TP-Link TL-ER6020 - Manual

-2- Chapter 1 About this Guide This User Guide contains information for setup and management of TL-ER6020 Router. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for Network Engineer and Network Administrator. 1.2 Conventions In this Guide the following...

-4- Chapter 2 Introduction Thanks for choosing the SafeStream TM Gigabit Dual-WAN VPN Router TL-ER6020. 2.1 Overview of the Router The SafeStream TM Gigabit Dual-WAN VPN Router TL-ER6020 from TP-LINK possesses excellent data processing capability and multiple powerful functions including IPsec/PPTP/...

-8- 2.3.2 Rear Panel The rear panel of TL-ER6020 is shown as the following figure.  Power Socket Connect the female connector of the power cord to this power socket, and the male connector to the AC power outlet. Please make sure the voltage of the power supply meets the requirement of the input vo...

-9- Chapter 3 Configuration 3.1 Network 3.1.1 Status The Status page shows the system information, the port connection status and other information related to this Router. Choose the menu Network → Status to load the following page. Figure 3-1 Status 3.1.2 System Mode The TL-ER6020 Router can work i...

-10- Figure 3-2 Network Topology - NAT Mode If your Router is connecting the two networks of different areas in a large network environment with a network topology as the Figure 3-3 shown, and forwards the packets between these two networks by the Routing rules, you can set it to Non-NAT mode. Figur...

-11- Figure 3-4 Network Topology – Classic Mode Choose the menu Network → System Mode to load the following page. Figure 3-5 System Mode You can select a System Mode for your Router according to your network need.  NAT Mode NAT (Network Address Translation) mode allows the Router to translate priva...

-13- Figure 3-6 WAN – Static IP The following items are displayed on this screen:  Static IP Connection Type: Select Static IP if your ISP has assigned a static IP address for your computer. IP Address: Enter the IP address assigned by your ISP. If you are not clear, please consult your ISP. Subnet...

-14- Upstream Bandwidth: Specify the bandwidth for transmitting packets on the port. Downstream Bandwidth: Specify the bandwidth for receiving packets on the port. 2) Dynamic IP If your ISP (Internet Service Provider) assigns the IP address automatically, please choose the Dynamic IP connection type...

-16-  Dynamic IP Status Status: Displays the status of obtaining an IP address from your ISP.  “Disabled” indicates that the Dynamic IP connection type is not applied.  “Connecting” indicates that the Router is obtaining the IP parameters from your ISP.  “Connected” indicates that the Router has...

-20-  PPPoE Status Status: Displays the status of PPPoE connection.  “Disabled” indicates that the PPPoE connection type is not applied.  “Connecting” indicates that the Router is obtaining the IP parameters from your ISP.  “Connected” indicates that the Router has successfully obtained the IP p...

-21- Figure 3-9 WAN - L2TP The following items are displayed on this screen:  L2TP Settings Connection Type: Select L2TP if your ISP provides a L2TP connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Internet connection...

-22- Account Name: Enter the Account Name provided by your ISP. If you are not clear, please consult your ISP. Password: Enter the Password provided by your ISP. Server IP: Enter the Server IP provided by your ISP. MTU: MTU (Maximum Transmission Unit) is the maximum data unit transmitted by the phys...

-24- 5) PPTP If your ISP (Internet Service Provider) has provided the account information for the PPTP connection, please choose the PPTP connection type. Figure 3-10 WAN - PPTP The following items are displayed on this screen:  PPTP Settings Connection Type: Select PPTP if your ISP provides a PPTP...

-27- Figure 3-11 WAN – Bigpond The following items are displayed on this screen:  BigPond Settings Connection Type: Select BigPond if your ISP provides a BigPond connection. Click <Connect> to dial-up to the Internet and obtain the IP address. Click <Disconnect> to disconnect the Intern...

-28- Auth Domain: Enter the domain name of authentication server. It's only required when the address of Auth Server is a server name. Auth Mode: You can select the proper Active mode according to your need.  Manual: Select this option to manually activate or terminate the Internet connection by th...

