TP-LINK TL-ER6520G Enterprise Routers | multi-port gigabit wan | supports multiple authentication

TP-LINK TL-ER6520G Enterprise Routers | multi-port gigabit wan | supports multiple authentication

Product description:

Product parameters:

  • Product Name: TP-Link / P-linking technology TL-E ...
  • Brand: TP-Link / Cape linking technology
  • TP-Link Model: TL-ER6520G
  • Color Category: dark gray
  • Are Wireless: Wired
  • Wired router speed: 1000Mbps
  • Wired transfer rate: 10/100 / 1000Mbps
  • Wireless transfer rate: None
  • Network standards: 802.3x 802.1x 802.3u 802.2 802.3
  • Wireless network support frequency: Not supported
  • Applicable objects: Broadband VPN Router Broadband Router cafes dedicated enterprise-class router network router security services routers carrier-class high-end router broadband router
  • Number of USB interface: Does not support
  • Whether to support VPN: Support
  • Are built-in firewall: Yes
  • Support WDS: not supported
  • Whether to support WPS: does not support
  • Are Detachable: None
  • Service: Genius
  • Condition: New
  • Packing Volume: 440x227x44 (mm)

Dual-core Gigabit enterprise VPN router

  • 5 10/100 / 1000M Ethernet RJ45 port
  • 64-bit dual-core network processor, single-core clocked at 500MHz
  • 256MB DDRII high-speed memory
  • Internet behavior management, URL filtering and access control lists
  • Internal and external network protection and common ARP attack protection
  • Intelligent bandwidth management and IP connection limit
  • Traffic balancing strategy and backup lines, to meet the needs of multi-line access

TL-ER6520G is TP-LINK has introduced dual-core Gigabit enterprise VPN router products, mainly targeted at enterprises, institutions, parks, hotel chains and other need high-speed Internet access, Internet behavior management and remote network environment for secure communications. TL -ER6520G dual-core 64-bit network dedicated processor, single-core frequency up to 500MHz, with 256MB DDRII high-speed memory, with a strong network data forwarding capability, while supporting IPSec / PPTP / L2TP VPN, Internet behavior management, firewall, traffic control and feature-rich electronic bulletin, suitable for the formation of a safe, efficient and easy management of the whole enterprise gigabit network.

High speed and stable dual-core gigabit hardware platform

64-bit dual-core network processor, 256MB DDRII high-speed memory, packet processing capacity has been significantly improved to achieve gigabit-level data forwarding.

Flexible and practical interface configuration

Offers next five 10/100 / 1000M physical port equipment factory state 5 does not distinguish between physical port WAN, LAN roles, the user can according to actual needs network is divided into different sections (such as WAN segments, LAN segment, DMZ zone segment, etc.), and then the physical ports freely assigned to each zone, with very high flexibility while supporting a physical port to bind multiple virtual interfaces, such as eth interfaces, PPPoE interfaces, L2TP Interface, PPTP interfaces, greatly enhance flexibility physical port, adapt to the complex network requirements.

Secure IPSec / PPTP / L2TP VPN

Provides standard IPSec VPN, support for data integrity check, data origin authentication, anti-replay and data packet encryption (DES, 3DES, AES128, AES192, AES256 encryption algorithm, etc.); support for IKE and manual mode to establish a VPN connection and more for domestic users with dynamic IP, PPPoE dial-up access to network characteristics, etc., allows you to configure a VPN connection through its domain name; allows up to 200 IPSec VPN tunnels established to meet between corporate headquarters and branch offices, enterprises and need to establish a secure, remote communication between business partners / suppliers.

Support PPTP / L2TP server and client functionality, allowing up to build 100 PPTP VPN tunnels and 100 L2TP VPN tunnel users the flexibility to choose to use the server and client functions according to actual demand: When deployed in the corporate headquarters, the general use PPTP / L2TP server functionality to meet the traveling employees or affiliates remote secure access to corporate network requirements; required when the remote PPTP / L2TP server to establish a VPN connection, you need to use PPTP / L2TP client functionality.

Comprehensive and effective online behavior management

Providing for a variety of common applications of a key block, which can effectively control Internet applications, including IM software (QQ / Web QQ / MSN / Ali Want, etc.), P2P software (Thunder / Thunder look / eDonkey, etc.), financial software (great wisdom, analysts, flush, etc.), games (QQ games, the Thunder game, happy farm, QQ farm, etc.), proxy (http proxy, socks4 proxy, socks5 proxy), etc., up to a total of nearly 60 kinds, just configuration page by checking the appropriate option to control permissions used by employees. support user-based policy group configuration block can be assigned different permissions for different users to ensure that the key to the user's normal use.

Support site blacklist and whitelist filtering policy based on user groups and to limit employee access to various sites, to avoid access to potentially malicious websites harm caused.

Rich security policy

By configuring the basic access control rules to allow or prohibit employees to use a variety of network applications, including FTP downloads, e-mail, Web browsing, video and voice communications. At the same time support the user group based access control rules and time periods can be realized employee Internet refined rights management.

Provides IP and MAC addresses automatically scan and a key binding function, which can bind LAN port (network), WAN port (external network) Host IP and MAC address information, to effectively prevent internal / external network ARP spoofing to avoid network dropped the issue ARP spoofing caused; when subjected to ARP spoofing, can take the initiative to send the specified frequency ARP correct information in a timely manner to restore the network to normal state, effectively reduce the degree of harm.

Internal support / external network attack protection, can effectively prevent a variety of common DoS attacks, scanning attack, suspicious package aggressive behavior, such as: TCP Syn Flood, UDP Flood, ICMP Flood, WinNuke attacks, fragmented packet attacks, WAN mouth ping, TCP Scan (Stealth FIN / Xmas / Null), IP spoofing.

