Archer C4000 User Guide

Chapter 9 Network Security

This chapter guides you on how to protect your home network from cyber attacks and unauthorized users by implementing these three network security functions. You can protect your home network against DoS (Denial of Service) attacks from flooding your network with server requests using DoS Protection, block or allow specific client devices to access your network using Access Control, or you can prevent ARP spoofing and ARP attacks using IP & MAC Binding.

It contains the following sections:

Protect the Network from Cyber Attacks

Access Control

IP & MAC Binding

1. Protect the Network from Cyber Attacks

The SPI (Stateful Packet Inspection) Firewall protects the router from cyber attacks and validate the traffic that is passing through the router based on the protocol. This function is enabled by default.

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > Firewall. It’s recommended to keep the default settings. If necessary, deselect corresponding checkbox and click Save.

2. Access Control

Access Control is used to block or allow specific client devices to access your network (via wired or wireless) based on a list of blocked devices (Blacklist) or a list of allowed devices (Whitelist).

I want to:

Block or allow specific client devices to access my network (via wired or wireless).

How can I do that?

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > Access Control.

3.Enable Access Control.

4.Select the access mode to either block (recommended) or allow the device(s) in the list.

To block specific device(s):

1 )Select Blacklist and click Save.

2 )Select the device(s) to be blocked in the Online Devices table by ticking the checkbox(es).

3 )Click Block above the Online Devices table. The selected devices will be added to Devices in Blacklist automatically.

To allow specific device(s):

1 )Select Whitelist and click Save.

2 )Click Add in the Devices in Whitelist section. Enter the Device Name and MAC Address (You can copy and paste the information from the Online Devices list if the device is connected to your network).

3 )Click OK.

Done!

Now you can block or allow specific client devices to access your network (via wired or wireless) using the Blacklist or Whitelist.

3. IP & MAC Binding

IP & MAC Binding, namely, ARP (Address Resolution Protocol) Binding, is used to bind network device’s IP address to its MAC address. This will prevent ARP Spoofing and other ARP attacks by denying network access to an device with matching IP address in the Binding list, but unrecognized MAC address.

I want to:

Prevent ARP spoofing and ARP attacks.

How can I do that?

1.Visit http://tplinkwifi.net, and log in with your TP-Link ID or the password you set for the router.

2.Go to Advanced > Security > IP & MAC Binding.

3.Enable IP&MAC Binding.

4.Bind your device(s) according to your need.

To bind the connected device(s):

Click to add the corresponding device to the Binding List.

To bind the unconnected device:

1 )Click Add in the Binding List section.

2 )Enter the MAC address and IP address that you want to bind. Enter a Description for this binding entry.

3 )Tick the Enable This Entry checkbox and click OK.

Done!

Now you don’t need to worry about ARP spoofing and ARP attacks!

 
Feedback