-29- Default Gateway: Displays the IP address of the default gateway assigned by your ISP. Note: To ensure the BigPond connection re-established normally, please restart the connection at least 5 seconds after the connection is off. 3.1.4 LAN 3.1.4.1 LAN On this page, you can configure the parameter...

-32-  DHCP Reservation MAC Address: Enter the MAC address of the computer for which you want to reserve the IP address. IP Address: Enter the reserved IP address. Description: Optional. Enter a description for the entry. Up to 28 characters can be entered. Status: Activate or Inactivate the corresp...

-33- Figure 3-16 DMZ – Public Mode In Private mode, the DMZ port allows the Hosts in DMZ to access Internet via NAT mode which translates private IP addresses within DMZ to public IP addresses for transport over Internet. The Hosts in DMZ can directly communicate with LAN using the private IP addres...

-35- Set the MAC Address for LAN port: In a complex network topology with all the ARP bound devices, if you want to use TL-ER6020 instead of the current router in a network node, you can just set the MAC address of TL-ER6020‘s LAN port the same to the MAC address of the previous router, which can av...

-36- MAC Clone: It’s only available for WAN port. Click the <Restore Factory MAC> button to restore the MAC address to the factory default value or click the <Clone Current PC’s MAC> button to clone the MAC address of the PC you are currently using to configure the Router. Then click <...

-37- The following items are displayed on this screen:  Statistics Unicast: Displays the number of normal unicast packets received or transmitted on the port. Broadcast: Displays the number of normal broadcast packets received or transmitted on the port. Pause: Displays the number of flow control f...

-39- The entry in Figure 3-21 indicates: The outgoing packets sent by port 1, port 2, port 3 and port 5 (mirrored ports) will be copied to port 4 (mirroring port). Application Example: To monitor all the traffic and analyze the network abnormity for an enterprise’s network, please set the Port Mirro...

-40- Figure 3-22 Rate Control The following items are displayed on this screen:  Rate Control Port: Displays the port number. Ingress Limit: Specify whether to enable the Ingress Limit feature. Ingress Rate: Specify the limit rate for the ingress packets. Egress Limit: Specify whether to enable Egr...

-41- Figure 3-23 Port Config The following items are displayed on this screen:  Port Config Status: Specify whether to enable the port. The packets can be transported via this port after being enabled. Flow Control: Allows you to enable/disable the Flow Control function. Negotiation Mode: Select th...

-42- 3.1.7.6 Port VLAN A VLAN (Virtual Local Area Network) is a network topology configured according to a logical scheme rather than the physical layout, which allows you to divide the physical LAN into multiple logical LANs so as to control the communication among the ports . The VLAN function can...

-45- User Name: Select the name of the desired User. Available Group: Displays the Groups that the User can join. Selected Group: Displays the Groups to which this User belongs. Group Name: Select the name of the desired Group. Group Structure: Click this button to view the tree structure of this gr...

-49- Configuration procedure 1. Establish the Multi-Nets NAT entries with Subnet/Mask of VLAN2 and VLAN3. The configured entries are as follows: 2. Then set the corresponding Static Route entry, enter the IP address of the interface connecting the Router and the three layer switch into the Next Hop ...

-50- Choose the menu Advanced → Routing → Static Route to load the following page. The Static Route entry is as follows: 3.3.1.4 Virtual Server Virtual server sets up public services in your private network, such as DNS, Email and FTP, and defines a service port. All the service requests to this por...

-52- Note: ● The External port and Internal Port should be set in the range of 1-65535. ● The external ports of different entries should be different, whereas the internal ports can be the same.  List of Rules In this table, you can view the information of the entries and edit them by the Action bu...

-53- p to 28 characters can be entered. Interface: Select an interface for forwarding data packets. Trigger Port: Enter the trigger port number or the range of port. Only when the trigger port initiates connection will all the corresponding incoming ports open and provide service for the application...

