TL-WR941ND

Wireless N Router

Figure 4-32

Port Triggering

Once the Router is configured, the operation is as follows:

1.

A local host makes an outgoing connection using a destination port number defined in the

Trigger Port field.

2.

The Router records this connection, opens the incoming port or ports associated with this

entry in the Port Triggering table, and associates them with the local host.

3.

When necessary the external host will be able to connect to the local host using one of the

ports defined in the

Incoming Ports

field.

¾

Trigger Port -

The port for outgoing traffic. An outgoing connection using this port will

"Trigger" this rule.

¾

Trigger Protocol -

The protocol used for Trigger Ports, either

TCP

,

UDP

, or

All

(all

protocols supported by the Router).

¾

Incoming Ports Range -

The port or port range used by the remote system when it

responds to the outgoing request. A response using one of these ports will be forwarded to

the PC that triggered this rule. You can input at most 5 groups of ports (or port section).

Every group of ports must be set apart with ",". For example, 2000-2038, 2050-2051, 2085,

3010-3030.

¾

Incoming Protocol -

The protocol used for Incoming Ports Range, either

TCP

or

UDP,

or

ALL

(all protocols supported by the Router).

¾

Status -

The status of this entry either

Enabled

or

Disabled

.

To add a new rule, follow the steps below.

1.

Click the

Add New…

button, the next screen will pop-up as shown in Figure 4-33.

2.

Select a common application from the

Common Applications

drop-down list, then the

Trigger Port

field and the

Incoming Ports

field will be automatically filled. If the

Common

Applications

do not have the application you need, enter the

Trigger Port

and the

Incoming Ports

manually.

3.

Select the protocol used for Trigger Port from the

Trigger Protocol

drop-down list, either

TCP

,

UDP

, or

All

.

4.

Select the protocol used for Incoming Ports from the

Incoming Protocol

drop-down list,

-52-

TL-WR941ND

Wireless N Router

either

TCP

or

UDP

, or

All.

5.

Select

Enable

in

Status

field.

6.

Click the

Save

button to save the new rule.

Figure 4-33

Add or Modify a Triggering Entry

To modify or delete an existing entry:

1.

Click the

Modify

in the entry you want to modify. If you want to delete the entry, click the

Delete

.

2.

Modify the information.

3.

Click the

Save

button.

Click the

Enable All

button to make all entries enabled

Click the

Disabled All

button to make all entries disabled.

Click the

Delete All

button to delete all entries

)

Note:

1.

When the trigger connection is released, the according opening ports will be closed.

2.

Each rule allowed to be used only by one host on LAN synchronously. The trigger connection

of other hosts on LAN will be refused.

3.

Incoming Port Range cannot overlap each other.

4.8.3 DMZ

Choose menu “

Forwarding

→

DMZ

”, you can view and configure DMZ host in the screen (shown

in

Figure 4-34

).The DMZ host feature allows one local host to be exposed to the Internet for a

special-purpose service such as Internet gaming or videoconferencing. DMZ host forwards all the

ports at the same time. Any PC whose port is being forwarded must have its DHCP client function

disabled and should have a new static IP Address assigned to it because its IP Address may be

changed when using the DHCP function.

-53-

TL-WR941ND

Wireless N Router

Figure 4-34

DMZ

To assign a computer or server to be a DMZ server:

1.

Click the

Enable

radio button

2.

Enter the local host IP Address in the

DMZ Host IP Address

field

3.

Click the

Save

button.

)

Note:

After you set the DMZ host, the firewall related to the host will not work.

4.8.4 UPnP

Choose menu “

Forwarding

→

UPnP

”, you can view the information about

UPnP

(Universal Plug

and Play) in the screen (shown in

Figure 4-35

).The UPnP feature allows the devices, such as

Internet computers, to access the local host resources or devices as needed. UPnP devices can

be automatically discovered by the UPnP service application on the LAN.

Figure 4-35

UPnP Setting

¾

Current UPnP Status -

UPnP can be enabled or disabled by clicking the

Enable

or

Disable

button. As allowing this may present a risk to security, this feature is enabled by

default.

¾

Current UPnP Settings List -

This table displays the current UPnP information.

•

App Description -

The description provided by the application in the UPnP request

-54-

TL-WR941ND

Wireless N Router

•

External Port

-

External port, which the router opened for the application.

•

Protocol -

Shows which type of protocol is opened.

•

Internal Port

-

Internal port, which the router opened for local host.

•

IP Address

-

The UPnP device that is currently accessing the router.

•

Status -

The port’s status displayed here. “Enabled” means that port is still active.

Otherwise, the port is inactive.

Click

Refresh

to update the Current UPnP Settings List.

4.9 Security

Figure 4-36

The Security menu

There are four submenus under the Security menu as shown in Figure 4-36:

Basic Security

,

Advanced Security

,

Local Management

and

Remote Management.

Click any of them, and you

will be able to configure the corresponding function.

4.9.1 Basic Security

Choose menu “

Security

→

Basic Security

”, you can configure the basic security in the screen

as shown in Figure 4-37.

-55-

TL-WR941ND

Wireless N Router

Figure 4-37

Basic Security

¾

Firewall -

A firewall protects your network from the outside world. Here you can enable or

disable the Router’s firewall.

z

SPI Firewall -

SPI (Stateful Packet Inspection, also known as dynamic packet filtering)

helps to prevent cyber attacks by tracking more state per session. It validates that the

traffic passing through the session conforms to the protocol. SPI Firewall is enabled by

factory default. If you want all the computers on the LAN exposed to the outside world,

you can disable it.

¾

VPN -

VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec,

PPTP, or L2TP protocols to pass through the Router’s firewall.

z

PPTP Passthrough -

Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point

Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass

through the Router, keep the default,

Enabled

.

z

L2TP Passthrough

-

Layer 2 Tunneling Protocol (L2TP) is the method used to enable

Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to

pass through the Router, keep the default,

Enabled

.

z

IPSec Passthrough

-

Internet Protocol Security (IPSec) is a suite of protocols for

ensuring private, secure communications over Internet Protocol (IP) networks, through

the use of cryptographic security services. To allow IPSec tunnels to pass through the

Router, keep the default,

Enabled

.

-56-