TP-Link Archer C9 Router Manual PDF (Setup & Configuration Guide)

Page 81 / 143 Scroll up to view Page 76 - 80

Archer C9

AC1900 Wireless Dual Band Gigabit Router

3.

Select the protocol used for Trigger Port from the

Trigger Protocol

drop-down list, either

TCP

,

UDP

, or

All

.

4.

Select the protocol used for Incoming Ports from the

Incoming Protocol

drop-down list,

either

TCP

or

UDP

, or

All.

5.

Select

Enabled

in

Status

field.

6.

Click the

Save

button to save the new rule.

Figure 5-54 Add or Modify a Triggering Entry



Trigger Port

- The port for outgoing traffic. An outgoing connection using this port will trigger

this rule.



Trigger Protocol

- The protocol used for Trigger Ports, either

TCP

,

UDP

, or

All

(all

protocols supported by the router).



Incoming Port

- The port or port range used by the remote system when it responds to the

outgoing request. A response using one of these ports will be forwarded to the PC which

triggered this rule. You can input at most 5 groups of ports (or port sections). Every group of

ports must be separated with ",", for example, 2000-2038, 2046, 2050-2051, 2085,

3010-3030.



Incoming Protocol

- The protocol used for

Incoming Port

, either

TCP

,

UDP

, or

ALL

(all

protocols supported by the router).



Status

- The status of this entry, Enabled means the Port Triggering entry is enabled.



Modify

- To modify or delete an existing entry.



Common Applications

- Some popular applications already listed in the drop-down list of

Incoming Protocol

.

To modify or delete an existing entry:

1.

Find the desired entry in the table.

2.

Click

Modify

or

Delete

as desired on the

Modify

column.

- 70 -

Page 82 / 143

Archer C9

AC1900 Wireless Dual Band Gigabit Router

Click the

Enable All

button to make all entries enabled.

Click the

Disable All

button to make all entries disabled.

Click the

Delete All

button to delete all entries

Once the router is configured, the operation is as follows:

1.

A local host makes an outgoing connection to an external host using a destination port

number defined in the

Trigger Port

field.

2.

The router records this connection, opens the incoming port or ports associated with this

entry in the

Port Triggering

table, and associates them with the local host.

3.

When necessary, the external host will be able to connect to the local host using one of the

ports defined in the

Incoming Ports

field.



Note:

1.

When the trigger connection is released, the corresponding opened ports will be closed.

2.

Each rule can only be used by one host on the LAN at a time. The trigger connection of other

hosts on the LAN will be refused.

3.

Incoming Ports

ranges cannot overlap each other.

5.10.3

DMZ

Choose menu “

Advanced

→

Forwarding

→

DMZ

”, and then you can view and configure DMZ host

in the screen shown in Figure 5-55. The DMZ host feature allows one local host to be exposed to

the Internet for a special-purpose service such as Internet gaming or videoconferencing. The

router forwards packets of all services to the DMZ host. Any PC whose port is being forwarded

must have its DHCP client function disabled and should have a new static IP Address assigned to

it because its IP Address may be changed when using the DHCP function.

Figure 5-55 DMZ

To assign a computer or server to be a DMZ server:

1.

Select the

Enable

radio button.

2.

Enter the IP address of a local PC that is set to be DMZ host in the

DMZ Host IP Address

field.

3.

Click the

Save

button.

- 71 -

Page 83 / 143

Archer C9

AC1900 Wireless Dual Band Gigabit Router

5.10.4

UPnP

Choose menu “

Advanced

→

Forwarding

→

UPnP

”, and then you can view the information about

UPnP

in the screen shown in Figure 5-56. The

Universal Plug and Play (UPnP)

feature allows

the devices, such as Internet computers, to access the local host resources or devices as needed.

UPnP devices can be automatically discovered by the UPnP service application on the LAN.

Figure 5-56 UPnP Setting



Current UPnP Status -

UPnP can be enabled or disabled by clicking the

Enable

or

Disable

button. This feature is enabled by default.



Current UPnP Settings List -

This table displays the current UPnP information.



App Description

- The description about the application which initiates the UPnP

request.



External Port

- The port which the router opened for the application.



Protocol

- The type of protocol which is opened.



Internal Port

- The port which the router opened for local host.



IP Address

- The IP address of the local host which initiates the UPnP request.



Status

- Either Enabled or Disabled. "Enabled" means that the port is still active;

otherwise, the port is inactive.

Click the

Enable

button to enable UPnP.

Click the

Disable

button to disable UPnP.

Click the

Refresh

button to update the Current UPnP Settings List.

- 72 -

Page 84 / 143

Archer C9

AC1900 Wireless Dual Band Gigabit Router

5.11 Security

Figure 5-57 The Security menu

There are four submenus under the Security menu:

Basic Security

,

Advanced Security

,

Local

Management

and

Remote Management

.

Click any of them, and you will be able to configure the

corresponding functions.

5.11.1

Basic Security

Choose menu “

Advanced

→

Security

→

Basic Security

”, and then you can configure the basic

security in the screen as shown in Figure 5-58.

Figure 5-58 Basic Security



Firewall -

A firewall protects your network from the outside world. Here you can enable or

disable the router’s firewall.



SPI Firewall

- SPI (Stateful Packet Inspection, also known as dynamic packet filtering)

helps to prevent cyber attacks by tracking more state per session. It validates that the

traffic passing through the session conforms to the protocol. SPI Firewall is enabled by

factory default. If you want all the computers on the LAN exposed to the outside world,

you can disable it.

- 73 -

Page 85 / 143

Archer C9

AC1900 Wireless Dual Band Gigabit Router



VPN -

VPN Passthrough must be enabled if you want to allow VPN tunnels using VPN

protocols to pass through the router.



PPTP Passthrough

- Point-to-Point Tunneling Protocol (PPTP) allows the

Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP

tunnels to pass through the router, click

Enable

.



L2TP Passthrough

- Layer Two Tunneling Protocol (L2TP) is the method used to

enable Point-to-Point sessions via the Internet on the Layer Two level. To allow L2TP

tunnels to pass through the router, click

Enable

.



IPSec Passthrough

- Internet Protocol security (IPSec) is a suite of protocols for

ensuring private, secure communications over Internet Protocol (IP) networks, through

the use of cryptographic security services. To allow IPSec tunnels to pass through the

router, click

Enable

.



ALG -

It is recommended to enable Application Layer Gateway (ALG) because ALG allows

customized Network Address Translation (NAT) traversal filters to be plugged into the

gateway to support address and port translation for certain application layer "control/data"

protocols such as FTP, TFTP, H323 etc.



FTP ALG

- To allow FTP clients and servers to transfer data across NAT, click

Enable

.



TFTP ALG

- To allow TFTP clients and servers to transfer data across NAT, click

Enable

.



H323 ALG

- To allow Microsoft NetMeeting clients to communicate across NAT, click

Enable

.



RTSP ALG

- To allow some media player clients to communicate with some streaming

media servers across NAT, click

Enable

.

Click the

Save

button to save your settings.

5.11.2

Advanced Security

Choose menu “

Advanced

→

Security

→

Advanced Security

”, and then you can protect the router

from being attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in

Figure 5-59.

- 74 -

Rate

Popular TP-Link Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share