TP-Link TL-R480T+ User Manual
  1. Manuals
  2. Brands
  3. TP-Link Manuals
  4. Network Router
  5. SafeStream TL-R480T+
  6. User manual

TP-Link TL-R480T+ User Manual

Load balance broadband router
Hide thumbs Also See for TL-R480T+:
Table of Contents

Advertisement

Quick Links

See also: Installation Manual
TL-R480T+
Load Balance Broadband Router
Rev: 5.0.0
1910010619

Advertisement

Table of Contents
loading

Related Manuals for TP-Link TL-R480T+

Summary of Contents for TP-Link TL-R480T+

  • Page 1 TL-R480T+ Load Balance Broadband Router Rev: 5.0.0 1910010619...

  • Page 2: Fcc Statement

    No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from TP-LINK TECHNOLOGIES CO., LTD. Copyright © 2012 TP-LINK TECHNOLOGIES CO., LTD. All rights reserved. http://www.tp-link.com FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC Rules.

  • Page 3: Table Of Contents

    CONTENTS ........................1 Package Contents ....................2 Chapter 1 About this Guide Intended Readers ........................2 Conventions ...........................2 Overview of this Guide ......................2 ......................4 Chapter 2 Introduction Overview of the Router ......................4 Features..........................5 Appearance..........................6 2.3.1 Front Panel ........................6 2.3.2 Rear Panel.........................7 ..................8 Chapter 3 Quick Installation Guide Configure PC .........................8 Login ............................11 ......................18...
  • Page 4 4.5.1 NAT..........................51 4.5.2 Traffic Control ......................60 4.5.3 Session Limit ......................64 4.5.4 Load Balance......................65 4.5.5 Routing ........................70 Firewall..........................73 4.6.1 Anti ARP Spoofing ....................73 4.6.2 Attack Defense ......................76 4.6.3 MAC Filtering ......................78 4.6.4 Access Control......................79 4.6.5 App Control......................84 Services ..........................86 4.7.1 PPPoE Server......................86 4.7.2 E-Bulletin .........................93 4.7.3...

  • Page 5: Package Contents

    Package Contents The following items should be found in your package: One TL-R480T+ Load Balance Broadband Router One Power cord One Console Cable One Ethernet Cable Quick Installation Guide Mounting kits for installing in a standard 19-inch rack Resource CD Note: ●...

  • Page 6: Chapter 1 About This Guide

    Chapter 1 About this Guide This User Guide contains information for setup and management of TL-R480T+ Load Balance Broadband Router. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for Network Engineer and Network Administrator. 1.2 Conventions In this Guide the following conventions are used: The Router or TL-R480T+ mentioned in this Guide stands for TL-R480T+ Load Balance...
  • Page 7 Appendix B FAQ Provides the possible solutions to the problems that may occur during the installation and operation of the router. Appendix C Glossary Lists the glossary used in this guide.

  • Page 8: Chapter 2 Introduction

    Thanks for choosing the Load Balance Broadband Router TL-R480T+. 2.1 Overview of the Router The Load Balance Broadband Router TL-R480T+ from TP-LINK possesses excellent data processing capability and multiple powerful functions including Load Balance, Access Control, Bandwidth Control, Session Limit, PPPoE Server and so on, which consumedly meet the needs of small and medium enterprises, hotels and communities with volumes of users demanding an efficient and easy-to-manage network with high security.

  • Page 9: Features

    + Featured Link Backup to switch all the new sessions from dropped line automatically to another for keeping an always on-line network. Easy-to-use + Providing easy-to-use GUI with clear configuration steps and detailed help information for the users to configure the Router simply. + Helping administrators to monitor the whole network status and take actions to malfunctions according to the recorded log information.

  • Page 10: Appearance

    Security Built-in firewall supporting URL/MAC Filtering Supports Access Control Supports App Control Supports Attack Defense Supports IP-MAC Binding Supports GARP (Gratuitous ARP) 2.3 Appearance 2.3.1 Front Panel The front panel of TL-R480T+ is shown as the following figure. LEDs Status Indication The Router is powered on.

  • Page 11: Rear Panel

    Interface Description Interface Port Description The WAN port is for connecting the Router to a DSL/Cable modem or Ethernet by the RJ45 cable. The LAN port is for connecting the Router to the local PCs or switches by the RJ45 cable. The Console port is for connecting with the serial port of a Console computer or terminal to monitor and configure the Router.

