How to Setup and Configure TP-LINK TL-MR3020
In this post you will learn to setup and configure TP-Link TL-MR3020 router by focusing on network customization and setting security parameters. The same guide applies to MR3040 and most of the TP-Link routers. This is very essential that you change the default network settings to get better secured environment and protection.
Step A: Let’s get connected
Note: You can skip this step if you already can access Admin page.
Connect your router and start it via power adapter or USB, whatever way you like. It doesn’t matter, either you are using it first time or already running a non-customized network, this guide will help both kind of users.
After starting the router and searching for wireless network on your system, you may see this screen;
If you don’t see the same screen, then don’t panic as this is dependent of hardware and firmware version. Your network may appear security-enabled or unsecured. It doesn’t matter at this step.
Now open your browser and go to admin page of the router by entering the IP address of router;
Again, your router may have different IP address which is a less seen case but possible. You can find it on router itself along with default network key, login name and password (and this is why we have to change everything as anyone can gain access).
You should see the login page as below;
Enter default login and password. It is ‘admin’ for both in most of the cases. If your router says different, then enter that and hit login to get to Router Control or Administration page.
I have highlighted some important things for you. The blinded area is MAC address of your system which is currently connected to network and accessing router admin page. Never make it public.
Step B: Let’s customize
1. Disabling WPS.
Click on WPS option present on sidebar. WPS helps you connect any device by just pressing the WPS button present on router. It is designed for quick access and network keys are not necessary in most cases. However, I don’t like this option as there is default WPS key written on router itself. This kills the whole purpose of secured network.
First click on Get new PIN or Change PIN and then disable it. After this, you must reboot and re-login to admin page.
2. Changing SSID (Network Name)
Now, who doesn’t like to have personalized network name? Click on ‘Wireless’ option and then on ‘Wireless Settings’. You will get this page.
Change Wireless Network Name to whatever you like. Just make it classy and nice. Then change the region to your country. Then there is Channel. Channel ‘6’ is used by almost every router. So, avoid interference and increase performance just change it to whatever you like. I selected ’11’ as it less used. Change the Channel Width to to 40MHz and leave the Mode as it is.
Caution: Many old systems doesn’t recognize channels above 11. Make sure about yours before changing it to 12 or 13 or you may need to hard reset the router and start again.
Even if notified by router, don’t do a reboot yet.
3. Strengthening Wireless Security
Click on Wireless Security option. Select WPA/WPA2 Personal. For Version, select WPA-2 Personal and Encryption should be AES. In password section, enter a desired complex but memorable password. This is your Network Key. Note it down if you want. Click on Save. Now you will need to reboot. You can do also do it from System Tools >> Reboot.
4. Re-connecting to Router
As SSID, Network Key is changed you won’t be able to connect to same old network with same key. Click on Wi-fi icon near clock on taskbar and click on ‘Change Advanced Settings’. Go to second tab ‘Wireless Network’ and remove previous network from list and hit OK.
As soon as router is booted, it will show your new network. Hit connect and enter your password (Network Key) for it. It should connect without issue. Login to Admin page again using same IP.
5. Limiting access to router by MAC address
Click on ‘Local Management’ present under Security option on router’s admin page. Select ‘Only PCs listed…’ option and then click ‘Add’ button present at end line ‘Your PC’s MAC address’. Hit save. Due to this setting, only your current PC will be able to access router’s Admin area page. Please note this doesn’t affect internet access for other systems. It is only for Admin area.
6. Changing the username and password
Remember ‘admin’ as username and password to access administration area of router? You should definitely change it for better security.
Click on System Tools and then on Password. Enter Old Username and Password, which is ‘admin’ for both. Then enter your new desired Username and Password in change fields. Hit save and don’t reboot.
7. Changing the access port of TL-MR3020
Click on ‘Remote Management’ under same Security option. Put a new port address for it. Then save it. I have entered ‘810’. What it does? Generally you could access router page by only entering it’s IP. Actually, it’s default port is 80 which is standard of internet. By changing this no won’t be able to access by entering only IP. This will be new link;
After changing this setting you will need to reboot. Make sure you type access link as shown above.
8. Backup and Restore
So this was exhausting. Trust me, security never can’t be taken as granted and it is not easy. Make a Backup of this setting so if you or your angry child ever hard reset router, you can restore everything whatever you have done till now in a minute.
Go to ‘Backup and Restore’ and Click on Backup.Save this file to a secured location. You can restore it via this page again to get same SSID, network key, all passwords and security.
9. Some other security checks
Click on Security and make sure all Basic security measure are Enabled. You can also Enable DDOS protection under Advanced Security. For this to work you will need to start Traffic Statistic logs present under System Tools.
There is also Parental and Bandwidth control options to control IP addresses accessing the internet. Your kids may not get happy about it. Just make sure not to add your main system to it by mistake. That would be a blunder. 🙂
I hope this helps you all. Comment and issues are welcome!