-54- 3.3.1.6 Some special protocols such as (Application Layer Gateway) service is enabled. Choose the menu Advanced → NAT → ALG to load the following page. ALG FTP, H.323, SIP, IPsec and PPTP will work properly only when ALG Figure 3-34 ALG The following items are displayed on this screen:  ALG En...

-55- 3.3.2.1 Setup Choose the menu Advanced → Traffic Control → Setup to load the following page. Figure 3-35 Configuration The following items are displayed on this screen:  G ime: Enable Bandwidth n: With this option selected, the Bandwidth Control will take effect when the bandwidth usage reache...

-56-  Interface B ndwidth Interface: tal bandwidth is equal to Bandwidth: e Downstream Bandwidth of WAN port can be configured on WAN page. a Displays the current enabled WAN port(s). The To the sum of bandwidth of the enabled WAN ports. Displays the bandwidth of each WAN port for transmitting data...

-58- Note: ● The premise for single rule taking effect is that the bandwidth of the interface for this rule is sufficient and not used up. ● It is impossible to satisfy all the guaranteed bandwidth if the total guaranteed bandwidth specified by all Bandwidth Control rules for certain interface excee...

-59-  Session Limit ion: Status: Activate or inactivate the entry. ssions for the hosts within group1 ed. Limit. Choose the menu Advanced → Session Limit → Session List to load the following page. Group: Select a group to define the controlled users. Max. Sessions: Enter the max. Sessions for the u...

-60- Figure 3-39 Configuration With the box before Enable Application Optimized Routing checked, the Router will consider the source IP address and destination IP address of the packets as a whole and record the WAN port they pass t And then the packets with the same source IP address and destinatio...

-61- The following items are displa is screen:  General yed on th Protocol: Select the protocol for the entry in the drop-down list. If the protocol you want to set is not in the list, you can add it to the list on 3.3.4.4 Protocol page. Source IP: Enter the source IP range for the entry. 0.0.0.0 -...

-63- Timing: Link Backup will be enabled if the specified effective time is reached. All the traffic on the primary WAN will switch to the backup WAN at the beginning of the effective time; the traffic on the backup WAN will switch to the primary WAN at the ending of the effective time. Specify the ...

-64- Figure 3-42 Protocol The following items are displayed on this screen:  Protocol Name: Enter a name to indicate a protocol. The name will display in the drop-down list of Protocol on Access Rule page. Number: Enter the Number of the protocol in the range of 0-255.  List of Protocol You can vi...

-66- The first entry in Figure 3-43 indicates: If there are packets being sent to a device with IP address of 211.162.1.0 and subnet mask of 255.255.255.0, the Router will forward the packets from WAN1 port to the next hop of 211.200.1.1. Application Example There is a network topology as the follow...

-67- The distance of RIP refers to the hop counts that a data packet passes through before reaching its destination, the value range of which is 1–15. It means the destination cannot be reached if the value is more than 15. Optimal path indicates the path with the fewest hop counts. RIP exchanges th...

-68- Authentication: network situation, and the password should not be more than 15 characters. All Interfaces: Here you can operate all the interfaces in bulk. All the interfaces will not apply RIP if “Enable” option for All Interfaces is selected.  List of RIP After RIP is enabled, the informatio...

-71- You can view the information of the entries and edit them by the Action buttons. The first entry in Figure 3-46 indicates: The IP address of 192.168.1.101 and MAC address of 00-19-66-83-53-CF have been bound and this entry is activated. Note: If all the entries in the binding list are disabled ...

-72- Indicates that the IP and MAC address of this entry are already bound. To bind the entries in the list, check these entries and click the <Import> button, then the settings will take effect if the entries do not conflict with the existed entries. Note: If the local hosts suffered from ARP...

-73- Figure 3-49 Attack Defense The following items are displayed on this screen:  General Flood Defense: Flood attack is a commonly used DoS (Denial of Service) attack, including TCP SYN, UDP, ICMP and so on. It is recommended to select all the Flood Defense options and specify the corresponding t...