  • Page 12: Chapter 3 Quick Installation Guide

    Chapter 3 Quick Installation Guide After connecting the TL-R480T+ router into your network, you should configure it. This chapter describes how to configure the basic functions of your TL-R480T+ Load Balance Broadband Router. These procedures only take you a few minutes. You can access the Internet via the router immediately after it has been successfully configured.
  • Page 13 Step 2: In the next screen, right click Local Area Connection (LAN), and then select Properties. Figure 3-2 Step 3: In the next screen, select General tab, highlight Internet Protocol (TCP/IP), and then click the Properties button. Figure 3-3...
  • Page 14 Step 4: Configure the IP address as shown in Figure 3-4. After that, click OK. Figure 3-4 Note: You can configure the PC to get an IP address automatically, select “Obtain an IP address automatically” and “Obtain DNS server address automatically” in the screen above. For Windows 98 OS or earlier, the PC and router may need to be restarted.

  • Page 15: Login

    Figure 3-6 You can check it by following the steps below: Note: ● Is the connection between your PC and the Router correct? The LEDs of LAN port which you link to the device and the LEDs on your PC's adapter should be lit. ●...
  • Page 16 Figure 3-7 Note: If the above screen (Figure 3-7) does not prompt, it means that your web-browser may be set to a proxy. Choose Tools menu→Internet Options→Connections→LAN Settings, in the screen that appears, cancel the Using Proxy checkbox, and click OK to finish it. After a successful login, the “Quick Setup”...
  • Page 17 Figure 3-9 WAN Mode Select the WAN port you want to use as the Figure 3-10 shown, and then click <Next> to load the WAN Connection Type screen. Figure 3-10 WAN Port Select the connection type provided by your ISP as the Figure 3-11 shown. Three popular types are provided here.
  • Page 18 Figure 3-11 WAN Connection Type If you choose PPPoE, you will see the screen as the Figure 3-12 shown. Enter the Account Name and Password provided by your ISP (Internet Service Provider). Figure 3-12 WAN Connection Type - PPPoE Click <Next> to dial up, and the process will take a few minutes. The process of configuring the network parameters is shown as Figure 3-13.
  • Page 19 Figure 3-13 WAN Connection Type – PPPoE Connecting If your ISP assigns the IP address automatically, please choose the Dynamic IP connection type to obtain the parameters for WAN port automatically. The process for obtain the parameter may take a few minutes as Figure 3-14 shown. If you close the screen during the process, the configuration will still be continued in the background.
  • Page 20 Figure 3-15 WAN Connection Type - Static IP Then click <Next>. The process for configuring the network parameters is shown as Figure 3-16. If you close the screen during the process, the configuration will still be continued in the background. If you have difficulty in this process, please contact your ISP.
  • Page 21 Figure 3-17 Configuration Completed -17-...

  • Page 22: Chapter 4 Configuration

    Chapter 4 Configuration 4.1 Status The Status page shows the system information, the port connection status and other information related to this Router. Choose the menu Status to load the following page. Figure 4-1 Status 4.2 Quick Setup Please refer to the Chapter 3 Quick Installation Guide.

