TL-ER604W V1 Datasheet
Page 1
All rights reserved. TL-ER604W TP-LINK Wireless N Gigabit Broadband VPN Router TL-ER604W Highlights 1 Gigabit WAN port, 3 Gigabit LAN ports and 1 Gigabit WAN/LAN port Supports IPsec/PPTP/L2TP VPN protocols with up to 30 IPsec, 8 PPTP and 8 L2TP VPN tunnels simultaneously Deploys One-Click restriction of IM/P2P applications to manage sta online behavior 300Mbps wireless N speed provides...
All rights reserved. TL-ER604W TP-LINK Wireless N Gigabit Broadband VPN Router TL-ER604W Highlights 1 Gigabit WAN port, 3 Gigabit LAN ports and 1 Gigabit WAN/LAN port Supports IPsec/PPTP/L2TP VPN protocols with up to 30 IPsec, 8 PPTP and 8 L2TP VPN tunnels simultaneously Deploys One-Click restriction of IM/P2P applications to manage sta online behavior 300Mbps wireless N speed provides...
TL-ER604W V1 Datasheet
Page 2
.../v2 PPPoE Server E-Bulletin 24 / 7 Global technical support Details:http://www.tplink.com/en/ Support/ German/Austrian/Swiss users are not included www.tp-link.com Gigabit Dual-WAN VPN Router TL-ER604W TP-LINK's TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router supports wireless N and gigabit wired speeds on speedy, reliable connections for di erent department or user groups.
.../v2 PPPoE Server E-Bulletin 24 / 7 Global technical support Details:http://www.tplink.com/en/ Support/ German/Austrian/Swiss users are not included www.tp-link.com Gigabit Dual-WAN VPN Router TL-ER604W TP-LINK's TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router supports wireless N and gigabit wired speeds on speedy, reliable connections for di erent department or user groups.
TL-ER604W V1 Datasheet
Page 3
TL-ER604W Specifications Hardware Features Standards and Protocols: IEEE 802.11b/g/n, 802.3, 802.3u, 802.3ab, TCP/IP, DHCP, ICMP, NAT, PPPoE, SNTP, HTTP, DNS, IPsec, PPTP, ... Session Limit Load Balance: Intelligent Load Balance, Policy Routing, Protocol Binding, Link Backup (Timing, Failover), Online Detection Routing: Static Routing, Dynamic Routing (RIP v1/v2) VPN (Virtual Private Network) IPsec VPN: 30 IPsec VPN Tunnels, LAN-to-LAN and Client-to-LAN IPsec VPN, Main, Aggressive Negotiation Mode, DES, 3DES, AES128, AES192, AES256 Encryption Algorithm...
TL-ER604W Specifications Hardware Features Standards and Protocols: IEEE 802.11b/g/n, 802.3, 802.3u, 802.3ab, TCP/IP, DHCP, ICMP, NAT, PPPoE, SNTP, HTTP, DNS, IPsec, PPTP, ... Session Limit Load Balance: Intelligent Load Balance, Policy Routing, Protocol Binding, Link Backup (Timing, Failover), Online Detection Routing: Static Routing, Dynamic Routing (RIP v1/v2) VPN (Virtual Private Network) IPsec VPN: 30 IPsec VPN Tunnels, LAN-to-LAN and Client-to-LAN IPsec VPN, Main, Aggressive Negotiation Mode, DES, 3DES, AES128, AES192, AES256 Encryption Algorithm...
TL-ER604W V1 Datasheet
Page 4
All rights reserved. TL-ER604W Package Contents: SafeStream Wireless N Gigabit Broadband VPN Router TL-ER604W, Power Adapter, RJ45 Ethernet Cable, Quick Installation Guide, Resource CD System Requirement: Microsoft® Windows® 8/7/Vista/ XP/2000, MAC® OS, Linux-...8457;), Storage Temperature: -40℃~70℃ (-40℉~158℉), Operating Humidity: 10%~90% non-condensing, Storage Humidity: 5%~90% non-condensing Product Model TL-ER604W Description SafeStream Wireless N Gigabit Broadband VPN Router www.tp-link.com Copyright © 2013 TP-LINK Technologies Co., Ltd.
All rights reserved. TL-ER604W Package Contents: SafeStream Wireless N Gigabit Broadband VPN Router TL-ER604W, Power Adapter, RJ45 Ethernet Cable, Quick Installation Guide, Resource CD System Requirement: Microsoft® Windows® 8/7/Vista/ XP/2000, MAC® OS, Linux-...8457;), Storage Temperature: -40℃~70℃ (-40℉~158℉), Operating Humidity: 10%~90% non-condensing, Storage Humidity: 5%~90% non-condensing Product Model TL-ER604W Description SafeStream Wireless N Gigabit Broadband VPN Router www.tp-link.com Copyright © 2013 TP-LINK Technologies Co., Ltd.
