Chapter 12 Network Security - Archer A7 & C7 User Guide | TP-Link

Home » Archer C7 Security Settings » Chapter 12 Network Security - Archer A7 & C7 User Guide | TP-Link

Maybe your like

  • About This Guide
  • Chapter 1 Get to Know About Your Router
    • Product Overview
    • Appearance
  • Chapter 2 Connect the Hardware
    • Position Your Router
    • Connect Your Router
  • Chapter 3 Log In to Your Router
  • Chapter 4 Set Up Internet Connection
    • Use Quick Setup Wizard
    • Manually Set up Your Internet Connection
    • Set Up an IPv6 Internet Connection
    • Configure the Router in Access Point Mode
  • Chapter 5 TP-Link Cloud Service
    • Register a TP-Link ID
    • Change Your TP-Link ID Information
    • Manage the User TP-Link IDs
    • Manage the Router via the TP-Link Tether App
  • Chapter 6 Work with Alexa
  • Chapter 7 OneMesh with Seamless Roaming
    • Set Up a OneMesh Network
    • Manage Devices in the OneMesh Network
  • Chapter 8 Guest Network
    • Create a Network for Guests
    • Customize Guest Network Options
  • Chapter 9 USB Settings
    • Access the USB Storage Device
    • Media Sharing
    • Offline Download
  • Chapter 10 Parental Controls
    • Set Up Access Restrictions
    • Monitor Internet Usage
  • Chapter 11 QoS
  • Chapter 12 Network Security
    • Protect the Network from Cyber Attacks
    • Access Control
    • IP & MAC Binding
  • Chapter 13 NAT Forwarding
    • Share Local Resources on the Internet by Virtual Servers
    • Open Ports Dynamically by Port Triggering
    • Make Applications Free from Port Restriction by DMZ
    • Make Xbox Online Games Run Smoothly by UPnP
  • Chapter 14 VPN Server
    • Use OpenVPN to Access Your Home Network
    • Use PPTP VPN to Access Your Home Network
  • Chapter 15 Customize Your Network Settings
    • Change the LAN Settings
    • Configure to Support IPTV Service
    • Specify DHCP Server Settings
    • Set Up a Dynamic DNS Service Account
    • Create Static Routes
    • Specify Wireless Settings
    • Schedule Your Wireless Function
    • Use WPS for Wireless Connection
  • Chapter 16 Manage the Router
    • Set Up System Time
    • Control LEDs
    • Test the Network Connectivity
    • Upgrade the Firmware
    • Backup and Restore Configuration Settings
    • Set the Router to Reboot Regularly
    • Change the Login Password
    • Password Recovery
    • Local Management
    • Remote Management
    • System Log
    • Monitor the Internet Traffic Statistics
  • FAQ
  • Authentication

Chapter 12 Network Security

This chapter guides you on how to protect your home network from cyber attacks and unauthorized users by implementing these three network security functions. You can protect your home network against DoS (Denial of Service) attacks from flooding your network with server requests using DoS Protection, block or allow specific client devices to access your network using Access Control, or you can prevent ARP spoofing and ARP attacks using IP & MAC Binding.

It contains the following sections:

Protect the Network from Cyber Attacks

Access Control

IP & MAC Binding

1. Protect the Network from Cyber Attacks

The SPI (Stateful Packet Inspection) Firewall and DoS (Denial of Service) Protection protect the router from cyber attacks.

The SPI Firewall can prevent cyber attacks and validate the traffic that is passing through the router based on the protocol. This function is enabled by default, and it’s recommended to keep the default settings.

DoS Protection can protect your home network against DoS attacks from flooding your network with server requests. Follow the steps below to configure DoS Protection.

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > Settings.

3.Enable DoS Protection.

4.Set the level (Off, Low, Middle or High) of protection for ICMP-FLOOD Attack Filtering, UDP-FlOOD Attack Filtering and TCP-SYN-FLOOD Attack Filtering.

ICMP-FLOOD Attack Filtering - Enable to prevent the ICMP (Internet Control Message Protocol) flood attack.

UDP-FlOOD Attack Filtering - Enable to prevent the UDP (User Datagram Protocol) flood attack.

TCP-SYN-FLOOD Attack Filtering - Enable to prevent the TCP-SYN (Transmission Control Protocol-Synchronize) flood attack.

Tips:

The level of protection is based on the number of traffic packets. The protection will be triggered immediately when the number of packets exceeds the preset threshold value (the value can be set on Advanced > System Tools > System Parameters > DoS Protection Level Settings), and the vicious host will be displayed in the Blocked DoS Host List.

5.If you want to ignore the ping packets from the WAN port, select Ignore Ping Packet From WAN Port; if you want to ignore the ping packets form the LAN port, select Ignore Ping Packet From LAN Port.

6.Click Save.

2. Access Control

Access Control is used to block or allow specific client devices to access your network (via wired or wireless) based on a list of blocked devices (Blacklist) or a list of allowed devices (Whitelist).

I want to:

Block or allow specific client devices to access my network (via wired or wireless).

How can I do that?

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > Access Control.

3.Enable Access Control.

4.Select the access mode to either block (recommended) or allow the device(s) in the list.

To block specific device(s)

1 )Select Blacklist and click Save.

2 )Select the device(s) to be blocked in the Online Devices table by ticking the box.

3 )Click Block above the Online Devices table. The selected devices will be added to Devices in Blacklist automatically.

To allow specific device(s)

1 )Select Whitelist and click Save.

2 )Click Add in the Devices in Whitelist section. Enter the Device Name and MAC Address (You can copy and paste the information from the Online Devices list if the device is connected to your network).

3 )Click OK.

Done!

Now you can block or allow specific client devices to access your network (via wired or wireless) using the Blacklist or Whitelist.

3. IP & MAC Binding

IP & MAC Binding, namely, ARP (Address Resolution Protocol) Binding, is used to bind network device’s IP address to its MAC address. This will prevent ARP Spoofing and other ARP attacks by denying network access to an device with matching IP address in the Binding list, but unrecognized MAC address.

I want to:

Prevent ARP spoofing and ARP attacks.

How can I do that?

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > IP & MAC Binding.

3.Enable ARP Binding.

4.Bind your device(s) according to your need.

To bind the connected device(s):

Click to add the corresponding device to the Binding List.

To bind the unconnected device

1 )Click Add in the Binding List section.

2 )Enter the MAC address and IP address that you want to bind. Enter a Description for this binding entry.

3 )Tick the Enable This Entry checkbox and click OK.

Done!

Now you don’t need to worry about ARP spoofing and ARP attacks!

< PreviousNext > Feedback * Please rate this article: poor excellent * Does this article help you solve your problem? Yes No Just browsing Suggestions:

Enter your contact information so we can get back to you:

Name: Email: * I have read and agree to the Privacy Policy Submit

Thank you for your feedback.

Sorry, something went wrong!

Tag » Archer C7 Security Settings