How do I allow fragmented packets on a TL-ER6120?

How do I allow fragmented packets on a TL-ER6120?
How do I allow fragmented packets on a TL-ER6120?
2014-03-12 23:58:38
Region : UnitedStates

Model : TL-ER6120

Hardware Version : V1

Firmware Version :

ISP :


I have a TL-ER6120, with two WAN connections using transparent bridging. I have the connections setup in a failover configuration, not doing traffic or other balancing.

There is a device on my internal network that needs to initiate an outbound IPSec tunnel.

For whatever reason, the IPSec ALG is not effective, so I have manually enabled port forwarding on UDP 500, 4500, 123 and TCP 443 to this device. The last thing I need to enable is the passing of fragmented packets.

In the interface, I go to Firewall -} Attack Defense.
Under "Packet Anomaly Defense", no matter what set of features I choose anywhere else in the router (I have tried disabling literally every advanced feature) the "Block Fragment Traffic" option is checked AND grayed out so I cannot uncheck it.

How do I turn off this "feature" so it stops interfering with what I need my network to do?
0
0
#1
Options
1 Reply
Re:How do I allow fragmented packets on a TL-ER6120?
2015-02-09 04:58:41
Hello - I have the same question - I've been trying to measure bandwidth with iperf and the ER6120 logs show traffic is being blocked because of fragments - http://www.tp-link.us/article/?faqid=449 describes the process as FAQ449 - the FAQ defines a precondition "Open the NAT and close the firewall" which does not seem to be an option on the ER6120 yet FAQ449 says "DUT (Device under Test): TL-ER5120/TL-ER6120."

How do you disable (totally) the firewall?
0
0
#2
Options