Page 86 / 143 Scroll up to view Page 81 - 85
TL-WDR3500
N600 Wireless Dual Band Router
- 76 -
Figure 4-71 UPnP Setting
Current UPnP Status -
UPnP can be enabled or disabled by clicking the
Enable
or
Disable
button. This feature is enabled by default.
Current UPnP Settings List -
This table displays the current UPnP information.
App Description
- The description about the application which initiates the UPnP
request.
External Port
- The port which the Router opened for the application.
Protocol
- The type of protocol which is opened.
Internal Port
- The port which the Router opened for local host.
IP Address
- The IP address of the local host which initiates the UPnP request.
Status
- Either Enabled or Disabled. "Enabled" means that the port is still active;
otherwise, the port is inactive.
Click the
Enable
button to enable UPnP.
Click the
Disable
button to disable UPnP.
Click the
Refresh
button to update the Current UPnP Settings List.
4.13 Security
Figure 4-72 The Security menu
Page 87 / 143
TL-WDR3500
N600 Wireless Dual Band Router
- 77 -
There are four submenus under the Security menu as shown in Figure 4-72:
Basic Security
,
Advanced Security
,
Local Management
and
Remote Management
.
Click any of them, and you
will be able to configure the corresponding function.
4.13.1 Basic Security
Choose menu “
Security
Basic Security
”, and then you can configure the basic security in the
screen as shown in Figure 4-73.
Figure 4-73 Basic Security
Firewall -
A firewall protects your network from the outside world. Here you can enable or
disable the Router’s firewall.
SPI Firewall
- SPI (Stateful Packet Inspection, also known as dynamic packet filtering)
helps to prevent cyber attacks by tracking more state per session. It validates that the
traffic passing through the session conforms to the protocol. SPI Firewall is enabled by
factory default. If you want all the computers on the LAN exposed to the outside world,
you can disable it.
VPN -
VPN Passthrough must be enabled if you want to allow VPN tunnels using VPN
protocols to pass through the Router.
PPTP
Passthrough
- Point-to-Point Tunneling Protocol (PPTP) allows the
Point-to-Point Protocol (PPP) to be tunneled through an IP network. To allow PPTP
tunnels to pass through the Router, click
Enable
.
L2TP Passthrough
- Layer Two Tunneling Protocol (L2TP) is the method used to
enable Point-to-Point sessions via the Internet on the Layer Two level. To allow L2TP
tunnels to pass through the Router, click
Enable
.
Page 88 / 143
TL-WDR3500
N600 Wireless Dual Band Router
- 78 -
IPSec Passthrough
- Internet Protocol security (IPSec) is a suite of protocols for
ensuring private, secure communications over Internet Protocol (IP) networks, through
the use of cryptographic security services. To allow IPSec tunnels to pass through the
Router, click
Enable
.
ALG -
It is recommended to enable Application Layer Gateway (ALG) because ALG allows
customized Network Address Translation (NAT) traversal filters to be plugged into the
gateway to support address and port translation for certain application layer "control/data"
protocols such as FTP, TFTP, H323 etc.
FTP ALG
- To allow FTP clients and servers to transfer data across NAT, click
Enable
.
TFTP ALG
- To allow TFTP clients and servers to transfer data across NAT, click
Enable
.
H323 ALG
- To allow Microsoft NetMeeting clients to communicate across NAT, click
Enable
.
RTSP ALG
- To allow some media player clients to communicate with some streaming
media servers across NAT, click
Enable
.
Click the
Save
button to save your settings.
4.13.2 Advanced Security
Choose menu “
Security
Advanced Security
”, and then you can protect the Router from
being attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in Figure
4-74.
Figure 4-74 Advanced Security
Page 89 / 143
TL-WDR3500
N600 Wireless Dual Band Router
- 79 -
Packets Statistics Interval (5~60) -
The default value is 10. Select a value between 5 and
60 seconds from the drop-down list. The Packets Statistics Interval value indicates the time
section of the packets statistics. The result of the statistics is used for analysis by SYN Flood,
UDP Flood and ICMP-Flood.
DoS Protection -
Denial of Service protection. Check the Enable or Disable button to
enable or disable the DoS protection function. Only when it is enabled, will the flood filters be
enabled.
Note:
Dos Protection will take effect only when the
Traffic Statistics
in “
System Tool
Traffic
Statistics
” is enabled.
Enable ICMP-FLOOD Attack Filtering
-
Enable or Disable the ICMP-FLOOD Attack
Filtering.
ICMP-FLOOD Packets Threshold (5~3600)
-
The default value is 50. Enter a value
between 5
~
3600. When the current ICMP-FLOOD Packets number is beyond the set value,
the Router will startup the blocking function immediately.
Enable UDP-FLOOD Filtering
-
Enable or Disable the UDP-FLOOD Filtering.
UDP-FLOOD Packets Threshold (5~3600)
-
The default value is 500. Enter a value
between 5
~
3600. When the current UPD-FLOOD Packets number is beyond the set value,
the Router will startup the blocking function immediately.
Enable TCP-SYN-FLOOD Attack Filtering
-
Enable or Disable the TCP-SYN-FLOOD
Attack Filtering.
TCP-SYN-FLOOD Packets Threshold (5~3600)
-
The default value is 50. Enter a value
between 5
~
3600. When the current TCP-SYN-FLOOD Packets numbers is beyond the set
value, the Router will startup the blocking function immediately.
Ignore Ping Packet From WAN Port
-
Enable or Disable Ignore Ping Packet From WAN
Port. The default setting is disabled. If enabled, the ping packet from the Internet cannot
access the Router.
Forbid Ping Packet From LAN Port
-
Enable or Disable Forbid Ping Packet From LAN Port.
The default setting is disabled. If enabled, the ping packet from LAN cannot access the
Router. This function can be used to defend against some viruses.
Click the
Save
button to save the settings.
Click the
Blocked DoS Host List
button to display the DoS host table by blocking.
4.13.3 Local Management
Choose menu “
Security
Local Management
”, and then you can configure the management
rule in the screen as shown in Figure 4-75. The management feature allows you to deny
computers in LAN from accessing the Router.
Page 90 / 143
TL-WDR3500
N600 Wireless Dual Band Router
- 80 -
Figure 4-75 Local Management
By default, the radio button “
All the PCs on the LAN are allowed to access the Router's
Web-Based Utility
” is checked. If you want to allow PCs with specific MAC Addresses to access
the Setup page of the Router's Web-Based Utility locally from inside the network, check the radio
button “
Only the PCs listed can browse the built-in web pages to perform Administrator
tasks
”, and then enter each MAC Address in a separate field. The format for the MAC Address is
XX-XX-XX-XX-XX-XX (X is any hexadecimal digit). Only the PCs with MAC address listed can
use the password to browse the built-in web pages to perform Administrator tasks while all the
others will be blocked.
After click the
Add
button, your PC's MAC Address will be placed in the list above.
Click the
Save
button to save your settings.
Note:
If your PC is blocked but you want to access the Router again, use a pin to press and hold the
Reset Button
(hole) on the back panel for about 5 seconds to reset the Router’s factory defaults
on the Router’s Web-Based Utility.
4.13.4 Remote Management
Choose menu “
Security
Remote Management
”, and then you can configure the Remote
Management function in the screen as shown in Figure 4-76. This feature allows you to manage
your Router from a remote location via the Internet.

Rate

4 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top