1. Home
    2. /
  2. Manuals
    3. /
  3. TP-Link
    4. /
  4. TL-WA7210N
    5. /
  5. 23
Page 111 / 150 Scroll up to view Page 106 - 110
TL-WA7210N
2.4GHz 150Mbps Outdoor Wireless Access Point User Guide
101
Note:
After you set the DMZ host, the firewall related to the host will not work.
5.9.4
UPnP
Selecting
Forwarding > UPnP
will enable you to configure the UPnP function on the page as
shown in Figure 5-39:
Figure 5-39 UPnP Settings
Current UPnP Status -
UPnP can be enabled or disabled by clicking the
Enable
or
Disable
button. As enabling UPnP may present a risk to security, this feature is disabled by default.
Current UPnP Settings List -
This table displays the current UPnP information.
App Description
– The description provided by the application in the UPnP request
External Port
-
External port, which the router opened for the application.
Protocol
-
Shows which type of protocol is opened.
Internal Port
-
Internal port, which the router opened for local host.
IP Address
-
The IP address of the local host which initiates the UPnP request.
Status -
Either Enabled or Disabled, “Enabled” means that port is still active. Otherwise,
the port is inactive.
Click
Enable
to enable UPnP.
Click
Disable
to disable UPnP
Click
Refresh
to update the Current UPnP Settings List.
5.10 Security
Figure 5-40 The Security menu
There are four submenus under the Security menu as shown in Figure 5-40:
Basic Security
,
Advanced Security
,
Local Management
and
Remote Management
.
Click any of them, and you
will be able to configure the corresponding function.
Page 112 / 150
TL-WA7210N
2.4GHz 150Mbps Outdoor Wireless Access Point User Guide
102
5.10.1 Basic Security
Choose menu
Security > Basic Security
, and then you can configure the basic security in the
screen as shown in Figure 5-41.
Figure 5-41 Basic Security
Firewall
-
Here you can enable or disable the Device's firewall.
SPI Firewall
- Stateful Packet Inspection (SPI) helps to prevent cyber attacks by tracking
more state per session. It validates that the traffic passing through the session conforms
to the protocol. SPI Firewall is enabled by factory default. If you want all the computers on
the LAN exposed to the outside world, you can disable it.
VPN
-
VPN Passthrough must be enabled if you want to allow VPN tunnels using VPN
protocols to pass through the Device.
PPTP Passthrough -
PPTP (Point-to-Point Tunneling Protocol) allows the Point-to-Point
Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass
through the Device, click Enable.
L2TP Passthrough
-
L2TP (Layer Two Tunneling Protocol) is the method used to enable
Point-to-Point sessions via the Internet on the Layer Two level. To allow L2TP tunnels to
pass through the Device, click Enable.
IPSec Passthrough
-
IPSec (Internet Protocol security) is a suite of protocols for
ensuring private, secure communications over IP (Internet Protocol) networks, through
the use of cryptographic security services. To allow IPSec tunnels to pass through the
Device, click
Enable
.
ALG
-
It is recommended to enable Application Layer Gateway (ALG) because ALG allows
customized Network Address Translation (NAT) traversal filters to be plugged into the
gateway to support address and port translation for certain application layer "control/data"
protocols such as FTP, TFTP, H323 etc.
FTP ALG
-
To allow FTP clients and servers to transfer data across NAT, click Enable.
Page 113 / 150
TL-WA7210N
2.4GHz 150Mbps Outdoor Wireless Access Point User Guide
103
TFTP ALG
-
To allow TFTP clients and servers to transfer data across NAT, click Enable.
H323 ALG
-
To allow Microsoft NetMeeting clients to communicate across NAT, click
Enable.
Click the
Save
button to save your settings.
5.10.2
Advanced Security
Choose menu
Security > Advanced Security
, and then you can protect the Device from being
attacked by ICMP-Flood, UDP Flood and TCP-SYN Flood in the screen as shown in Figure 5-42.
Figure 5-42 Advanced Security
Note:
FLOOD Filtering will take effect only when the
Traffic Statistics
in
System Tools
is enabled.
Packets Statistics interval (5~60)
-
The default value is 10. Select a value between 5 and
60 seconds in the pull-down list. The Packets Statistic interval value indicates the time
section of the packets statistic. The result of the statistic used for analysis by ICMP-Flood,
UDP Flood and TCP-SYN Flood.
DoS Protection
-
Enable or Disable the DoS protection function. Only when it is enabled, will
the flood filters be enabled.
Enable ICMP-FLOOD Attack Filtering
-
Enable or Disable the ICMP-FLOOD Attack
Filtering.
ICMP-FLOOD Packets Threshold (5~3600)
-
The default value is 50. Enter a value between
5
~
3600. When the current ICMP-FLOOD Packets number is beyond the set value, the