  • Page 23: Network

    4.3 Network 4.3.1 WAN 4.3.1.1 WAN Mode TL-R480T+ provides four available WAN ports. You can set the number of WAN ports on this page. Choose the menu Network→WAN→WAN Mode to load the following page. Figure 4-6 WAN Mode WAN Mode WAN Ports: Select the total number of WAN ports you prefer to use.
  • Page 24 Tips: ● It’s allowed to set the IP addresses of multiple WAN ports within the same subnet. However, to guarantee a normal communication, make sure that the WAN ports can access the same network, such as Internet or a local area network. ●...
  • Page 25 Default Gateway: Optional. Enter the Gateway assigned by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the physical network. It can be set in the range of 576-1500. The default MTU is 1500. You are recommended to keep the default value if no other MTU value is provided by your ISP.
  • Page 26 Figure 4-8 WAN – Dynamic IP The following items are displayed on this screen: Dynamic IP Connection Type: Select Dynamic IP if your ISP assigns the IP address automatically. Click <Obtain> to get the IP address from your ISP’s server. Click <Release>...
  • Page 27 Get IP Address by The broadcast requirement may not be supported by a few ISPs. Unicast: Select this option if you can not get the IP address from your ISP even with a normal network connection. This option is not required generally.
  • Page 28 Primary DNS: Displays the IP address of your ISP’s Primary DNS. Secondary DNS: Displays the IP address of your ISP’s Secondary DNS. PPPoE If your ISP (Internet Service Provider) has provided the account information for the PPPoE connection, please choose the PPPoE connection type (Used mainly for DSL Internet service). -24-...
  • Page 29 Figure 4-9 WAN - PPPoE The following items are displayed on this screen: PPPoE Settings -25-...
  • Page 30 Connection Type: Select PPPoE if your ISP provides xDSL Virtual Dial-up connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet and release the current IP address. Account Name: Enter the Account Name provided by your ISP. If you are not clear, please consult your ISP.
  • Page 31 Service Name: Optional. Enter the Service Name provided by your ISP. It's null by default. Enter the IP address of your ISP’s Primary DNS. Primary DNS: Secondary DNS: Optional. Enter the IP address of your ISP’s Secondary DNS. Secondary Connection: Here allows you to configure the secondary connection.
  • Page 32 manually terminated or the Router gets no response from your ISP. Please ensure that your settings are correct and your network is connected well. Consult your ISP if this problem remains. Displays the IP address assigned by your ISP. IP Address: Gateway Address: Displays the Gateway Address assigned by your ISP.
  • Page 33 Figure 4-10 WAN - L2TP The following items are displayed on this screen: L2TP Settings Connection Type: Select L2TP if your ISP provides a L2TP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet and release the current IP address.
  • Page 34 Account Name: Enter the Account Name provided by your ISP. If you are not clear, please consult your ISP. Enter the Password provided by your ISP. Password: Server IP: Enter the Server IP provided by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the physical network.
  • Page 35 Default Gateway: If Static IP is selected, configure the default gateway. If Dynamic IP is selected, the obtained default gateway is displayed. Primary DNS/Secondary DNS: If Static IP is selected, configure the DNS. If Dynamic IP is selected, the obtained DNS is displayed. Specify the bandwidth for transmitting packets on the port.
  • Page 36 PPTP If your ISP (Internet Service Provider) has provided the account information for the PPTP connection, please choose the PPTP connection type. Figure 4-11 WAN - PPTP The following items are displayed on this screen: PPTP Settings Connection Type: Select PPTP if your ISP provides a PPTP connection. Click <Connect>...
  • Page 37 address. Click <Disconnect> to disconnect the Internet and release the current IP address. Account Name: Enter the Account Name provided by your ISP. If you are not clear, please consult your ISP. Enter the Password provided by your ISP. Password: Server IP: Enter the Server IP provided by your ISP.
  • Page 38 Default Gateway: If Static IP is selected, configure the default gateway. If Dynamic IP is selected, the obtained default gateway is displayed. Primary DNS/Secondary DNS: If Static IP is selected, configure the DNS. If Dynamic IP is selected, the obtained DNS is displayed. Specify the bandwidth for transmitting packets on the port.
  • Page 39 BigPond If your ISP (Internet Service Provider) has provided the account information for the BigPond connection, please choose the BigPond connection type. Figure 4-12 WAN – Bigpond The following items are displayed on this screen: BigPond Settings Select BigPond if your ISP provides a BigPond connection. Click Connection Type: <Connect>...
  • Page 40 Password: Enter the Password provided by your ISP. If you are not clear, please consult your ISP. Enter the address of authentication server. It can be IP address or Auth Server: server name. Auth Domain: Enter the domain name of authentication server. It's only required when the address of Auth Server is a server name.

  • Page 41: Lan

    network is connected well. Consult your ISP if this problem remains. IP Address: Displays the IP address assigned by your ISP. Displays the Subnet Mask assigned by your ISP. Subnet Mask: Default Gateway: Displays the IP address of the default gateway assigned by your ISP.
  • Page 42 Note: If the LAN IP address is changed, you must use the new IP address to login to the Router. To guarantee a normal communication, please be sure that the Gateway address and the Subnet Mask of the Hosts are consistent with that of the Router accordingly. 4.3.2.2 DHCP The Router with its DHCP (Dynamic Host Configuration Protocol) server enabled can automatically...

  • Page 43: Dhcp Reservation

    Lease Time: Specify the length of time the DHCP server will reserve the IP address for each computer. After the IP address expired, the client will be automatically assigned a new one. Default Gateway: Optional. Enter the Gateway address to be assigned. It is recommended to enter the IP address of the LAN port of the Router.
  • Page 44 Figure 4-16 DHCP Reservation The following items are displayed on this screen: DHCP Reservation MAC Address: Enter the MAC address of the computer for which you want to reserve the IP address. Enter the reserved IP address. IP Address: Description: Optional.

  • Page 45: Mac Address

    4.3.3 MAC Address The MAC (Media Access Control) address, as the unique identifier of the router in network, does not need to be changed commonly. Set the MAC Address for LAN port: In a complex network topology with all the ARP bound devices, if you want to use TL-R480T+ instead of the current router in a network node, you can just set the MAC address of TL-R480T+’s LAN port the same to the MAC address of the previous router, which can avoid all the devices under this network node to update their ARP binding tables.

  • Page 46: Switch

    MAC Clone: It’s only available for WAN port. Click the <Restore Factory MAC> button to restore the MAC address to the factory default value or click the <Clone Current PC’s MAC> button to clone the MAC address of the PC you are currently using to configure the Router. Then click <Save>...