TL-ER604W V1 User Guide 1910010844
Page 5
3.8.7 Logs ...128 Chapter 4 Application...130 4.1 Network Requirements...130 4.2 Network Topology...131 4.3 Configurations...131 4.3.1 Internet Setting ...131 4.3.2 VPN Setting ...133 4.3.3 Network Management 139 4.3.4 Network Security...143 Appendix A Hardware Specifications 148 Appendix B FAQ ...149 Appendix C Glossary 151 -IV-
3.8.7 Logs ...128 Chapter 4 Application...130 4.1 Network Requirements...130 4.2 Network Topology...131 4.3 Configurations...131 4.3.1 Internet Setting ...131 4.3.2 VPN Setting ...133 4.3.3 Network Management 139 4.3.4 Network Security...143 Appendix A Hardware Specifications 148 Appendix B FAQ ...149 Appendix C Glossary 151 -IV-
TL-ER604W V1 User Guide 1910010844
Page 7
...this Guide the following conventions are used in this guide. -2- Chapter 1 About this Guide This User Guide contains information for TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router without any explanation. Menu Name→Submenu Name→Tab page indicates the menu structure. Please read this... Readers This Guide is located under the NAT menu option that helps you make better use of your device. 1.3 Overview of TL-ER604W Router. Provides the possible solutions to the problems that may occur during the installation and operation of the Router on the enterprise...
...this Guide the following conventions are used in this guide. -2- Chapter 1 About this Guide This User Guide contains information for TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router without any explanation. Menu Name→Submenu Name→Tab page indicates the menu structure. Please read this... Readers This Guide is located under the NAT menu option that helps you make better use of your device. 1.3 Overview of TL-ER604W Router. Provides the possible solutions to the problems that may occur during the installation and operation of the Router on the enterprise...
TL-ER604W V1 User Guide 1910010844
Page 8
...Wireless N Gigabit Broadband VPN Router TL-ER604W. 2.1 Overview of cost-effective secure remote connections to headquarters or remote offices. It integrates multiple VPN protocols, high-security and high-performance VPN capabilities, making it ...an ideal choice for certain users. + Supporting URL Filtering to prevent potential hazards from visiting the malicious Web sites. Powerful Firewall + Supporting One-Click IP-MAC Binding to avoid ARP spoofing and guarantee a network without stagnation. + Featured Attack Defense to protect the network from TP-LINK...
...Wireless N Gigabit Broadband VPN Router TL-ER604W. 2.1 Overview of cost-effective secure remote connections to headquarters or remote offices. It integrates multiple VPN protocols, high-security and high-performance VPN capabilities, making it ...an ideal choice for certain users. + Supporting URL Filtering to prevent potential hazards from visiting the malicious Web sites. Powerful Firewall + Supporting One-Click IP-MAC Binding to avoid ARP spoofing and guarantee a network without stagnation. + Featured Attack Defense to protect the network from TP-LINK...
TL-ER604W V1 User Guide 1910010844
Page 10
... 5dBi antennas Supports WEP, WPA/WPA2, WPA-PSK/WPA2-PSK Encryption Supports WDS, Multi-SSID, Guest Network VPN Supports IPsec VPN and provides up to 30 IPsec VPN tunnels Supports IPSec VPN in LAN-to-LAN or Client-to-LAN Provides DES, 3DES, AES128, AES152, AES256 encryption, MD5, SHA1...
... 5dBi antennas Supports WEP, WPA/WPA2, WPA-PSK/WPA2-PSK Encryption Supports WDS, Multi-SSID, Guest Network VPN Supports IPsec VPN and provides up to 30 IPsec VPN tunnels Supports IPSec VPN in LAN-to-LAN or Client-to-LAN Provides DES, 3DES, AES128, AES152, AES256 encryption, MD5, SHA1...
TL-ER604W V1 User Guide 1910010844
Page 12
..., it means the Router is restored successfully. Wifi button Press this button to enable or disable WI-FI. 2.3.2 Rear Panel The rear panel of TL-ER604W is where you will connect the power adapter. Note: Please use the power adapter provided with this button to the factory defaults. Figure 2-2 Rear Panel... and transmitting the wireless data. Power The power socket is shown as the following figure. Please use only the power cord provided with this TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router. On/Off Press this Router. -7-
..., it means the Router is restored successfully. Wifi button Press this button to enable or disable WI-FI. 2.3.2 Rear Panel The rear panel of TL-ER604W is where you will connect the power adapter. Note: Please use the power adapter provided with this button to the factory defaults. Figure 2-2 Rear Panel... and transmitting the wireless data. Power The power socket is shown as the following figure. Please use only the power cord provided with this TL-ER604W SafeStream Wireless N Gigabit Broadband VPN Router. On/Off Press this Router. -7-
TL-ER604W V1 User Guide 1910010844
Page 94
.... Activate or inactivate the entry. List of Rules You can upgrade the application database. You can click to upgrade the database. 3.6 VPN VPN (Virtual Private Network) is to limit all the applications in Figure 3-59 indicates: The group1 is 7:00-9:00 on the Application Rules page,...buttons. Choose the menu Firewall→App Control→Database to the Internet directly, though can download the latest database from http://www.tp-link.com, Click the button and select the file, and then click the button to view the limited applications in the application list ...
