TL-WR841N/TL-WR841ND
300Mbps Wireless N Router User Guide
- 53 -
disable the Router’s firewall.
z
SPI Firewall -
SPI (Stateful Packet Inspection, also known as dynamic packet filtering)
helps to prevent cyber attacks by tracking more state per session. It validates that the
traffic passing through the session conforms to the protocol. SPI Firewall is enabled by
factory default. If you want all the computers on the LAN exposed to the outside world,
you can disable it.
¾
VPN -
VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec,
PPTP, or L2TP protocols to pass through the Router’s firewall.
z
PPTP Passthrough -
Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point
Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass
through the Router, keep the default,
Enabled
.
z
L2TP Passthrough
-
Layer 2 Tunneling Protocol (L2TP) is the method used to enable
Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to
pass through the Router, keep the default,
Enabled
.
z
IPSec Passthrough
-
Internet Protocol Security (IPSec) is a suite of protocols for
ensuring private, secure communications over Internet Protocol (IP) networks, through
the use of cryptographic security services. To allow IPSec tunnels to pass through the
Router, keep the default,
Enabled
.
¾
ALG -
It is recommended to enable Application Layer Gateway (ALG) because ALG allows
customized Network Address Translation (NAT) traversal filters to be plugged into the
gateway to support address and port translation for certain application layer "control/data"
protocols such as FTP, TFTP, H323 etc.
z
FTP ALG -
To allow FTP clients and servers to transfer data across NAT, keep the
default
Enable
.
z
TFTP ALG -
To allow TFTP clients and servers to transfer data across NAT, keep the
default
Enable
.
z
H323 ALG -
To allow Microsoft NetMeeting clients to communicate across NAT, keep
the default
Enable
.
z
RTSP ALG
- To allow some media player clients to communicate with some streaming
media servers across NAT, click Enable.
Click the
Save
button to save your settings.
4.9.2 Advanced Security
Choose menu “
Security
→
Advanced Security
”, you can protect the Router from being
attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in Figure 4-40.
•
RTSP ALG
- To allow some media player clients to communicate with some streaming media servers
across NAT, click Enable.