-74- Packet Anomaly Defense: Packet Anomaly refers to the abnormal packets. It is recommended to select all the Packet Anomaly Defense options. Enable Attack Defense Logs: With this box checked, the Router will record the defense logs. 3.4.3 MAC Filtering On this page, you can control the Internet a...

-75-  List of Rules You can view the information of the entries and edit them by the Action buttons. 3.4.4 Access Control 3.4.4.1 URL Filtering URL (Uniform Resource Locator) specifies where an identified resource is available and the mechanism for retrieving it. URL Filter functions to filter the ...

-79- Priority: Select this option to specify the priority for the added entries. The latest enabled entry will be displayed at the end of the list by default.  List of Rules You can view the information of the entries and edit them by the Action buttons. The smaller the value is, the higher the pri...

-80- Figure 3-54 Service The following items are displayed on this screen:  Service Name: Enter a name for the service. The name should not be more than 28 characters. The name will display in the drop-down list of Protocol on Access Rule page. Protocol: Select the protocol for the service. The sys...

-81- 3.4.5 App Control 3.4.5.1 Control Rules On this page, you can enable the Application Rules function. Choose the menu Firewall → App Control → Control Rules to load the following page. Figure 3-55 Application Rules The following items are displayed on this screen:  General Check the box before ...

-82- Application: Click the <Application List> button to select applications from the popup checkbox. The applications include IM, Web IM, SNS, P2P, Media, Basic and Proxy. The default setting is to limit all the applications in the application list except for Basic and Proxy. Effective Time: ...

-84- 3.5.1.1 IKE Policy On this page you can configure the related parameters for IKE negotiation. Choose the menu VPN → IKE → IKE Policy to load the following page. Figure 3-58 IKE Policy The following items are displayed on this screen:  IKE Policy Policy Name: Specify a unique name to the IKE po...

-86- DPD Interval: Enter the interval after which the DPD is triggered.  List of IKE Policy In this table, you can view the information of IKE Policies and edit them by the action buttons. 3.5.1.2 IKE Proposal On this page, you can define and edit the IKE Proposal. Choose the menu VPN → IKE → IKE P...

-87- Encryption: Specify the encryption algorithm for IKE negotiation. Options include:  DES: DES (Data Encryption Standard) encrypts a 64-bit block of plain text with a 56-bit key.  3DES: Triple DES, encrypts a plain text with 168-bit key.  AES128: Uses the AES algorithm and 128-bit key for encr...

-88- 3.5.2.1 IPsec Policy On this page, you can define and edit the IPsec policy. Choose the menu VPN → IPsec → IPsec Policy to load the following page. Figure 3-60 IPsec Policy The following items are displayed on this screen:  General You can enable/disable IPsec function for the Router here.  I...

-90- Phase2. As it is independent of the key created in Phase1, this key can be secure even when the key in Phase1 is de-encrypted. Without PFS, the key in Phase2 is created based on the key in Phase1 and thus once the key in Phase1 is de-encrypted, the key in Phase2 is easy to be de-encrypted, in t...

-91- AH Authentication Key-Out: Specify the outbound AH Authentication Key manually if AH protocol is used in the corresponding IPsec Proposal. The outbound key here must match the inbound AH authentication key at the other end of the tunnel, and vice versa. ESP Authentication Key-Out: Specify the o...

-93- ESP Authentication: Select the algorithm used to verify the integrity of the data for ESP authentication. Options include:  MD5: MD5 (Message Digest Algorithm) takes a message of arbitrary length and generates a 128-bit message digest.  SHA: SHA (Secure Hash Algorithm) takes a message less th...

-97- Remote Subnet: Enter the IP address range of your remote network. (It's always the IP address range of LAN on the remote peer of VPN tunnel.) It’s the combination of IP address and subnet mask. Status Activate or inactivate the entry.  List of Configurations In this table, you can view your co...

