Page 41 / 83 Scroll up to view Page 36 - 40
38
Chapter 9 °
Bandwidth Control
1 )
IP Range:
Enter the IP address. The field can be single IP address or IP address range according
to your demands. When you configure the single IP address, the computer with this IP
address will get independent given bandwidth. When you configure the IP address range, all
computers in the range will share the given bandwidth.
2 )
Port Range:
Keep the default settings. The default port range of TCP protocol or UDP protocol
is from 1 to 65535.
3 )
Protocol:
Keep the default setting. Or you can choose the TCP protocol or UDP protocol or
both of them.
4 )
Priority:
Keep the default setting. You can change the value if you want to first guarantee the
bandwidth for one computer. The smaller value has the higher priority.
5 )
Upstream/Downstream:
Enter the bandwidth according to your division.
6 )
Check to enable this entry and click
OK
to save the settings.
6. Follow the steps above to add a rule for the other computer. And then you will get the following
table.
Now you and your roommate have an independent bandwidth.
Done!
Page 42 / 83
39
Chapter 10 °
Network Security
Network Security
This chapter guides you on how to protect your home network from cyber
attacks and unauthorized users by implementing these three network security
functions. You can protect your home network against DoS (Denial of Service)
attacks from flooding your network with server requests using DoS Protection,
block or allow specific client devices to access your network using Access
Control, or you can prevent ARP spoofing and ARP attacks using IP & MAC
Binding function.
This chapter contains the following sections:
Protect the Network from Cyber Attacks
Access Control
IP & MAC Binding
10. 1.
Protect the Network from Cyber Attacks
The SPI (Stateful Packet Inspection) Firewall and DoS (Denial of Service) Protection
protect the router from cyber attacks.
The SPI Firewall can prevent cyber attacks and validate the traffic that is passing through the router based on the protocol. This
function is enabled by default, and it’s recommended to keep the default setting.
DoS Protection can protect your home network against DoS attacks from flooding your network with server requests. Follow
the steps below to configure DoS Protection.
1.
Visit
http://tplinkwifi.net
, and log in with the username and password you set for the router.
2.
Go to
Advanced
>
Security
>
Settings
.
3.
Enable
DoS Protection
.
4.
Set the level (
Off
,
Low
,
Middle
or
High
) of protection for
ICMP-FLOOD Attack Filtering
,
UDP-FlOOD Attack Filtering
and
TCP-SYN-FLOOD Attack Filtering
.
ICMP-FLOOD Attack Filtering
- Enable to prevent the Internet Control Message Protocol (ICMP) flood attack.
UDP-FlOOD Attack Filtering
- Enable to prevent the User Datagram Protocol (UDP) flood attack.
TCP-SYN-FLOOD Attack Filtering
- Enable to prevent the Transmission Control Protocol-Synchronize (TCP-SYN) flood attack.
10
Page 43 / 83
40
Chapter 10 °
Network Security
Tips:
The level of protection is based on the traffic packets number. The protection will be triggered immediately when the
number of packets exceeds the preset threshold value (the value can be set on
Advanced
>
System Tools
>
System
Parameters
>
DoS Protection Level Settings
), and the vicious host will be displayed in the
Blocked DoS Host List
.
5.
Select
Forbid Lan Ping
if you want to ignore the ping packets from LAN port.
6.
Select
Forbid Wan Ping
if you want to ignore the ping packets from WAN port.
7.
Click
Save
to make the settings effective.
10. 2.
Access Control
Access Control is used to block or allow specific client devices to access your network (via wired or wireless) based on a list of
blocked devices (Blacklist) or a list of allowed devices (Whitelist).
Block or allow specific client devices to access my network (via wired or wireless).
1. Visit
http://tplinkwifi.net
, and log in with the username and password you set for the router.
2. Go to
Advanced
>
Security
>
Access Control
.
3. Enable
Access Control
.
4. Select the access mode to either block (recommended) or allow the device(s) in the list.
To block specific device(s)
1 ) Select
Blacklist
.
2 )
Select the device(s) to be blocked in the
Devices Online
table.
3 )
Click
Block
above the
Devices Online
table. The selected devices will be added to
Devices in
Blacklist
automatically.
I want to:
How can I
do that?
Page 44 / 83
41
Chapter 10 °
Network Security
To allow specific device(s)
1 )
Select
Whitelist
and click
Save
.
2 ) Click
Add
.
3 )
Enter the
Device Name
and
MAC Address
(You can copy and paste the information from the
following list if the device is connected to your network).
4 ) Click
OK
.
Now you can block or allow specific client devices to access your network (via wired or wireless)
using the
Blacklist
or
Whitelist
.
10. 3.
IP & MAC Binding
IP & MAC Binding, namely, ARP (Address Resolution Protocol) Binding, is used to bind network device’s IP address to its MAC
address. This will prevent ARP Spoofing and other ARP attacks by denying network access to an device with matching IP
address in the Binding list, but unrecognized MAC address.
Prevent ARP spoofing and ARP attacks.
1. Visit
http://tplinkwifi.net
, and log in with the username and password you set for the router.
2. Go to
Advanced
>
Security
>
IP & MAC Binding.
Done!
I want to:
How can I
do that?
Page 45 / 83
42
Chapter 10 °
Network Security
3. Enable
IP & MAC Binding
.
4. Bind your device(s) according to your need.
To bind the connected device(s)
1 )
Select the device(s) to be bound in the
ARP List
.
2 )
Click
Bind
to add to the
Binding List
.
To bind the unconnected device
1 ) Click
Add
.
2 )
Enter the
MAC address
and
IP address
that you want to bind.
3 )
Select the checkbox to enable the entry and click
OK
.
Now you don’t need to worry about ARP spoofing and ARP attacks.
Done!

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top