TP-Link TD-W8961ND Configuration
This is the procedure NCF uses to configure a TP-Link 8961ND modem out of the box or after a factory reset. To learn more about configuring your particular modem, consult the manual.
Configure as router
- Connect power and turn on the modem with the black button on the back.
- Connect an Ethernet LAN cable to one of the yellow rear ports
- In the browser's address bar, enter the IP address for the modem interface page: 192.168.1.1
- If the modem is fresh from the factory, use the default user name and password to gain access
- user: admin
- password: admin
If the modem was previously configured for someone, the password would be the previous user's DSL password. If it is unknown then do a reset to factory default, using a paper-clip in the reset hole on the back. Hold for 15 seconds to reset. The user name and password will now be as above.
|DSL Quick Configuration Info
(TP-Link DSL modems)
|Modem Web Interface||http://192.168.1.1|
|Modem login||Username: admin
Password: (see 'password' below)
|VPI / VCI (ADSL)||0.35|
|DSL username||(eg. email@example.com)|
|DSL Password||Starts with 'ncf' (not the same
as your NCF Start Page login)
|Firewall||Enabled by default (recommended)|
|Wireless||If enabled, WPA-PSK (WPA2)|
- When presented with the TP-Link configuration page, select the Quick Start option at the top left.
- Select Run Wizard to proceed.
Now a window pops open and you can begin to set up the details of the interface.
- Select Next to proceed
- Set the Time Zone Eastern
- Click Next
- Set the connection type of PPPoE/PPPoA
- Click Next
- PPP username in the form firstname.lastname@example.org (NOTE the "@ncf.ca" part! - it will not work without that!)
- PPP Password uses DSL Password (This is not your NCF account password, but your DSL password and was provided to you when you signed up for service, it starts with "ncf...")
- Ensure VPI is set to 0 and VCI is set to 35
- Ensure that the encapsulation remains at PPPoE LLC (default)
- Click Next
Continuing now to set the wireless configuration
- Ensure Access Point indicates activated
- The SSID is set to NCF plus a random number, such as NCF_123456. It is recommended you not use your first or last name, or street address as this information is broadcast and other people in your area will be able to associate the signal with which home it is coming from.
- Broadcast SSID remains selected
- Auth Type - must be set to WPA2-PSK
- ...wait a moment for it to offer additional field for encryption and password...
- Set Encryption Type to be AES
- Set the Preshared Key to be your DSL-Password
- Click Next to proceed.
- Click Next again to Finish the wizard.
Proceed with four more steps - Setting administrator access, and wireless locale setting
Password protect the Admin Role
- Click on Maintenance in the menu along the top of the page. Below it other options appear.
- Select Administration
- For the admin user use your DSL-Password or another strong password.
- Enter it once and again below to confirm
- Save the changes with Save
A pop-up log-in screen appears, and asks for sign-in. Use the User-ID admin and the DSL-Password just set. Return to the same configure page you were just at.
Set daylight savings time
- In Maintenance select Time Zone.
- Daylight Saving: Enabled
Turn on SPI firewalling
- In Advanced Setup select Firewall.
- SPI: Enabled
Final area setting and check
- Click Interface Setup in the top-of-page menu
- Now select Wireless in the menu below that.
- Choose Canada for the Channel Setup
- Click SAVE
Still on this page, Verify:
- The SSID in the form NCF_XXXXX or as you set.
- The Auth Type is WPA2-PSK
- The Encryption Type is AES and key is DSL-Password
- Click on the Internet tab
- Ensure that PVC2 has VPI/VCI set at 0/35
- Ensure that PPPoE credentials are set properly for your user name and password.
The modem should now synchronize and connect to your DSL service if the service is operating. You may need to reboot the modem to get it to connect.
Turn Off UPnP
- Click on "Access Management".
- Select "UPnP
- Select De-activated for UPnP and Auto-Configured.
- Save the changes with "Save"
In January 2014 it was revealed that some models of TP-Link modem, including this model, are subject to hacking if they are running out dated firmware and if the remote access (ACL) is set to allow remote access. This web page provides more detailed information on the vulnerability. Latest firmware versions can be checked on the TP-Link website.
- To be sure your modem is secure, click on By default the "ACL" tab will be active.
- Ensure your ACL page looks like the screen shot below. If not, choose "WAN" from the "Interface" drop-down box.
- Select "deactivated".
- Click "Save".