Support filtering based on MAC addresses, effectively blocking the access of invalid hosts.

Flexible Flow Control

It supports intelligent IP bandwidth control function, according to the actual bandwidth utilization and flexible to enable bandwidth control strategy can each host (IP) network for two-way bandwidth control, and effectively inhibit BT, Thunder and other P2P applications over bandwidth, avoid network game cards, the problem of slow Internet speed, network security always smooth.

IP-based connection limit function, the number of connections to limit the share of each computer, the rational use of limited NAT connection resources and prevent a few users take up a lot over the number of connections to ensure that games, Internet, chat, video, voice and other smooth get on.

Support intelligent balance, special application routing, ISP routing, policy routing, and other load balancing strategy, multi-pronged approach to effectively improve network quality of service, taking full advantage of the interface bandwidth and improve network experience, protect user investment.

Convenient and practical management and maintenance

All-Chinese style Web interface operation, all functions can be configured through a graphical interface, each of which are configured to provide the necessary information to help explain, user-friendly configuration of the router.

Provide a list of logs and log server function, detailed logging regulatory network operation, to help quickly identify network anomalies, locate the source of the problem in time to troubleshoot network problems; provide a graphical interface, real-time monitoring of CPU utilization and other key resources inside the router, to detect potential the dangers and attacks.

Support for local area network or the Internet router for remote management, and remote assistance to facilitate chain management; support Ping detection, routing tracking tool to detect a variety of fault detection, and can back up and import router configuration files to facilitate routine maintenance and management.

Hardware Specifications

Networking standards

IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3x


5 10/100 / 1000M Ethernet electrical interfaces

A Console port (RJ45)


64-bit dual-core MIPS network processor, single-core clocked at 500MHz






Per port

Link / Act, Speed

Per Device


Input Power

100-240V ~, 50 / 60Hz


Natural cooling thermal silica +


440x227x44 (mm)


Operating temperature: 0 ℃ ~ 40 ℃

Humidity: 10% ~ 90% RH non-condensing

Storage temperature: -40 ℃ ~ 70 ℃

Storage humidity: 5% ~ 90% RH non-condensing

Software Specifications

Network protocol


basic settings

Interface Settings

Custom zone

Custom Interface

DHCP Service



Switch settings

Port statistics, port monitoring, port traffic restrictions

Quick Configuration Wizard

Transmission control




virtual server

Port Triggering




IP bandwidth control

Connection Limit

Traffic / Connections Monitor

The maximum number of concurrent connections


Flow balance

Intelligent balance, special application routing, policy routing, ISP routing

Line backup

Scheduled backups, backup failure

Routing Settings

Static Routing

RIP Service

Check routing system

Security Management

ARP Protection

IP MAC binding


ARP Scan

ARP list

Attack Protection

MAC filtering

Access Policy

Access control rules

URL Filtering

Application Control

Instant messaging software limits

QQ / page QQ / MSN / Fetion / Ali Want / Skype / Gtalk / Tencent TM / YY play more

P2P software limits

Thunder / Thunder look / BitComet / eDonkey / QQLive / PPStream / PPTV / Flashget

Financial Software Restriction

Great wisdom / analyst / Flush / Longsheng / compass / Securities Star / China Merchants Securities / GF Securities, etc.

Game Software Restriction

QQ Games / Games Thunder / Lianzhong World / Holdfast platform / Fantasy Westward Journey / World of Warcraft / Kart

Video Software Restriction

Nora / popular / Phi / UUSee / CNTV / PPTV / QQLive / PPStream

Web game restrictions

Happy Farm / QQ Farm

Music Software Restriction

Cool Dog / Cool / QQ music / TTPlayer

Basic application restrictions

http / http submitted / https / mms / rtsp

Agent Limitations

http proxy / socks4 proxy / socks5 proxy



200 tunnel


100 tunnel


100 tunnel

system service

Electronic bulletin

Dynamic DNS

UPnP service

DNS proxy

System parameters

Management and maintenance

Device Management


Chinese Web interface, CLI management, Telnet Management, Remote Management

Administrator account settings

Modify accounts, modify the timeout, change management port

Backup and Import Configuration

software upgrade

system status

Hardware and software version, system time, CPU utilization, interface status

Traffic Statistics

Interface traffic statistics

IP traffic statistics

Diagnostic tools

Diagnostic tools

ping, tracert

Line detection

System Log

System Log

Typical applications for enterprise networks


TL-ER6520G dual-core gigabit hardware platform, deployed at corporate headquarters as an export gateway to meet the internal and external network data forwarding large flow needs; while providing a flexible interface layout, support connecting multiple broadband lines, and provides a wealth of traffic balancing and line backup strategy to ensure the company Internet traffic fast and stable forwarding; for employees online behavior diverse, difficult control problems, the router provides a powerful online behavior management to help network administrators to easily regulate the use of authority Internet applications; support IPSec / PPTP / L2TP VPN, to meet the corporate headquarters and branch offices, traveling employees need secure remote communication; with the TP-LINK Gigabit switch product, easy to set up fast, efficient, safe and easy management of the whole enterprise gigabit network.

Application Topology

Equipment List

Types of

Product number

product name

Headquarters egress router


Dual-core Gigabit enterprise VPN router

Headquarters Center Switches


24 + 4 Gigabit Managed Switch Layer

Headquarters Access Switch


24 + 4G Gigabit L2 Managed Switch

Export branch router

TL-ER6110 / TL-ER6120

Enterprise VPN Router