-100- Idle Timeout: Enter the maximum idle time. The session will be terminated after it has been inactive for this specified period. It can be 0-10080 minutes. If you want your Internet connection to remain on at all times, enter 0 in the Idle Timeout field. The default value is 30. Authentication:...

-101- Figure 3-67 IP Address Pool The following items are displayed on this screen:  IP Address Pool Pool Name: Specify a unique name to the IP Address Pool for identification and management purposes. IP Address Range: Specify the start and the end IP address for IP Pool. The start IP address shoul...

-103- Description: Enter the description for management and search purposes. Up to 28 characters can be entered. Status: Activate or inactivate the entry. MAC Binding: Select a MAC Binding type from the pull-down list. Options include:  Disable: Select this option to disable the MAC Binding functio...

-104- The following items are displayed on this screen:  Exceptional IP IP Address Range: Specify the start and the end IP address to make an exceptional IP address range. This range should be in the same IP range with LAN port or DMZ port of the Router. The start IP address should not exceed the e...

-105- Figure 3-71 E-Bulletin The following items are displayed on this screen:  General Enable E-Bulletin: Specify whether to enable electronic bulletin function. Interval: Specify the interval to release the bulletin. Enable Logs: Specify whether to log the E-Bulletin.  E-Bulletin Title: Enter a ...

-107- latest IP address, the server will update the mappings between the domain name and IP address in DNS database. Therefore, the users can use the same domain name to access the DDNS client even if the IP address of the DDNS client has changed. DDNS is usually used for the Internet users to acces...

-109- Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of No-IP for register. Password: Enter the password of your DDNS account. Domain Name: Enter the Domain Name that you registered with your DDNS service provi...

-110- Figure 3-74 PeanutHull DDNS The following items are displayed on this screen:  PeanutHull DDNS Account Name: Enter the Account Name of your DDNS account. If you have not registered, click <Go to register> to go to the website of PeanutHull for register. Password: Enter the password of y...

-111- Domain Name: Displays the domain names obtained from the DDNS server. Up to 16 domain names can be displayed here.  List of PeanutHull Account In this table, you can view the existing DDNS entries or edit them by the Action button. 3.6.3.4 Comexe On this page you can configure Comexe DDNS cli...

-113-  General UPnP Function: Enable or disable the UPnP function globally.  List of UPnP Mapping After UPnP is enabled, all UPnP connection rules will be displayed in the list of UPnP Mapping. Up to 64 UPnP service connections are supported in TL-ER6020. The NO.1 entry in Figure 3-76 indicates: T...

-114- New User Name: Enter a new user name for the Router. New Password: Enter a new password for the Router. Confirm New Password: Re-enter the new password for confirmation. Note: ● The factory default password and user name are both admin. ● You should enter the new user name and password when ne...

-115- Telnet Idle Timeout: Enter a timeout period that the Router will log the remote PCs out of the Web-based Utility after a specified period (Telnet Idle Timeout) of inactivity. Note: ● The default Web Management Port is 80. If the port is changed, you should type in the new address, such as http...

-116- Application Example Network Requirements Allow the IP address within 210.10.10.0/24 segment to manage the Router with IP address of 210.10.10.50 remotely. Configuration Procedure Type 210.10.10.0/24 in the Subnet/Mask field on Remote Management page and enable the entry as the following figure...

-117- Figure 3-81 Export and Import The following items are displayed on this screen:  Configuration Version Displays the current Configuration version of the Router.  Export Click the <Export> button to save the current configuration as a file to your computer. You are suggested to take thi...

-118- Figure 3-82 Reboot Click the <Reboot> button to reboot the Router. The configuration will not be lost after rebooting. The Internet connection will be temporarily interrupted while rebooting. Note: To avoid damage, please don't turn off the device while rebooting. 3.7.2.4 Firmware Upgrad...

-119- Figure 3-84 License 3.7.4 Statistics 3.7.4.1 Interface Traffic Statistics Interface Traffic Statistics screen displays the detailed traffic information of each port and extra information of WAN ports. Choose the menu Maintenance → Statistics → Interface Traffic Statistics to load the following...