  • Page 47: Port Mirror

    The following items are displayed on this screen: Statistics Displays the number of normal unicast packets received or transmitted Unicast: on the port. Broadcast: Displays the number of normal broadcast packets received or transmitted on the port. Displays the number of flow control frames received or transmitted on Pause: the port.
  • Page 48 Figure 4-22 Port Mirror The following items are displayed on this screen: General Enable Port Mirror: Check the box to enable the Port Mirror function. If unchecked, it will be disabled. Mode: Select the mode for the port mirror function. Options include: Ingress: When this mode is selected, only the incoming packets sent by the mirrored port will be copied to the mirroring port.

  • Page 49: Rate Control

    Tips: If both the mirrored port and the mirroring port are the LAN ports, these two LAN ports should be in the same Port VLAN. For example, if port 3 (the mirroring port) and port 4 (the mirrored port) are the LAN ports, the Port Mirror function can take effect only when port 3 and port 4 are in the same Port VLAN.

  • Page 50: Port Config

    Figure 4-23 Rate Control The following items are displayed on this screen: Rate Control Displays the port number. Port: Ingress Limit: Specify whether to enable the Ingress Limit feature. Ingress Rate: Specify the limit rate for the ingress packets. Egress Limit: Specify whether to enable Egress Limit feature.

  • Page 51: Port Status

    Figure 4-24 Port Config The following items are displayed on this screen: Port Config Status: Specify whether to enable the port. The packets can be transported via this port after being enabled. Flow Control: Allows you to enable/disable the Flow Control function. Select the Negotiation Mode for the port.

  • Page 52: User Group

    4.3.4.6 Port VLAN A VLAN (Virtual Local Area Network) is a network topology configured according to a logical scheme rather than the physical layout, which allows you to divide the physical LAN into multiple logical LANs so as to control the communication among the ports . The VLAN function can prevent the broadcast storm in LANs and enhance the network security.

  • Page 53: Group

    4.4.1 Group On this page you can define the group for management. Choose the menu User Group→Group to load the following page. Figure 4-27 Group Configuration The following items are displayed on this screen: Group Config Specify a unique name for the group. Group Name: Description: Give a description for the group.

  • Page 54: View

    The following items are displayed on this screen: User Config User Name: Specify a unique name for the user. Enter the IP Address of the user. It cannot be the network address or IP Address: broadcast address of the port. Description: Give a description to the user for identification.

  • Page 55: Advanced

    View Config Select the desired view for configuration. View: User Name: Select the name of the desired User. Displays the Groups that the User can join. Available Group: Selected Group: Displays the Groups to which this User belongs. Select the name of the desired Group. Group Name: Group Structure: Click this button to view the tree structure of this group.
  • Page 56 Figure 4-30 NAT Setup The following items are displayed on this screen: NAPT Enter the source port range between 2049 and 65000, the span of which Source Port Range: must be not less than 100. NAT-DMZ NAT-DMZ: Enable or disable NAT-DMZ. NAT DMZ is a special service of NAT application, which can be considered as a default forwarding rule.
  • Page 57 Figure 4-31 NAT Setup The following items are displayed on this screen: One-to-One NAT Mapping IP Address: Enter the Original IP Address in the first checkbox and Translated IP Address in the second checkbox. TL-R480T+ allows mapping from LAN port to WAN port. Interface: Select an interface for forwarding data packets.
  • Page 58 4.5.1.3 Multi-Nets NAT Multi-Nets NAT functions to allow the IP under LAN within multiple subnets to access the Internet via NAT. Choose the menu Advanced→NAT→Multi-Nets NAT to load the following page. Figure 4-32 Multi-Nets NAT The following items are displayed on this screen: Multi-Nets NAT Subnet/Mask: Enter the subnet/mask to make the address range for the entry.
  • Page 59 Application Example: Network Requirements The LAN subnet of TL-R480T+ is 192.168.0.0 /24, the subnet of VLAN2 under a three layer switch is 192.168.2.0 /24, while the subnet of VLAN3 is 192.168.3.0 /24. The IP of VLAN for cascading the switch to the Router is 192.168.0.2. Now the hosts within VLAN2 and VLAN3 desire to access the Internet.

  • Page 60: Virtual Server

    Then set the corresponding Static Route entry, enter the IP address of the interface connecting the Router and the three layer switch into the Next Hop field. Choose the menu Advanced→Routing→Static Route to load the following page. The set Static Route entry is as follows: 4.5.1.4 Virtual Server Virtual server can be used for setting up public services in your private network, such as DNS, Email...
  • Page 61 Figure 4-33 Virtual Server The following items are displayed on this screen: Virtual Server Name: Enter a name for Virtual Server entries. Up to 28 characters can be entered. Enter the service port or port range provided by Router for accessing External Port: external network.

