Feature Tour - more
Allows you to configure your DHCP server, view the DHCP Client list, and create DHCP reservations. The default DHCP reservation is only 120 minutes; 1440 minutes (1 day) is more common. The maximum lease time is 2 days.
DHCP reservation doesn’t allow you to set a reservation by choosing from a list of existing DHCP clients. Instead, you need to copy and paste the MAC address into the DHCP reservation entry box.
The TL-WR1043ND has a USB 2.0 port that you can use to share a storage device on your network. Unfortunately, the only way to share storage is via FTP. You can use a dedicated FTP client, use your browser by typing in ftp://router_ip_address, or use a browser FTP plugin.
This menu allows you to enable/disable FTP services, make FTP services available to the Internet, create user accounts, and grant RO or RW rights to users. You can also enable a DLNA server, specify the folders to be scanned by the server and set the scan update frequency.
This menu lets you set up Virtual Servers and forward ports or ranges of ports to LAN IP addresses. Figure 7 shows the list of common service ports. Of course, you can configure any port, such as 443 for HTTPS. This menu also lets you set up port triggering for gaming applications, configure an IP address as a DMZ host, and enable/view UPnP settings. Note that you can set different external and internal port numbers for each rule.
Figure 7: Port forwarding setup for HTTP
This menu has a couple of interesting options. Basic security lets you enable VPN passthrough, ALGs and the SPI firewall listed in the features above. Advanced security lets you configure your router to handle DoS (denial of service) attacks as shown in Figure 8.
Local management lets you specify up to four MAC addresses that can access the router's admin web interface. Remote management lets you specify a port to use for remote management and remote IP addresses allowed. Note the TL-WR1043ND does not support secure remote management via HTTPS - an unfortunate omission.
Figure 8: DoS protection
Enabling parental control allows you to restrict internet access to computers whose MAC address is not on a parental control list. Once enabled, you can enter the MAC address of the child's PC and block up to eight domains on the internet. You can also use any schedules that you’ve created under the Access control menu.
This menu allows you to enable internet access control and choose a default filter policy of either allowing or denying access by any enabled access control policy. You can create host and target rules based either on MAC or IP address, and a assign a schedule to each rule.
Figure 9 shows an example of a schedule that could be used in conjunction with a rule to restrict access “after school” on weekdays from 3:00PM to 6:00PM.
Figure 9: Access schedule
Advanced Routing - This menu allows you to set up a static route, or view the system routing table. Note that the TL-WR1043ND supports IPv4 only. No IPv6 functions or routing is supported.
Bandwidth control - This menu lets you enable bandwidth control and specify upload and download speeds. The router does not automatically measure your internet connection speed as many other routers do. So it's important to enter correct values here or the bandwidth settings you make won't be properly implemented.
Figure 10: Bandwidth control rules
Bandwidth rules (Figure 10) allow you to specify maximum and minimum upload and download speeds for an IP address or range of IP addresses for a range of ports and protocols. Download bandwidth limits in particular can be helpful for controlling bandwidth hogs. But you need to know the ports used by the services you want to control, which can be difficult for controlling gaming and Torrenting.
IP & MAC binding - In reading through the help, this feature looks very similar to DHCP reservation which allows you to assign an IP address to a specific MAC address. I’m not really sure what this function is, or how you would use it.
Dynamic DNS - Only three DDNS providers supported: Dyndns (www.dyndns.org); Comexe (www.comexe.cn); and No-IP (www.no-ip.com).
The System Tools submenus shown in Figure 11 are fairly self-explanatory. However, the system log deserves a little extra attention. The system lets you filter the log entries by the log types shown. You can also filter the log by choosing one of the five Log Levels (All, Error, Notice Warning or Info). You have the option of saving the log or, if you’ve configured outbound SMTP mail settings (authenticated SMTP supported), mail the log daily at a specified time or every 48 hours.
There are a few issues to note, however. Syslog is not supported, so the web-based log is all you get. The log system doesn’t appear to log FTP sessions. When I FTP’d into the TL-WR1043ND on the WAN port, my session didn’t appear in the log file (Figure 11).
Notice all of the DHCP traffic as a result of the default short DHCP lease time. According to the rules for DHCP, a client will try to renew its lease when the lease is 50% over. With the default two hour lease, you can see that the client on 192.168.1.100 is requesting and receiving a renewal every hour.
Figure 11: TL-WR1043ND System Log
I also found a command-line interface for the FTP server as shown in Figure 12.
Figure 12: Command line FTP session showing available commands
As Tim pointed out, the TL-WR1043ND doesn’t really excel when it comes to wireless performance – especially uplink. Frankly, for a three-antenna router, I had expected somewhat better performance, since the third antenna in a dual-stream router is supposed to enhance receive gain. I was also disappointed that for a top-of-line router, I couldn’t confirm that I was getting a Gigabit connection via either the LED indicators or through the web UI.
From a security standpoint, I would have preferred that the setup utility had forced a password change for the administrator’s account and preferably, enforced the use of wireless security. An unsecured router with an unsecured wireless connection reminds me of routers from bygone days. But those security issues are relatively minor problems that are easily addressed by savvy users during initial setup.
Finally, for most people, I think that sharing USB storage on a local network via FTP only is a feature that won’t be used. If SMB/CIFS had been supported, I would have found the device much more useful. Still, I agree with Tim. For a $55 single-band N router with Gigabit ports, up and downlink bandwidth control and WDS support, it isn’t too bad. And you can always throw DD-WRT onto it if that's your thing.