1. Home
    2. /
  2. Manuals
    3. /
  3. TP-Link
    4. /
  4. TL-MR3020
    5. /
  5. 17
Page 81 / 258 Scroll up to view Page 76 - 80
TL-MR3020
Portable 3G/4G Wireless N Router
Figure 4-42
DMZ
To assign a computer or server to be a DMZ server:
1.
Click the
Enable
radio button
2.
Enter the local host IP Address in the
DMZ Host IP Address
field
3.
Click the
Save
button.
Note
:
After you set the DMZ host, the firewall related to the host will not work.
4.8.4
UPnP
Choose menu “
Forwarding
UPnP
”, you can view the information about
UPnP
(Universal Plug
and Play) in the screen (shown in Figure 4-43).The UPnP feature allows the devices, such as
Internet computers, to access the local host resources or devices as needed. UPnP devices
can be automatically discovered by the UPnP service application on the LAN.
Figure 4-43
UPnP Setting
Current UPnP Status -
UPnP can be enabled or disabled by clicking the
Enable
or
Disable
button. As allowing this may present a risk to security, this feature is enabled by
default.
Current UPnP Settings List -
This table displays the current UPnP information.
-70-
Page 82 / 258
TL-MR3020
Portable 3G/4G Wireless N Router
App Description -
The description provided by the application in the UPnP request
External Port
-
External port, which the router opened for the application.
Protocol -
Shows which type of protocol is opened.
Internal Port
-
Internal port, which the router opened for local host.
IP Address
-
The UPnP device that is currently accessing the router.
Status -
The port’s status displayed here. “Enabled” means that port is still active.
Otherwise, the port is inactive.
Click
Refresh
to update the Current UPnP Settings List.
4.9 Security
Figure 4-44
The Security menu
There are four submenus under the Security menu as shown in Figure 4-44:
Basic Security
,
Advanced Security
,
Local Management
and
Remote Management.
Click any of them, and
you will be able to configure the corresponding function.
4.9.1
Basic Security
Choose menu “
Security
Basic Security
”, you can configure the basic security in the
screen as shown in Figure 4-45.
Figure 4-45
Basic Security
-71-
Page 83 / 258
TL-MR3020
Portable 3G/4G Wireless N Router
Firewall -
A firewall protects your network from the outside world. Here you can enable or
disable the Router’s firewall.
SPI Firewall -
SPI (Stateful Packet Inspection, also known as dynamic packet filtering)
helps to prevent cyber attacks by tracking more state per session. It validates that the
traffic passing through the session conforms to the protocol. SPI Firewall is enabled by
factory default. If you want all the computers on the LAN exposed to the outside world,
you can disable it.
VPN -
VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec,
PPTP, or L2TP protocols to pass through the Router’s firewall.
PPTP Passthrough -
Point-to-Point Tunneling Protocol (PPTP) allows the
Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP
tunnels to pass through the Router, keep the default,
Enable
.
L2TP Passthrough
-
Layer 2 Tunneling Protocol (L2TP) is the method used to enable
Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to
pass through the Router, keep the default,
Enable
.
IPSec Passthrough
-
Internet Protocol Security (IPSec) is a suite of protocols for
ensuring private, secure communications over Internet Protocol (IP) networks, through
the use of cryptographic security services. To allow IPSec tunnels to pass through the
Router, keep the default,
Enable
.
ALG -
It is recommended to enable Application Layer Gateway (ALG) because ALG allows
customized Network Address Translation (NAT) traversal filters to be plugged into the
gateway to support address and port translation for certain application layer "control/data"
protocols such as FTP, TFTP, H323, RTSP etc.
FTP ALG -
Select
Enable
, to allow FTP servers to operate properly.
TFTP ALG -
Select
Enable
, to allow TFTP servers to operate properly.
H323 ALG -
Select
Enable
, to allow H323 services to operate properly.
RTSP ALG -
Select
Enable
, to allow RTSP services to operate properly.
Click the
Save
button to save your settings.
4.9.2
Advanced Security
Choose menu “
Security
Advanced Security
”, you can protect the Router from being
attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in Figure
4-46.
-72-
Page 84 / 258
TL-MR3020
Portable 3G/4G Wireless N Router
Figure 4-46
Advanced Security
Packets Statistics Interval (5~60) -
The default value is 10. Select a value between 5
and 60 seconds from the drop-down list. The Packets Statistics Interval value indicates
the time section of the packets statistics. The result of the statistics is used for analysis by
SYN Flood, UDP Flood and ICMP-Flood.
DoS Protection -
Denial of Service protection. Check the Enable or Disable button to
enable or disable the DoS protection function. Only when it is enabled, will the flood filters
be enabled.
Enable ICMP-FLOOD Attack Filtering
-
Enable or Disable the ICMP-FLOOD Attack
Filtering.
ICMP-FLOOD Packets Threshold (5~3600)
-
The default value is 50. Enter a value
between 5
~
3600. When the current ICMP-FLOOD Packets number is beyond the set
value, the Router will startup the blocking function immediately.
Enable UDP-FLOOD Filtering
-
Enable or Disable the UDP-FLOOD Filtering.
UDP-FLOOD Packets Threshold (5~3600)
-
The default value is 500. Enter a value
between 5
~
3600. When the current UPD-FLOOD Packets number is beyond the set value,
the Router will startup the blocking function immediately.
Enable TCP-SYN-FLOOD Attack Filtering
-
Enable or Disable the TCP-SYN-FLOOD
Attack Filtering.
-73-
Page 85 / 258
TL-MR3020
Portable 3G/4G Wireless N Router
TCP-SYN-FLOOD Packets Threshold (5~3600)
-
The default value is 50. Enter a value
between 5
~
3600. When the current TCP-SYN-FLOOD Packets numbers is beyond the
set value, the Router will startup the blocking function immediately.
Ignore Ping Packet From WAN Port
-
Enable or Disable Ignore Ping Packet From WAN
Port. The default setting is disabled. If enabled, the ping packet from the Internet cannot
access the Router.
Forbid Ping Packet From LAN Port
-
Enable or Disable Forbid Ping Packet From LAN
Port. The default setting is disabled. If enabled, the ping packet from LAN cannot access
the Router. This function can be used to defend against some viruses.
Click the
Save
button to save the settings.
Click the
Blocked DoS Host List
button to display the DoS host table by blocking.
4.9.3
Local Management
Choose menu “
Security
Local Management
”, you can configure the management rule in
the screen as shown in Figure 4-47. The management feature allows you to deny computers in
LAN from accessing the Router.
Figure 4-47 Local Management
By default, the radio button “
All the PCs on the LAN are allowed to access the Router's
Web-Based Utility
” is checked. If you want to allow PCs with specific MAC Addresses to
access the Setup page of the Router's Web-Based Utility locally from inside the network, check
the radio button “
Only the PCs listed can browse the built-in web pages to perform
Administrator tasks
”, and then enter each MAC Address in a separate field. The format for the
MAC Address is XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Only the PCs with MAC
address listed can use the password to browse the built-in web pages to perform Administrator
tasks while all the others will be blocked.
-74-

Rate

4.5 / 5 based on 2 votes.

Popular TP-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top