  • Page 62: Port Triggering

    Note: ● The External port and Internal Port should be set in the range of 1-65535. ● The external ports of different entries should be different, whereas the internal ports can be the same. List of Rules In this table, you can view the information of the entries and edit them by the Action buttons. The first entry in Figure 4-33 indicates: This is a Virtual Server entry named host1, all the TCP data packets from Internet to port 65534-65535 of the Router will be redirected to the port 65534-65535 of the LAN host with IP address of 192.168.0.103, and this entry is activated.
  • Page 63 Port Triggering Enter a name for Port Triggering entries. Up to 28 characters can be Name: entered. Trigger Port: Enter the trigger port number or range of port numbers. Only when the trigger port initiates connection will all the corresponding incoming ports open and provide service for the applications, otherwise the incoming ports will not open.

  • Page 64: Traffic Control

    Choose the menu Advanced→NAT→ALG to load the following page. Figure 4-35 ALG The following items are displayed on this screen: FTP ALG: Enable or disable FTP ALG. The default setting is enabled. It is recommended to keep the default setting if no special requirement.
  • Page 65 Figure 4-36 Configuration The following items are displayed on this screen: General Disable Bandwidth Select this option to disable Bandwidth Control. Control: Enable Bandwidth Select this option to enable Bandwidth Control all the time. Control all the time: With this option selected, the Bandwidth Control will take effect when the Enable Bandwidth Control When:...

  • Page 66: Bandwidth Control

    Interface Bandwidth Interface: Displays the current enabled WAN port(s). The Total bandwidth is equal to the sum of bandwidth of the enabled WAN ports. Displays the bandwidth of each WAN port for transmitting data. The Upstream Bandwidth: Upstream Bandwidth of WAN port can be configured on WAN page. Downstream Displays the bandwidth of each WAN port for receiving data.
  • Page 67 Bandwidth Control Rule Direction: Select the data stream direction for the entry. The direction of arrowhead indicates the data stream direction WAN-ALL means all WAN ports through which the data flow might pass. Individual WAN port cannot be selected after WAN-ALL rules are added. Group: Select the group to define the controlled users.

  • Page 68: Session Limit

    Note: ● The premise for single rule taking effect is that the bandwidth of the interface for this rule is sufficient and not used up. ● It is impossible to satisfy all the guaranteed bandwidth if the total guaranteed bandwidth specified by all Bandwidth Control rules for certain interface exceeds the physical bandwidth of this interface.

  • Page 69: Configuration

    Session Limit Group: Select a group to define the controlled user. Max. Sessions: Enter the max. Sessions for the users. Give a description for the entry. Description: Activate or inactivate the entry. Status: List of Session Limit You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 4-38 indicates: The amount of maximum sessions for the hosts within group1 is 100 and this entry is enabled.

  • Page 70: Policy Routing

    Figure 4-40 Configuration With the box before Enable Application Optimized Routing checked, the Router will consider the source IP address and destination IP address of the packets as a whole and record the WAN port they pass through. And then the packets with the same source IP address and destination IP address or destination port will be forwarded to the recorded WAN port.

  • Page 71: Link Backup

    The following items are displayed on this screen: General Protocol: Select the protocol for the entry in the drop-down list. If the protocol you want to set is not in the list, you can add it to the list on 4.3.4.4 Protocol page.
  • Page 72 On this page, you can configure the Link Backup function based on actual need to reduce the traffic burden of WAN port and improve the network efficiency. Choose the menu Advanced→Load Balance→Link Backup to load the following page. Figure 4-42 Link Backup The following items are displayed on this screen: General WAN Ports:...
  • Page 73 Timing: Link Backup will be enabled if the specified effective time is reached. All the traffic on the primary WAN will switch to the backup WAN at the beginning of the effective time; the traffic on the backup WAN will switch to the primary WAN at the ending of the effective time.

  • Page 74: Routing

    Figure 4-43 Protocol The following items are displayed on this screen: Protocol Name: Enter a name to indicate a protocol. The name will display in the drop-down list of Protocol on Access Rule page. Enter the Number of the protocol in the range of 0-255. Number: List of Protocol You can view the information of the entries and edit them by the Action buttons.
  • Page 75 Choose the menu Advanced→Routing→Static Route to load the following page. Figure 4-44 Static Route The following items are displayed on this screen: Static Route Destination: Enter the destination host the route leads to. Enter the Subnet Mask of the destination network. Subnet Mask: Next Hop: Enter the gateway IP address to which the packet should be sent next.
  • Page 76 The first entry in Figure 4-44 indicates: If there are packets being sent to a device with IP address of 211.162.1.0 and subnet mask of 255.255.255.0, the Router will forward the packets from WAN1 port to the next hop of 211.200.1.1. Application Example There is a network topology as the following figure shown: If the LAN port of TL-R480T+(with Non-NAT or Classic system mode)is connected to LAN1 with...