-120- Interface: Displays the interface. Rate Rx ： Displays the rate for receiving data frames. Rate Tx: Displays the rate for transmitting data frames. Packets Rx: Displays the number of packets received on the interface. Packets Tx: Displays the number of packets transmitted on the interface. Byte...

-121- Figure 3-86 IP Traffic Statistics The following items are displayed on this screen:  General Enable IP Traffic Statistics: Allows you to enable or disable IP Traffic Statistics. Enable Auto-refresh: Allows you to enable/disable refreshing the IP Traffic Statistics automatically. The default r...

-122- Figure 3-87 Diagnostics The following items are displayed on this screen:  Ping Destination IP/Domain: Enter destination IP address or Domain name here. Then select a port for testing, if you select “Auto”, the Router will select the interface of destination automatically. After clicking <...

-123- of destination automatically. After clicking the <Start> button, the Router will send Tracert packets to test the connectivity of the gateways during the journey from the source to destination of the test data and the results will be displayed in the box below. 3.7.5.2 Online Detection O...

-124- WAN Status: Display the detecting results. 3.7.6 Time System Time is the time displayed while the Router is running. On this page you can configure the system time and the settings here will be used for other time-based functions like Access Rule, PPPoE and Logs. Choose the menu Maintenance → ...

-125- Note: ● If Get GMT function cannot be used properly, please add an entry with UDP port of 123 to the firewall software of the PC. ● The time will be lost when the Router is restarted. The Router will obtain GMT time automatically from Internet. 3.7.7 Logs The Log system of Router can record, c...

-126- The Logs of switch are classified into the following eight levels. Severity Level Description Emergency 0 The system is unusable. Alert 1 Action must be taken immediately. Critical 2 Critical conditions Error 3 Error conditions Warning 4 Warnings conditions Notice 5 Normal but significant cond...

-127- Chapter 4 Application 4.1 Network Requirements The company has established the server farms in the headquarters to provide the Web, Mail and FTP services for all the staff in the headquarters and the branch offices, and to transmit the commercial confidential data to its partners. The dedicate...

-128- 4.2 Network Topology 4.3 Configurations You can configure the Router via the PC connected to the LAN port of this Router. To log in to the Router, the IP address of your PC should be in the same subnet of the LAN port of this Router. (The default subnet of LAN port is 192.168.0.0/24.). The IP ...

-130- Figure 4-3 Link Backup 4.3.2 VPN Setting To enable the hosts in the remote branch office (WAN: 116.31.85.133, LAN: 172.31.10.1) to access the servers in the headquarters, you can create the VPN tunnel via the TP-LINK VPN routers between the headquarters and the remote branch office to guarante...

-131- Authentication: MD5 Encryption: 3DES DH Group: DH2 Click the <Add> button to apply. Figure 4-4 IKE Proposal  IKE Policy Choose the menu VPN → IKE → IKE Policy to load the configuration page. Settings: Policy Name: IKE_1 Exchange Mode: Main IKE Proposal: proposal_IKE_1 (you just created)...

-132- Figure 4-5 IKE Policy Tips: For the VPN Router in the remote branch office, the IKE settings should be the same as the Router in the headquarters. 2) IPsec Setting To configure the IPsec function, you should create an IPsec Proposal firstly.  IPsec Proposal Choose the menu VPN → IPsec → IPsec...

-134- Figure 4-7 IPsec Policy Tips: For the VPN Router in the remote branch office, the IPsec settings should be consistent with the Router in the headquarters. The Remote Gateway of the remote Router should be set to the IP address of the Router in the headquarters. After the IPsec VPN tunnel of th...

-135-  L2TP/PPTP Tunnel Choose the menu VPN → L2TP/PPTP → L2TP/PPTP Tunnel to load the following page. Check the box of Enable VPN-to-Internet to allow the PPTP clients to access the local enterprise network and the Internet. Then continue with the following settings for the PPTP Tunnel. Settings: ...