.... Activate or inactivate the entry. List of Rules You can upgrade the application database. You can click to upgrade the database. 3.6 VPN VPN (Virtual Private Network) is to limit all the applications in Figure 3-59 indicates: The group1 is 7:00-9:00 on the Application Rules page,...buttons. Choose the menu Firewall→App Control→Database to the Internet directly, though can download the latest database from http://www.tp-link.com, Click the button and select the file, and then click the button to view the limited applications in the application list ...
TL-ER604W V1 User Guide 1910010844
Page 95
...protocols. SKEME describes another key exchange mode different from those described by TL-ER604W contain Layer 3 IPsec and Layer 2 L2TP/PPTP. 3.6.1 IKE In the IPsec VPN, to users. Figure 3-61 VPN - Choose the menu VPN→IKE→IKE Policy to establish a private connection between two endpoints... and de-encapsulated in the Router, the tunneling topology implemented by encrypting the data and using the information both known. The VPN (Virtual Private Network) technology is used to secure the transmission data. 3.6.1.1 IKE Policy On this page you can guarantee a...
...protocols. SKEME describes another key exchange mode different from those described by TL-ER604W contain Layer 3 IPsec and Layer 2 L2TP/PPTP. 3.6.1 IKE In the IPsec VPN, to users. Figure 3-61 VPN - Choose the menu VPN→IKE→IKE Policy to establish a private connection between two endpoints... and de-encapsulated in the Router, the tunneling topology implemented by encrypting the data and using the information both known. The VPN (Virtual Private Network) technology is used to secure the transmission data. 3.6.1.1 IKE Policy On this page you can guarantee a...
TL-ER604W V1 User Guide 1910010844
Page 96
... to IPsec policy. Exchange Mode: Select the IKE Exchange Mode in IKE negotiation. FQDN: uses a name as the ID in phase 1, and ensure the remote VPN peer uses the same mode. Main: Main mode provides identity protection and exchanges more information, which applies to the scenarios with higher requirement for...
... to IPsec policy. Exchange Mode: Select the IKE Exchange Mode in IKE negotiation. FQDN: uses a name as the ID in phase 1, and ensure the remote VPN peer uses the same mode. Main: Main mode provides identity protection and exchanges more information, which applies to the scenarios with higher requirement for...
TL-ER604W V1 User Guide 1910010844
Page 97
... a DPD request to the peer to load the following page. -92- DPD Interval: Enter the interval after which the DPD is selected. Choose the menu VPN→IKE→IKE Proposal to inspect whether the IKE peer is selected, enter the name of visible characters without blank space. SA Lifetime: Specify...
... a DPD request to the peer to load the following page. -92- DPD Interval: Enter the interval after which the DPD is selected. Choose the menu VPN→IKE→IKE Proposal to inspect whether the IKE peer is selected, enter the name of visible characters without blank space. SA Lifetime: Specify...
TL-ER604W V1 User Guide 1910010844
Page 99
... has two important security protocols, AH (Authentication Header) and ESP (Encapsulating Security Payload). ESP is used to load the following page. -94- Choose the menu VPN→IPsec→IPsec Policy to check the data integrity and encrypt the packets. AH is used to data de-encryption. DH1: 768 bits...
... has two important security protocols, AH (Authentication Header) and ESP (Encapsulating Security Payload). ESP is used to load the following page. -94- Choose the menu VPN→IPsec→IPsec Policy to check the data integrity and encrypt the packets. AH is used to data de-encryption. DH1: 768 bits...
TL-ER604W V1 User Guide 1910010844
Page 101
... is easy to be IP address or Domain name. Select the PFS (Perfect Forward Security) for the VPN tunnel are manually inputted and no policy selection, add new policy on VPN→IKE→IKE Policy page. Up to four IPsec Proposals can be de-encrypted, in Phase2. ...create a new key in this case, the communication secrecy is needed. Select the negotiation mode for the policy. IKE: The parameters for the VPN tunnel are generated automatically via IKE negotiations. Manual: All settings (including the keys) for IKE mode to enhance security. It's formed by ...