  • Page 77: Firewall

    4.6 Firewall 4.6.1 Anti ARP Spoofing ARP (Address Resolution Protocol) is used to analyze and map IP addresses to the corresponding MAC addresses so that packets can be delivered to their destinations correctly. ARP functions to translate the IP address into the corresponding MAC address and maintain an ARP Table, where the latest used IP address-to-MAC address mapping entries are stored.

  • Page 78: Arp Scanning

    General It is recommended to check all the options. You should import the IP and MAC address of the host to List of IP-MAC Binding and enable the corresponding entry before enabling “Permit the packets matching the IP-MAC Binding entries only”. When suffered ARP attack, the correct ARP information will be sent to the device suffering attack initiatively by GARP (Gratuitous ARP) packets, thus the error ARP information of the device will be replaced.

  • Page 79: Arp List

    Figure 4-48 ARP Scanning Enter the start and the end IP addresses in the Scanning IP Range field. Then click the <Scan> button, the Router will scan all the active hosts within the scanning range and display the result in the list. The entries displayed on the List of Scanning Result do not mean the IP and MAC addresses are already bound.

  • Page 80: Attack Defense

    Figure 4-49 ARP List The configurations for the entries is the same as the configuration of List of Scanning Result on 4.4.1.2 ARP Scanning page. The unbound IP-MAC information will be replaced by new IP-MAC information or be automatically removed from the list if it has not been communicated with others for a long time. This period is regarded as the aging time of the ARP information.
  • Page 81 Figure 4-50 Attack Defense The following items are displayed on this screen: General Flood attack is a kind of commonly used DoS (Denial of Service), Flood Defense: which including TCP SYN, UDP, ICMP and so on. It is recommended to check all the Flood Defense options and specify the corresponding thresholds.

  • Page 82: Mac Filtering

    Packet Anomaly Packet Anomaly refers to the abnormal packets. It is Defense: recommended to select all the Packet Anomaly Defense options. With this box checked, the Router will record the defense logs. Enable Attack Defense Logs: MAC Filtering 4.6.3 On this page, you can control the access to the Internet of local host by specifying their MAC addresses.

  • Page 83: Access Control

    List of Rules You can view the information of the entries and edit them by the Action buttons. 4.6.4 Access Control 4.6.4.1 URL Filtering URL (Uniform Resource Locator) specifies where an identified resource is available and the mechanism for retrieving it. URL Filter functions to filter the Internet URL address, so as to provide a convenient way for controlling the access to Internet from LAN hosts.
  • Page 84 Group: URL Filtering will take effect to all the users in group. Mode: Select the mode for URL Filtering. “Keyword’’ indicates that all the URL addresses including the specified keywords will be filtered. “URL Path” indicates that the URL address will be filtered only when it exactly matches the specified URL.

  • Page 85: Web Filtering

    4.6.4.2 Web Filtering On this page, you can filter the desired web components. Choose the menu Firewall→Access Control→Web Filtering to load the following page. Figure 4-53 Web Filtering Check the box before Enable Web Filtering and select the web components to be filtered. 4.6.4.3 Access Rules Choose the menu Firewall→Access Control→Access Rules to load the following page.
  • Page 86 Policy: Select a policy for the entry: Block: When this option is selected, the packets obeyed the rule will not be allowed to pass through the Router. Allow: When this option is selected, the packets obeyed the rule will be allowed to pass through the Router. Service: Select the service for the entry.
  • Page 87 List of Rules You can view the information of the entries and edit them by the Action buttons. The smaller the value is, the higher the priority is. The first entry in Figure 4-54 indicates: The TELNET packets transmitted from the hosts within the network of 192.168.0.0/24 will be not allowed to pass through the Router at 8:00-20:00 from Tuesday to Saturday.

  • Page 88: App Control

    Service Enter a name for the service. The name should not be more than 28 Name: characters. The name will display in the drop-down list of Protocol on Access Rule page. Select the protocol for the service. The system predefined protocols Protocol: include TCP, UDP and TCP/UDP.
  • Page 89 Figure 4-56 Application Rules The following items are displayed on this screen: General Check the box before Enable Application Control to make the Application Control function take effect. The specified application used by the specified local users will be not allowed to access the Internet if the Application Control entry is enabled.

