TP-Link TL-R480T Plus Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

TP-Link

TL-R480T Plus

Page 51 / 82 Scroll up to view Page 46 - 50

TL-R480T

SMB Broadband Router User Guide

•

Port Scan -

During the specific time, if a computer (identified by a particular source IP

address) transmits TCP SYN packets to another computer's (identified by a destination

IP address) ten different ports, then the source IP address will be deemed to make Port

Attacks. And the Router will start up the blocking function immediately.

•

IP Snoop -

If you select this option, the Router will monitor whether the packets from the

particular region is doing IP deceive. In the event, the Router will start up the blocking

function immediately. Note: The function takes effect only when the Region is LAN.

DoS Attack Defence

•

ICMP Flood

During a second, if a destination IP addresses receives many packets,

and the number of these packets exceeds the prescript value, then the destination IP will

be deemed to suffering from ICMP Flood Attack. And the Router will start up the blocking

function immediately.

•

UDP Flood -

During a second, if a particular port of a destination IP addresses receives

many packets, and the number of these packets exceeds the prescript value, then the

Port will be deemed to suffering from UDP Flood Attack. And the Router will start up the

blocking function immediately.

•

SYN Flood -

During a second, if a particular port of a destination IP addresses receives

many TCP SYN packets, and the number of these packets exceeds the prescript value,

then the Port will be deemed to suffering from SYN Flood Attack. And the Router will

start up the blocking function immediately.

•

Land Attack

This is an attack combining Flood attack and IP spoofing. When the

attackers send the spoof SYN datagram which including the casualty's IP address and

make it the destination and source IP addreess, the LAND attack happens. And the

Router will start up the blocking function immediately.

•

WinNuke -

WinNuke is a Dos attack for any Windows computers runing in the internet.

The attackers send the TCP fragment (usually sets the emergent field to the Net BIOS'S

139 port) to the connection established computers. So the NetBIOS fragments created

and make the Windows computers collapse. And the Router will start up the blocking

function immediately.

Dubious Packet Defence

•

Large ICMP packet:

The normal ICMP packets are very short, there normal length is

shorter than 1024 Bytes. If the ICMP packets' length is larger than 1024 Bytes, then they

will be considered as large ICMP packets. And the Router will start up the blocking

function immediately.

•

TCP packet without Flag:

The normal TCP packets contain flag in the packet header,

or else the packets will be considered as abnormal dubious packets. And the Router will

start up the blocking function immediately.

•

TCP packet with both SYN and FIN:

The TCP packets which have both SYN and FIN

settings in the packets header will be considered as abnormal TCP packets. And the

Router will start up the blocking function immediately.

•

TCP packet with FIN but without ACK:

The TCP packets that contains FIN but without

Page 52 / 82

TL-R480T

SMB Broadband Router User Guide

ACK is considered as abnormal. And the Router will start up the blocking function

immediately.

•

Unknow Protocol

In IP head the protocol type field, 135 and the value bigger than 135

is reserved and undefined. Because the protocols are undefined, we can not predict a

specifically unknow protocol is well-meaning or baleful. To these nonstandard protocols,

the carefully attitude is the best way to prevent them interning into the protected network.

Packet Defence with IP option

•

IP Timestamp Option:

If you select this option, the Router will monitor whether the IP

packets from the particular region contain the field of Internet Timestamp. In the event,

the Router will start up the blocking function immediately.

•

IP Security Option:

If you select this option, the Router will monitor whether the IP

packets from the particular region contain the field of Security. In the event, the Router

will start up the blocking function immediately.

•

IP Stream Option:

If you select this option, the Router will monitor whether the IP

packets from the particular region contain the field of of Stream ID. In the event, the

Router will start up the blocking function immediately.

•

IP Record Route Option:

If you select this option, the Router will monitor whether the IP

packets from the particular region contain the field of Record Route. In the event, the

Router will start up the blocking function immediately.

•

IP Loose Source Route Option:

If you select this option, the Router will monitor

whether the IP packets from the particular region contain the field of Loose Source Route.

In the event, the Router will start up the blocking function immediately.

•

IP Strict Source Route Option:

If you select this option, the Router will monitor whether

the IP packets from the particular region contain the field of Strict Source Route. In the

event, the Router will start up the blocking function immediately.

•

Invalid IP option:

If you select this option, the Router will monitor whether the IP

packets from the particular region is integrated or right. In the event, the Router will start

up the blocking function immediately.

4.7

Static Routing

Choose menu “

Static Routing

”, you can configure the static route in the next screen (shown in

Figure 4-38). A static route is a pre-determined path that network information must travel to reach

a specific host or network.

Page 53 / 82

TL-R480T

SMB Broadband Router User Guide

Figure 4-38

Destination IP Address

The “Destination IP Address” is the address of the network or host

that you want to assign to a static route.

Subnet Mask

The “Subnet Mask” determines which portion of an IP address is the network

portion, and which portion is the host portion.

Default Gateway

This is the IP address of the gateway device that allows for contact

between the router and the network or host.

Status

This field displays the status,

Enabled

means the rule is effective,

Disabled

means

the rule is ineffective.

To add/modify a static routing entry:

Step 1:

Click

Add New…

Modify

shown in Figure 4-38, you will see a new screen shown in

Figure 4-39.

Step 2:

Enter the appropriate Destination IP Address, Subnet Mask and Default Gateway, and

then select the status.

Figure 4-39

Step 3:

Click

Save

to make the entry take effect.

)

Note:

If you want to add more than one static route, please go to

step 1

to continue.

Other configurations for the entries as shown in Figure 4-28:

Page 54 / 82

TL-R480T

SMB Broadband Router User Guide

Click the

Delete

button to delete the entry.

Click the

Enable All

button to enable all the entries.

Click the

Disable All

button to disable all the entries.

Click the

Delete All

button to delete all the entries.

Click the

button to view the information in the previous screen,

click the

button to

view the information in the next screen.

4.8

Session Limit

Choose menu “

Session Limit

”, you can see the submenus under the main menu:

Figure 4-40

Click any of them, and you will be able to configure the corresponding function. The detailed

explanations for each submenu are provided below.

4.8.1

Session Limit

Choose menu “

Session Limit

→

Session Limit

”, you can view and configure the session limits in

the next screen. For conveniently control the connections of the computers in the LAN, you can

set the max number of connections for different computers.

Figure 4-41

Enable:

Enable or disable the session limit. Only after choose "Enable", the configuration will

take effect.

LAN IP address:

The controlled computer's IP address. You can input an range of IP

address, for example: 192.168.1.20 -192.168.1.30. You can also input an IP address, such

as:192.168.1.40.

Max Session:

The max connections of the computer.

To add/modify a session limit entry:

Step 1:

Click

Add New…

Modify

shown in Figure 4-41, you will see a new screen shown in

Page 55 / 82

TL-R480T

SMB Broadband Router User Guide

Figure 4-42.

Step 2:

Enter the appropriate LAN IP Address, Max Session and then select the status.

Figure 4-42

Step 3:

Click the

Save

button.

4.8.2

Session List

Choose menu “

Session Limit

→

Session List

”, you can view the the information about the

number of connection.

Figure 4-43

)

Note:

You can click the

Refresh

to update the information.

4.9

QoS

Choose menu “

QoS

”, you can see the submenus under the main menu:

Figure 4-44

Click any of them, and you will be able to configure the corresponding function. The detailed

explanations for each submenu are provided below.

Rate

Popular TP-Link Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share