1. Home
    2. /
  2. Manuals
    3. /
  3. TP-Link
    4. /
  4. TD-W8950ND
    5. /
  5. 13
Page 61 / 94 Scroll up to view Page 56 - 60
TD-W8950ND
150Mbps Wireless Lite N ADSL2+ Modem Router User Guide
If you want to select the tone, click the Tone Selection button to go to the ADSL Tone Settings
page as shown in Figure 4-68.
Figure 4-68
4.5.10 Port Mapping
Choose “Advanced Setup
Port Mapping” menu, you can view and configure the parameters in
the screen as shown in Figure 4-69.
Port Mapping supports multiple ports to PVC and bridging groups. Each group will perform as an
independent network.
Figure 4-69
To add a Port Mapping group:
1.
Click the Add button, and Figure 4-70 pop up, and then you will set the port mapping group.
54
Page 62 / 94
TD-W8950ND
150Mbps Wireless Lite N ADSL2+ Modem Router User Guide
Figure 4-70
2.
Enter the Group name and select interfaces from the available interface list and add it to the
grouped interface list using the arrow buttons to create the required mapping of the ports. The
group name must be unique. The max length is 15.
Click Save/Apply button to make the changes effective immediately
)
Note:
Group name only can be a number or letter 0("A~Z" or "a~z").
4.5.11 IPSec
Choose “Advanced Setup
IPSec”, you can Add/Remove or Enable/Disable the IPSec tunnel
connections on the screen as shown in Figure 4-71.
Figure 4-71
This section will guide you to configure a VPN tunnel between two TD-W8950NDs. The topology is
as follows.
55
Page 63 / 94
TD-W8950ND
150Mbps Wireless Lite N ADSL2+ Modem Router User Guide
)
Note:
You could also use other VPN Routers to set VPN tunnels with TD-W8950ND. TD-W8950ND
supports up to 10 VPN tunnels simultaneously.
Click Add New Connection in Figure 4-71 and then you will enter the screen shown in Figure 4-72.
Figure 4-72
¾
IPSec Connection Name: Enter a name for your VPN.
56
Page 64 / 94
TD-W8950ND
150Mbps Wireless Lite N ADSL2+ Modem Router User Guide
¾
Remote IPSec Gateway Address: Enter the destination gateway IP address in the box which is
the public WAN IP or Domain Name of the remote VPN server endpoint. (For example: Input
219.134.112.247 in Device1, Input 219.134.112.246 in Device 2)
¾
Tunnel access from local IP addresses: Choose Subnet if you want the Whole LAN to join the
VPN network, or else choose Single Address if you want single IP to join the VPN network.
¾
IP Address for VPN: Enter the IP address of your LAN. (For example: Input 192.168.1.1 in
Device1, Input 192.168.2.1 in Device2)
¾
IP Subnetmask: Enter the Subnet mask of your LAN. ( For example: Input 255.255.255.0 in
both Device1 and Device2)
¾
Tunnel access from remote IP addresses: Choose Subnet if you want the Remote Whole LAN
to join the VPN network, or else choose Single Address if you want single IP to join the VPN
network.
¾
IP Address for VPN: Enter the IP address of the Remote LAN. ( For example: Input
192.168.2.1 in Device1,Input 192.168.1.1 in Device2)
¾
IP Subnetmask: Enter the subnetmask of the remote LAN. ( For example: Input 255.255.255.0
in both Device1 and Device2)
¾
Key Exchange Method: Select Auto (IKE) or Manual.
¾
Authentication Method: Select Pre-Shared Key (recommended) or Certificate (X.509).
¾
Pre-Shared Key: Input the Pre-Shared key for Authentication. (For example: Input 12345678)
¾
Perfect Forward Secrecy: PFS is an additional security protocol.
We recommend you leave the Advanced Settings as default value.
After complete the basic settings and click Save/Apply in both Device1 and Device2, PCs in LAN1
could conmmunicate with PCs in remote LAN2. (For example: You can ping the IP address of PC2
which is 192.168.2.100 in PC1)
)
Note:
The VPN Servers Endpoint from both ends must use the same pre-shared keys and Perfect
Forward Secrecy settings.
Click Show Advanced Settings and then you can configure the Advanced Settings.
57
Page 65 / 94
TD-W8950ND
150Mbps Wireless Lite N ADSL2+ Modem Router User Guide
¾
Main Mode: Select Main Mode to configure the standard negotiation parameters for IKE
phase1.
¾
Aggressive Mode: Select Aggressive Mode to configure IKE phase1 of the VPN Tunnel to
carry out negotiation in a shorter amount of time. (Not Recommended-Less Secure)
)
Note:
The difference between the two is that aggressive mode will pass more information in fewer
packets, with the benefit of slightly faster connection establishment, at the cost of transmitting the
identities of the security firewall in the clear. When using aggressive mode, some configuration
parameters such as Diffie-Hellman groups, and PFS can not be negotiated, resulting in a greater
importance of having "compatible" configuration on both ends.
¾
Key Life Time:
Enter the number of seconds for the IPSec lifetime. It is the period of time to pass before
establishing a new IPSec security association (SA) with the remote endpoint. The default value is
3600.
)
Note:
If you want to change the default settings of Advanced Settings, please make sure that both VPN
server endpoints use the same Encryption Algorithm, Integrity Algorithm, Diffie-Hellman Group
and Key Life time in both phase1 and phase2.
58

Rate

4.5 / 5 based on 2 votes.

Popular TP-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top