  • Page 90: Services

    The database refers to all the applications in the application list on the Application Rules page, you can download the latest database from http://www.tp-link.com, Click the <Browse> button and select the file, and then click the <Upgrade> button to upgrade the database.
  • Page 91 4.7.1.1 General On this page, you can configure PPPoE function globally. Choose the menu Services→PPPoE Server→General to load the following page. Figure 4-58 General The following items are displayed on this screen: General PPPoE Server: Specify whether to enable the PPPoE Server function. Dial-up Access Only: Specify whether to enable the Dial-up Access Only function.
  • Page 92 Max Echo-Requests: Specify the maximum number of Echo-Requests sent by the server to wait for response. The default is 10. The link will be dropped when the number of the unacknowledged LCP echo requests reaches your specified Max Echo-Requests. Idle Timeout: Enter the maximum idle time.
  • Page 93 Figure 4-59 IP Address Pool The following items are displayed on this screen: IP Address Pool Pool Name: Specify a unique name to the IP Address Pool for identification and management purposes. Specify the start and the end IP address for IP Pool. The start IP address IP Address Range: should not exceed the end address and the IP address ranges must not overlap.
  • Page 94 Figure 4-60 Account The following items are displayed on this screen: Account Enter the account name. This name should not be the same with the Account Name: one in L2TP/PPTP connection settings. Password: Enter the password. IP Address Assigned Select the IP Address Assigned Mode for IP assignment. Mode: Static: Select this option to assign a static IP address to the client.
  • Page 95 Description: Enter the description for management and search purposes. Up to 28 characters can be entered. Activate or inactivate the entry. Status: MAC Binding: Select a MAC Binding type from the pull-down list. Options include: Disable: Select this option to disable the MAC Binding function. Manual: Select this option to bind the account to a MAC address manually.
  • Page 96 Figure 4-61 Exceptional IP The following items are displayed on this screen: Exceptional IP IP Address Range: Specify the start and the end IP address to make an exceptional IP address range. This range should be in the same IP range with LAN port of the Router.

  • Page 97: E-Bulletin

    4.7.2 E-Bulletin With E-Bulletin function, bulletin information can be released to the specified users. On this page you can edit the bulletin content and specify the receiving user group. Choose the menu Services→E-Bulletin to load the following page. Figure 4-63 E-Bulletin The following items are displayed on this screen: General Specify whether to enable electronic bulletin function.

  • Page 98: Dynamic Dns

    Enable Logs: Specify whether to log the E-Bulletin. E-Bulletin Title: Enter a title for the bulletin. Enter the content of the bulletin. Content: Object: Select the object of this bulletin. Options include: ANY: The bulletin will be released to all the users and the PCs on the LAN.
  • Page 99 As many ISPs use DHCP to assign public IP addresses in WAN, the public IP address assigned to the client is unfixed. In this way, it’s very difficult for other clients to get the latest IP address of this client for access.
  • Page 100 Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of Dyndns for register. Enter the password of your DDNS account. Password: Domain Name: Enter the Domain Name that you registered with your DDNS service provider.
  • Page 101 Figure 4-65 NO-IP DDNS The following items are displayed on this screen: No-IP DDNS Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of No-IP for register. Enter the password of your DDNS account.
  • Page 102 4.7.3.3 PeanutHull On this page you can configure PeanutHull DDNS client. Choose the menu Services→Dynamic DNS→PeanutHull to load the following page. Figure 4-66 PeanutHull DDNS The following items are displayed on this screen: PeanutHull DDNS Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register>...
  • Page 103 DDNS Status: Displays the current status of DDNS service Offline: DDNS service is disabled. Connecting: client is connecting to the server. Online: DDNS works normally. Authorization fails: The Account Name or Password is incorrect. Please check and enter it again. Domain Name: Displays the domain names obtained from the DDNS server.

  • Page 104: Upnp

    Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of Comexe for register. Enter the password of your DDNS account. Password: Domain Name 1: Enter the Domain Name that you registered with your DDNS service provider.
  • Page 105 If UPnP groupware are installed in the host in LAN and UPnP function is enabled for the Router, the host in LAN can automatically open the corresponding port to allow the UPnP application in WAN to access the resource of the host in LAN via this port, so that the functions limited to NAT can work normally.

  • Page 106: Maintenance

    4.8 Maintenance 4.8.1 Admin Setup 4.8.1.1 Administrator On this page, you can modify the factory default user name and password of the Router. Choose the menu Maintenance→Admin Setup→Administrator to load the following page. Figure 4-69 Administrator The following items are displayed on this screen: Administrator Current User Name: Enter the current user name of the Router.

  • Page 107: Login Parameter

    4.8.1.2 Login Parameter On this page, you can configure and modify the Web and Telnet port. Choose the menu Maintenance→Admin Setup→Login Parameter to load the following page. Figure 4-70 Login Parameter The following items are displayed on this screen: General Enter the Web Management Port for the Router.

  • Page 108: Remote Management

    Type 210.10.10.0/24 in the Subnet/Mask field on Remote Management page and enable the entry as the following figure shows. Then type the corresponding port number in Web Management Port and Telnet Management Port fields as the following figure shows. Finally, start the web browser and type 210.10.10.50 in the URL field to log in the Web management page of the Router.

  • Page 109: Management

    List of Subnet In this list, you can view the Remote Management entries and edit them by the Action buttons. The first entry in Figure 4-71 indicates that: The hosts with IP address in subnet of 192.168.2.0/24 are allowed to access the Router and this entry is activated. 4.8.2 Management 4.8.2.1 Factory Defaults...