... is easy to be IP address or Domain name. Select the PFS (Perfect Forward Security) for the VPN tunnel are manually inputted and no policy selection, add new policy on VPN→IKE→IKE Policy page. Up to four IPsec Proposals can be de-encrypted, in Phase2. ...create a new key in this case, the communication secrecy is needed. Select the negotiation mode for the policy. IKE: The parameters for the VPN tunnel are generated automatically via IKE negotiations. Manual: All settings (including the keys) for IKE mode to enhance security. It's formed by ...
TL-ER604W V1 User Guide 1910010844
Page 103
... IPsec Proposal The following page. The IPsec proposal can view the information of IPsec policies and edit them by the action buttons. Choose the menu VPN→IPsec→IPsec Proposal to load the following items are displayed on this screen: IPsec Proposal Proposal Name: Specify a unique name to the...
... IPsec Proposal The following page. The IPsec proposal can view the information of IPsec policies and edit them by the action buttons. Choose the menu VPN→IPsec→IPsec Proposal to load the following items are displayed on this screen: IPsec Proposal Proposal Name: Specify a unique name to the...
TL-ER604W V1 User Guide 1910010844
Page 105
...L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol). The SPI value is obtained via auto-negotiation. 3.6.3 L2TP/PPTP Layer 2 VPN tunneling protocol consists of IPsec policy in the figure, the Router is using PPP (Point to the packet by using WAN2 for each tunnel after... PPTP IP network Single tunnel 6 bytes at least Not supported L2TP IP network of the IPsec SA (Security Association). Choose the menu VPN→IPsec→IPsec SA to protect data flows for tunnel connection, and the IP address of WAN2 and the default gateway of this...
...L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol). The SPI value is obtained via auto-negotiation. 3.6.3 L2TP/PPTP Layer 2 VPN tunneling protocol consists of IPsec policy in the figure, the Router is using PPP (Point to the packet by using WAN2 for each tunnel after... PPTP IP network Single tunnel 6 bytes at least Not supported L2TP IP network of the IPsec SA (Security Association). Choose the menu VPN→IPsec→IPsec SA to protect data flows for tunnel connection, and the IP address of WAN2 and the default gateway of this...
TL-ER604W V1 User Guide 1910010844
Page 106
.... Server: In this mode, the device sends a request to access the LAN of the server and Internet. Mode: Specify the working mode for VPN tunnel. Hello Interval: Specify the interval to -Internet function. Options include: Client: In this mode, the Router responds the request from the remote... client for establishing a tunnel. -101- Figure 3-67 L2TP/PPTP Tunnel The following page. Choose the menu VPN→L2TP/PPTP→L2TP/PPTP Tunnel to load the following items are displayed on this screen: General Enable...
.... Server: In this mode, the device sends a request to access the LAN of the server and Internet. Mode: Specify the working mode for VPN tunnel. Hello Interval: Specify the interval to -Internet function. Options include: Client: In this mode, the Router responds the request from the remote... client for establishing a tunnel. -101- Figure 3-67 L2TP/PPTP Tunnel The following page. Choose the menu VPN→L2TP/PPTP→L2TP/PPTP Tunnel to load the following items are displayed on this screen: General Enable...
TL-ER604W V1 User Guide 1910010844
Page 107
... address range for the tunnel. Enter the IP address of the client which is a LAN. It should be configured identically on the remote peer of VPN tunnel.) It's the combination of L2TP/PPTP tunnel.) This item is available for Client mode. Enter the Pre-shared Key for the tunnel. Enter the...
... address range for the tunnel. Enter the IP address of the client which is a LAN. It should be configured identically on the remote peer of VPN tunnel.) It's the combination of L2TP/PPTP tunnel.) This item is available for Client mode. Enter the Pre-shared Key for the tunnel. Enter the...
TL-ER604W V1 User Guide 1910010844
Page 108
... are displayed on this screen: IP Address Pool Pool Name: Specify a unique name to the IP Address Pool for IP Pool. Choose the menu VPN→L2TP/PPTP→List of L2TP/PPTP Tunnel to load the following page. -103- Status Activate or inactivate the entry. List of Configurations... of IP Pools and edit them by the action buttons. The start and the end IP address for identification and management purposes. Choose the menu VPN→L2TP/PPTP→IP Address Pool to load the following page.
... are displayed on this screen: IP Address Pool Pool Name: Specify a unique name to the IP Address Pool for IP Pool. Choose the menu VPN→L2TP/PPTP→List of L2TP/PPTP Tunnel to load the following page. -103- Status Activate or inactivate the entry. List of Configurations... of IP Pools and edit them by the action buttons. The start and the end IP address for identification and management purposes. Choose the menu VPN→L2TP/PPTP→IP Address Pool to load the following page.