1. Home
    2. /
  2. Manuals
    3. /
  3. TP-Link
    4. /
  4. Archer D7
    5. /
  5. 10
Page 46 / 124 Scroll up to view Page 41 - 45
Archer
D7
AC1750 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
35
Figure 4-21
This section will guide you to configure a VPN tunnel between two Archer D7s. The topology is as
follows.
Note:
You could also use other VPN Routers to set VPN tunnels with Archer
D7
. Archer
D7
supports up
to 10 VPN tunnels simultaneously.
Click
Add New Connection
in Figure 4-21 and then you will enter the screen shown in Figure
4-22.
Page 47 / 124
Archer
D7
AC1750 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
36
Figure 4-22
IPSec Connection Name:
Enter a name for your VPN.
Remote IPSec Gateway Address (URL):
Enter the destination gateway IP address in the box
which is the public WAN IP or Domain Name of the remote VPN server endpoint. (For example:
Input
219.134.112.247
in
Device1
, Input
219.134.112.246
in
Device 2
)
Tunnel access from local IP addresses:
Choose Subnet if you want the Whole LAN to join
the VPN network, or else choose Single Address if you want single IP to join the VPN network.
IP Address for VPN:
Enter the IP address of your LAN. (For example: Input
192.168.1.1
in
Device1
, Input
192.168.2.1
in
Device2
)
IP Subnetmask:
Enter the Subnet mask of your LAN. ( For example: Input
255.255.255.0
in
both
Device1
and
Device2
)
Tunnel access from remote IP addresses:
Choose Subnet if you want the Remote Whole
LAN to join the VPN network, or else choose Single Address if you want single IP to join the
VPN network.
IP Address for VPN:
Enter the IP address of the Remote LAN. ( For example: Input
192.168.2.1
in
Device1
,Input
192.168.1.1
in
Device2
)
IP Subnetmask:
Enter the subnetmask of the remote LAN. ( For example: Input
255.255.255.0
in both
Device1
and
Device2
)
Key Exchange Method:
Select Auto (IKE) or Manual.
Authentication Method:
Select Pre-Shared Key (recommended).
Pre-Shared Key:
Input the Pre-Shared key for Authentication. (For example: Input 12345678)
Perfect Forward Secrecy:
PFS is an additional security protocol.
We recommend you leave the Advanced Settings as default value.
After complete the basic settings and click Save/Apply in both
Device1
and
Device2
, PCs in LAN1
could communicate with PCs in remote LAN2. (For example: You can ping the IP address of PC2
which is 192.168.2.100 in PC1)
Note:
The VPN Servers Endpoint from both ends must use the same pre-shared keys and Perfect
Forward Secrecy settings.
Page 48 / 124
Archer
D7
AC1750 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
37
Click
Show Advanced Settings
and then you can configure the Advanced Settings.
Figure 4-23
Mode:
Select Main Mode to configure the standard negotiation parameters for IKE phase1.
Aggressive Mode:
Select Aggressive Mode to configure IKE phase1 of the VPN Tunnel to
carry out negotiation in a shorter amount of time. (Not Recommended-Less Secure)
Note:
The difference between the two is that aggressive mode will pass more information in fewer
packets, with the benefit of slightly faster connection establishment, at the cost of transmitting the
identities of the security firewall in the clear. When using aggressive mode, some configuration
parameters such as Diffie-Hellman groups, and PFS can not be negotiated, resulting in a greater
importance of having "compatible" configuration on both ends.
Key Life Time:
Enter the number of seconds for the IPSec lifetime. It is the period of time to
pass before establishing a new IPSec security association (SA) with the remote endpoint. The
default value is 3600.
Note:
If you want to change the default settings of
Advanced Settings
, please make sure that both VPN
server endpoints use the same Encryption Algorithm, Integrity Algorithm, Diffie-Hellman Group
and Key Life time in both
phase1
and
phase2
.
4.6 IPTV
Choose “
IPTV
”, and you will see the screen as shown in Figure 4-24.
Page 49 / 124
Archer
D7
AC1750 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
38
Figure 4-24
Enable IPTV:
Check the box to enable IPTV function.
.
VPI (0~255):
Identifies the virtual path between endpoints in an ATM network. The valid range
is from 0 to 255. Please input the value provided by your ISP.
VCI (1~65535):
Identifies the virtual channel endpoints in an ATM network. The valid range is
from 1 to 65535 (1 to 31 is reserved for well-known protocols). Please input the value
provided by your ISP.
Click the
Save
button to save your settings.
4.7 DHCP Server
Choose “
DHCP Server
”, you can see the next submenus:
Click any of them, and you will be able to configure the corresponding function.
4.7.1 DHCP Settings
Choose menu “
DHCP Server
DHCP Settings
”, you can configure the DHCP Server on the
page as shown in Figure 4-25.The modem router is set up by default as a DHCP (Dynamic Host
Configuration Protocol) server, which provides the TCP/IP configuration for all the PC(s) that are
connected to the modem router on the LAN.
Page 50 / 124
Archer
D7
AC1750 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
39
Figure 4-25
Start IP Address:
Enter a value for the DHCP server to start with when issuing IP addresses.
Because the default IP address for the modem router is 192.168.1.1, the default Start IP
Address is
192.168.1.100
, and the Start IP Address must be 192.168.1.100 or greater, but
smaller than 192.168.1.254.
End IP Address:
Enter a value for the DHCP server to end with when issuing IP addresses.
The End IP Address must be smaller than 192.168.1.254. The default End IP Address is
192.168.1.254
.
Address Lease Time:
The Leased Time is the amount of time in which a network user will be
allowed connection to the modem router with their current dynamic IP address. Enter the
amount of time, in hours, then the user will be “leased” this dynamic IP address. After the
dynamic IP address has expired, the user will be automatically assigned a new dynamic IP
address. The default is
24
hours.
Default Gateway -
(Optional.) It is suggested to input the IP address of the LAN port of the
modem router. The default value is 192.168.1.1.
Default Domain -
(Optional.) Input the domain name of your network.
Primary DNS -
(Optional.) Input the DNS IP address provided by your ISP or consult your
ISP.
Secondary DNS -
(Optional.) Input the IP address of another DNS server if your ISP
provides two DNS servers.
DHCP Relay:
Select
Relay
, then you will see the next screen, and the modem router will work
as a DHCP Relay. A DHCP relay is a computer that forwards DHCP data between computers
that request IP addresses and the DHCP server that assigns the addresses. Each of the
device's interfaces can be configured as a DHCP relay. If it is enabled, the DHCP requests
from local PCs will forward to the DHCP server runs on WAN side. To have this function
working properly, please run on router mode only, disable the DHCP server on the LAN port,
and make sure the routing table has the correct routing entry.

Rate

4 / 5 based on 1 vote.

Popular TP-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top