  • Page 110: Firmware Upgrade

    To avoid damage, please don't turn off the device while rebooting. 4.8.2.4 Firmware Upgrade Choose the menu Maintenance→Management →Firmware Upgrade to load the following page. Figure 4-75 Firmware Upgrade To upgrade the Router is to get more functions and better performance. Go to http://www.tp-link.com download the updated firmware. -106-...

  • Page 111: Statistics

    Type the path and file name of the update file into the “File” field. Or click the <Browse> button to locate the update file. Then click the <Upgrade> button to complete. Note: ● After upgrading, the device will reboot automatically. ●...

  • Page 112: Diagnostics

    Interface: Displays the interface. IP Fragment Rx: Displays the amount of IP Fragments received by WAN port. Abnormal IP Packets Rx: Displays the rate for transmitting data frames. 4.8.3.2 IP Traffic Statistics IP Traffic Statistics screen displays the detailed traffic information of each PC on LAN. Choose the menu Maintenance→Statistics→IP Traffic Statistics to load the following page.
  • Page 113 Choose the menu Maintenance→Diagnostics→Diagnostics to load the following page. Figure 4-78 Diagnostics The following items are displayed on this screen: Ping Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if you select “Auto”, the Router will select the interface of destination automatically.
  • Page 114 Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if Auto is selected, the Router will select the interface of destination automatically. After clicking the <Start> button, the Router will send Tracert packets to test the connectivity of the gateways during the journey from the source to destination of the test data and the results will be displayed in the box below.

  • Page 115: Time

    Port: Displays the detected WAN port. Detection: Displays whether the Online Detection is enabled. WAN Status: Display the detecting results. Time 4.8.5 System Time is the time displayed while the Router is running. On this page you can configure the system time and the settings here will be used for other time-based functions like Access Rule, PPPoE and Logs.

  • Page 116: Logs

    Manual: With this option selected, you can set the date and time manually. Synchronize with With this option selected, the administrator PC’s clock is utilized. PC’S Clock: Note: ● If Get GMT function cannot be used properly, please add an entry with UDP port of 123 to the firewall software of the PC.
  • Page 117 Level Description Severity The system is unusable. emergencies Action must be taken immediately. alerts Critical conditions critical Error conditions errors Warnings conditions warnings Normal but significant conditions notifications Informational messages informational Debug-level messages debugging -113-...

  • Page 118: Appendix A Hardware Specifications

    Appendix A Hardware Specifications IEEE 802.3, 802.3u Standards and Protocols TCP/IP, PPPoE, DHCP, ICMP, NAT, SNTP,HTTP,DNS One 10/100 Auto-Negotiation WAN RJ45 port (Auto MDI/MDIX) Three adjustable 10/100M Auto-Negotiation WAN/LAN RJ45 ports (Auto MDI/MDIX) Ports One 10/100M Auto-Negotiation LAN RJ45 port (Auto MDI/MDIX) One Console Port 10Base-T: UTP/STP of Cat.

  • Page 119: Appendix Bfaq

    Appendix B FAQ Q1. What can I do if I cannot access the web-based configuration page? For the first login, please try the following steps: Make sure the cable is well connected to the LAN port of the Router. The corresponding LED should flash or be solid light.
  • Page 120 Q3: What can I do if the Router with the remote management function enabled cannot be accessed by the remote computer? Make sure that the IP address of the remote computer is in the subnet allowed to remotely access the router. If the router’s management port has been modified, please log into the Router with the new address, such as http://192.168.0.1:XX (“XX”...

  • Page 121: Appendix C Glossary

    Appendix C Glossary Glossary Description A technology that allows data to be sent or received over DSL(Digital Subscriber existing traditional phone lines. Line) Application Level Gateway (ALG) is application specific translation agent that allows an application on a host in one ALG (...
  • Page 122 Glossary Description H.323 allows dissimilar communication devices to communicate with each other by using a standardized communication H.323 protocol. H.323 defines a common set of CODECs, call setup and negotiating procedures, and basic data transport methods. The protocol used by Web browsers and Web servers to HTTP(Hypertext Transfer transfer files, such as text and graphic files.
  • Page 123 Glossary Description Standardized data link layer address that is required for every port or device that connects to a LAN. Other devices in the MAC address(Media network use these addresses to locate specific ports in the Access Control address) network and to create and update routing tables and data structures.
  • Page 124 Glossary Description Telnet is used for remote terminal connection, enabling users to Telnet(Telecommunication log in to remote systems and use resources as if they were Network protocol) connected to a local system. UDP is a simple protocol that exchanges datagrams without UDP(User Datagram acknowledgments or guaranteed delivery, requiring that error Protocol)...

Table of Contents