Support User Manuals

TP-Link Rev 1.0.0 1910010810 Network Router User Manual

Open as PDF

of 110

TL-WR841HP

300Mbps High Power Router User Guide

- 51 -

 SPI Firewall - SPI (Stateful Packet Inspection, also known as dynamic packet filtering)

helps to prevent cyber attacks by tracking more state per session. It validates that the

traffic passing through the session conforms to the protocol. SPI Firewall is enabled by

factory default. If you want all the computers on the LAN exposed to the outside world,

you can disable it.

 VPN - VPN Passthrough must be enabled if you want to allow VPN tunnels using IPSec,

PPTP, or L2TP protocols to pass through the Router’s firewall.

 PPTP Passthrough - Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point

Protocol (PPP) to be tunneled through an IP network. To allow PPTP tunnels to pass

through the Router, keep the default, Enabled.

 L2TP Passthrough - Layer 2 Tunneling Protocol (L2TP) is the method used to enable

Point-to-Point sessions via the Internet on the Layer 2 level. To allow L2TP tunnels to

pass through the Router, keep the default, Enabled.

 IPSec Passthrough - Internet Protocol Security (IPSec) is a suite of protocols for

ensuring private, secure communications over Internet Protocol (IP) networks, through

the use of cryptographic security services. To allow IPSec tunnels to pass through the

Router, keep the default, Enabled.

 ALG - It is recommended to enable Application Layer Gateway (ALG) because ALG allows

customized Network Address Translation (NAT) traversal filters to be plugged into the

gateway to support address and port translation for certain application layer "control/data"

protocols such as FTP, TFTP, H323 etc.

 FTP ALG - To allow FTP clients and servers to transfer data across NAT, keep the

default Enable.

 TFTP ALG - To allow TFTP clients and servers to transfer data across NAT, keep the

default Enable.

 H323 ALG - To allow Microsoft NetMeeting clients to communicate across NAT, keep

the default Enable.

 RTSP ALG - To allow some media player clients to communicate with some streaming

media servers across NAT, click Enable.

Click the Save button to save your settings.

4.9.2 Advanced Security

Choose menu “Security → Advanced Security”, you can protect the Router from being

attacked by TCP-SYN Flood, UDP Flood and ICMP-Flood in the screen as shown in

Figure 4-40.

• RTSP ALG - To allow some media player clients to communicate with some streaming media servers

across NAT, click Enable.

previous next