ip configuration Type a character string and a question mark with no space, all the commands with prefix of this character string will be listed.

  • Page 155: Command Introduction

    5.4 Command Introduction TL-ER6120 provides a number of CLI commands for users to manage the router and user information. For better understanding, each command is followed by note which is the meaning of the command. 5.4.1 ip The ip command is used to view or configure the IP address and subnet mask of the interfaces. View command can be used in both User EXEC Mode and Privileged EXEC Mode while configuration function can be only used in Privileged EXEC Mode.

  • Page 156: Sys

    ● The parameters in the brackets are default setting and you can enter the actual parameters behind them. Press Enter key directly if there are no changes. ● TL-ER6120 connects to the FTP server using port 21 by default. -150-...

  • Page 157: User

    Pay special attention that the specified account must be with appropriate permissions since the functions such as export, import and firmware upgrade require read-write operation on FTP server. TP-LINK # sys import config Import the configuration file. Server address: [192.168.1.101] The steps are as the above item shown.

  • Page 158: History

    TP-LINK > user get Query the user name and password current Username: admin Guest. Password: admin TP-LINK > user set password Modify the password of the Guest. Enter old password: Enter new password: Confirm new password: TP-LINK # user get...

  • Page 159: Exit

    TP-LINK > history View the history command. 1. history 2. sys show 3. history TP-LINK > history clear Clear the history command. 1. history 2. sys show 3. history 4. history clear 5.4.6 exit The exit command is used to exit the system when logging in by Telnet.

  • Page 160: Appendix A Hardware Specifications

    Appendix A Hardware Specifications IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3x, TCP/IP, DHCP, Standards ICMP, NAT、PPPoE, SNTP, HTTP, DNS, L2TP, PPTP, IPsec Two 10/100/1000M Auto-Negotiation WAN RJ45 port (Auto MDI/MDIX) Two 10/100/1000M Auto-Negotiation LAN RJ45 ports (Auto MDI/MDIX) Ports One 10/100/1000M Auto-Negotiation LAN/DMZ RJ45 port (Auto MDI/MDIX) One Console Port 10Base-T: UTP/STP of Cat.3 or above(≤100m)

  • Page 161: Appendix Bfaq

    192.168.0.x ("x" is any number between 2 to 254) for the IP address and 255.255.255.0 for the Subnet Mask. Test the connection between your PC and TL-ER6120 via Ping command. If you still cannot access the configuration page, please restore your router to its factory default settings and try to log in again.
  • Page 162 Q3: What can I do if the router with the remote management function enabled cannot be accessed by the remote computer? Make sure that the IP address of the remote computer is in the subnet allowed to remotely access the router. If the router’s management port has been modified, please log into the router with the new address, such as http://192.168.0.1:XX (“XX”...

  • Page 163: Appendix C Glossary

    Appendix C Glossary Glossary Description Application Level Gateway (ALG) is application specific translation agent that allows an application on a host in one ALG ( Application Layer address realm to connect to its counterpart running on a host in Gateway) different realm transparently.
  • Page 164 Glossary Description H.323 allows dissimilar communication devices to communicate with each other by using a standardized communication H.323 protocol. H.323 defines a common set of CODECs, call setup and negotiating procedures, and basic data transport methods. The protocol used by Web browsers and Web servers to HTTP(Hypertext Transfer transfer files, such as text and graphic files.
  • Page 165 Glossary Description Standardized data link layer address that is required for every port or device that connects to a LAN. Other devices in the MAC address(Media network use these addresses to locate specific ports in the Access Control address) network and to create and update routing tables and data structures.
  • Page 166 Glossary Description TCP(Transfer Control Connection-oriented transport layer protocol that provides Protocol) reliable full-duplex data transmission. TCP/IP(Transmission Common name for the suite of protocols to support the Control Protocol/ Internet construction of worldwide Internet works. TCP and IP are the Protocol) two best-known protocols in the suite.

Table of Contents