-136- 4.3.3 Network Management To manage the enterprise network effectively and forbid the Hosts within the IP range of 192.168.0.30-192.168.0.50 to use IM/P2P application, you can set up a User Group and specify the network bandwidth limit and session limit for this group. The detailed configuratio...

-138- Application: Click the <Application List> button and select the applications desired to be blocked on the popup window. Status: Activate Figure 4-11 App Rules 4.3.3.3 Bandwidth Control To enable Bandwidth Control, you should configure the total bandwidth of interfaces and the detailed ba...

-141- 4.3.4.1 LAN ARP Defense You can configure IP-MAC Binding manually or by ARP Scanning. For the first time configuration, please bind most of the ARP information by ARP Scanning. For some special items not bound, you can bind them manually. 1) Scan and import the entries to ARP List Specify ARP ...

-142- Choose the menu Firewall → Anti ARP Spoofing → IP-MAC Binding to load the configuration page. To add the host with IP address of 192.168.1.20 and MAC address of 00-11-22-33-44-aa to the list, you can follow the settings below: Settings: IP Address: 192.168.0.20 MAC Address: 00-11-22-33-44-aa S...

-145- Figure 4-23 IP Traffic Statistics After all the above steps, the enterprise network will be operated based on planning.

-146- Chapter 5 CLI TL-ER6020 provides a Console port for CLI (Command Line Interface) configuration, which enables you to configure the Router by accessing the CLI from console (such as Hyper Terminal) or Telnet. The following part will introduce the steps to access CLI via Hyper Terminal and some ...

-148- Figure 5-4 Port Settings 6. Choose File → Properties → Settings on the Hyper Terminal window as Figure 5-5 shows, then choose VT100 or Auto detect for Emulation and click OK . Figure 5-5 Connection Properties Settings

-149- 7. The DOS prompting “TP-LINK>” will appear after pressing the Enter button in the Hyper Terminal window as Figure 5-6 shows. Figure 5-6 Log in the Router 5.2 Interface Mode The CLI of TL-ER6020 offers two command modes: User EXEC Mode and Privileged EXEC Mode. User EXEC Mode only allows us...

-152- 5.4 Command Introduction TL-ER6020 provides a number of CLI commands for users to manage the Router and user information. For better understanding, each command is followed by note which is the meaning of the command. 5.4.1 ip The ip command is used to view or configure the IP address and subn...

-156- TP-LINK > history 1. history 2. sys show 3. history View the history command. TP-LINK > history clear 1. history 2. sys show 3. history 4. history clear Clear the history command. 5.4.6 exit The exit command is used to exit the system when logging in by Telnet. TP-LINK > exit Exit CLI...

-157- Appendix A Hardware Specifications Standards IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3x, TCP/ IP, DHCP, ICMP, NAT 、 PPPoE, SNTP, HTTP, DNS, L2TP, PPTP, IPsec Two 10/100/1000M Auto-Negotiation WAN RJ45 port (Auto MDI/MDIX) Two 10/100/1000M Auto-Negotiation LAN RJ45 ports (Auto MDI/MDIX)...

-158- Appendix B FAQ Q1. What can I do if I cannot access the web-based configuration page? 1. For the first login, please try the following steps: 1) Make sure the cable is well connected to the LAN port of the Router. The corresponding LED should flash or be solid light. 2) Make sure the IP addres...

-159- Q3: What can I do if the Router with the remote management function enabled cannot be accessed by the remote computer? 1. Make sure that the IP address of the remote computer is in the subnet allowed to remotely access the router. 2. If the router’s management port has been modified, please lo...

-160- Appendix C Glossary Glossary Description DSL (Digital Subscriber Line) A technology that allows data to be sent or received over existing traditional phone lines. ALG （ Application Layer Gateway ） Application Level Gateway (ALG) is application specific translation agent that allows an applicat...