Device will start up the blocking function immediately.
Page 114 / 150
TL-WA7210N
2.4GHz 150Mbps Outdoor Wireless Access Point User Guide
104
Enable UDP-FLOOD Filtering
-
Enable or Disable the UDP-FLOOD Filtering.
UDP-FLOOD Packets Threshold (5~3600)
-
The default value is 500. Enter a value
between 5
~
3600. When the current UPD-FLOOD Packets number is beyond the set value,
the Device will start up the blocking function immediately.
Enable TCP-SYN-FLOOD Attack Filtering
-
Enable or Disable the TCP-SYN-FLOOD
Attack Filtering.
TCP-SYN-FLOOD Packets Threshold (5~3600) -
The default value is 50. Enter a value
between 5
~
3600. When the current TCP-SYN-FLOOD Packets numbers is beyond the set
value, the Device will start up the blocking function immediately.
Ignore Ping Packet From WAN Port
-
Enable or Disable Ignore Ping Packet From WAN
Port. The default setting is Disabled. If enabled, the ping packet from Internet cannot access
the Device.
Forbid Ping Packet From LAN Port
-
Enable or Disable Forbid Ping Packet From LAN Port.
The default setting is Disabled. If enabled, the ping packet from LAN cannot access the
Device and defend against some viruses.
Click the
Save
button to save the settings.
Click the
Blocked DoS Host List
button to display the DoS host table by blocking.
5.10.3 Local Management
Choose menu
Security > Local Management
, and then you can configure the management rule
in the screen as shown in Figure 5-43. The management feature allows you to deny computers in
LAN from accessing the Device.
Figure 5-43 Local Management
By default, the radio button
All the PCs on the LAN are allowed to access the Router's
Web-Based Utility
is selected. If you want to allow PCs with specific MAC Addresses to access
the Setup page of the Device's Web-Based Utility locally, from inside the network, click the radio
button
Only the PCs listed can browse the built-in web pages to perform Administrator
tasks
, and then enter each MAC Address in a separate field. The format for the MAC Address is
XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Only the PCs with the MAC address listed can
use the password to browse the built-in web pages to perform Administrator tasks and all the
others will be blocked.
Page 115 / 150
TL-WA7210N
2.4GHz 150Mbps Outdoor Wireless Access Point User Guide
105
After click the
Add
button, your PC's MAC Address will be placed in the Control List above.
Click the
Save
button to save your settings.
Note:
If your PC is blocked and you want to access the Device again, use a pin to press and hold the
Reset Button
on the back panel about 5 seconds to reset the Device's factory defaults in the
Device's Web-Based Utility.
5.10.4 Remote Management
Choose menu
Security > Remote Management
, and then you can configure the Remote
Management function in the screen as shown in Figure 5-44. This feature allows you to manage
your Device from a remote location via the Internet.
Figure 5-44 Remote Management
Web Management Port
-
Web browser access normally uses the standard HTTP service
port 80. This Device's default remote management web port number is 80. For greater
security, you can change the remote management web port to a custom port by entering that
number in the box provided. Choose a number between 1 and 65535 but do not use the
number of any common service port.
Remote Management IP Address
-
This is the current address you will use when accessing
your Device from the Internet. This function is disabled when the IP address is set to the
default value of 0.0.0.0. To enable this function you should change 0.0.0.0 to a valid IP
address. If set to be 255.255.255.255, then all the hosts can access the Device from Internet.
To access the Device, you should enter your Device's WAN IP address into your browser's
address (in IE) or location (in Netscape) box, followed by a colon and the custom port number you
set in the Web Management Port box.
For example, if your Device's WAN address is 202.96.12.8 and you use port number 8080,
enter http://202.96.12.8:8080 in your browser. You will be asked for the Device's password.
After successfully entering the password, you will be able to access the Device's web-based
utility.
Note:
Be sure to change the Device's default password to a secure password.
5.11 Parental Control
Choose menu
Parental Control
, and then you can configure the parental control in the screen as
shown in Figure 5-45. The Parental Control function can be used to control the Internet activities
of the children, their access to certain websites, as well as the time of surfing.

Rate

3.5 / 5 based on 2 votes.

Popular TP-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top