manualshive.com logo in svg

Draytek Vigor 3100 Series, User Manual, Page: 58 / 122

Share
Download
Draytek Vigor 3100 Series User Manual Download Page 58

 

 

Vigor3100 Series User’s Guide

 

52 

 

3.

 

Select Index number 1 to add an account for the router. Check Enable Dynamic DNS 
Account, and choose correct Service Provider: dyndns.org, type the registered hostname: 

hostname 

and domain name suffix: dyndns.org in the Domain Name block. The 

following two blocks should be typed your account Login Name: 

test 

and Password: 

test

 

Service Provider

 

Select the service provider for the DDNS account. 

Service Type 

Select a service type (Dynamic, Custom, Static). 

Domain Name 

Type in a domain name that you applied previously. 

Login Name 

Type in the login name that you set for applying domain.

 

Password 

Type in the password that you set for applying domain. 

4.

 

Click 

OK 

button to activate the settings. You will see your setting has been saved. 

 

 

The Wildcard and Backup MX features are not supported for all Dynamic DNS providers. You 
could get more detailed information from their websites. 

Disable the Function and Clear all Dynamic DNS Accounts 

Summary of Contents for Vigor 3100 Series

Page 1: ...nslated into any language without written permission from the copyright holders The scope of delivery and other details are subject to change without prior notice Microsoft is a registered trademark o...

Page 2: ...Vigor3100 Series User s Guide ii...

Page 3: ...E PPPoA 8 2 2 3 Bridged IP 9 2 2 4 Routed IP 10 2 3 Selecting Correct Annex Type 11 2 4 Online Status 12 2 5 Saving Configuration 13 3 Advanced Web Configuration 15 3 1 Internet Access 15 3 1 1 Basics...

Page 4: ...7 3 8 1 System Status 77 3 8 2 Administrator Password 78 3 8 3 Configuration Backup 78 3 8 4 Syslog Mail Alert 80 3 8 5 Time and Date 81 3 8 6 Management 82 3 8 7 Reboot System 83 3 8 8 Firmware Upgra...

Page 5: ...tus Is OK or Not 109 5 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 109 5 3 Pinging the Router from Your Computer 112 5 4 Checking If the ISP Settings are OK or Not 113...

Page 6: ......

Page 7: ...h line rate as much as 108Mbps with Super G TM The Vigor3100 G models feature WPA2 802 11i wireless LAN isolation and WDS Wireless Distribution System A Virtual Private Network VPN is an extension of...

Page 8: ...5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration DSL Connect the G SHDSL line to access the...

Page 9: ...Ch ha as ss si is s C Co on nn ne ec ct ti io on ns s The Vigor3100 series can be mounted on a rack by using standard brackets in a 19 inch rack or optional larger brackets on 23 inch rack not includ...

Page 10: ...eries User s Guide 4 Use brackets to set the Vigor router on the rack as shown below After the bracket installation the Vigor3100 chassis can be installed in a rack by using four screws for each side...

Page 11: ...assword for this device you have to access into the web browse with default password first 1 Make sure your computer connects to the router correctly Notice You may either simply set up your computer...

Page 12: ...er the login password the default is blank on the field of Old Password Type a new one in the field of New Password and retype it on the field of Confirm Password Then click OK to continue 6 Now the p...

Page 13: ...header inside each ATM cell that indicates where the cell should be routed The ATM is a method of sending data in small packets of fixed sizes It is used for transferring data to client computers VCI...

Page 14: ...with ATM as the transport PPPoE or PPPoA is used for most of DSL modem users All local users can share one PPPoE or PPPoA connection for accessing the Internet Your service provider will provide you i...

Page 15: ...ow 2 2 2 2 3 3 B Br ri id dg ge ed d I IP P Click 1483 Bridged IP as the protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click N...

Page 16: ...e 10 2 2 2 2 4 4 R Ro ou ut te ed d I IP P Click 1483 Routed IP as the protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Nex...

Page 17: ...t A An nn ne ex x T Ty yp pe e After finishing Quick Start Wizard please go to Internet Access and choose DSL Settings for choosing correct annex type for your router Use the drop down list of Annex T...

Page 18: ...primary DNS Secondary DNS Displays the assigned IP address of the secondary DNS IP Address in LAN Displays the IP address of the LAN interface TX Packets Displays the total transmitted packets at the...

Page 19: ...at ti io on n Each time you click OK on the web page for saving the configuration you can find messages showing the system interaction with you Ready indicates the system is ready for you to input set...

Page 20: ...Vigor3100 Series User s Guide 14...

Page 21: ...at t a ar re e P Pu ub bl li ic c I IP P A Ad dd dr re es ss s a an nd d P Pr ri iv va at te e I IP P A Ad dd dr re es ss s As the router plays a role to manage and further protect its LAN it interco...

Page 22: ...g protocol of the internet please select PPPoE PPPoA from the Internet Access menu The following web page will be shown PPPoE PPPoA Client Click Enable for activating this function If you click Disabl...

Page 23: ...AP only or PAP or CHAP for PPP Always On Check this box if you want the router keeping connecting to Internet forever Idle Timeout Set the timeout for breaking down the Internet after passing through...

Page 24: ...Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Application Schedule web page and you can use the number that you ha...

Page 25: ...down the list to choose the type provided by ISP VPI Type in the value provided by ISP VCI Type in the value provided by ISP RIP Protocol Routing Information Protocol is abbreviated as RIP RFC1058 spe...

Page 26: ...the router You can use Default MAC Address or specify another MAC address for your necessity MAC Address Type in the MAC address for the router manually DNS Server IP Address Type in the primary IP ad...

Page 27: ...l Select a proper protocol for this channel Encapsulation Choose a proper type for this channel The types will be different according to the protocol setting that you choose 3 3 1 1 5 5 D DS SL L S Se...

Page 28: ...Area Network LAN is a group of subnets regulated and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP 3 3 2 2 1 1 B Ba as si ic cs s...

Page 29: ...on with neighboring routers using the RIP to accomplish IP routing This allows users to change the information of the router such as IP address and the routers will automatically inform for each other...

Page 30: ...lt 192 168 1 1 1st Subnet Mask Type in an address code that determines the size of the network Default 255 255 255 0 24 For IP Routing Usage Click Enable to invoke this function The default setting is...

Page 31: ...o those hosts in 2nd subnet won t get an IP address belonging to 1st subnet RIP Protocol Control Disable deactivates the RIP protocol It will lead to a stoppage of the exchange of routing information...

Page 32: ...m The DNS server converts the user friendly name into its equivalent IP address Force DNS manual setting Primary IPAddress You must specify a DNS server IP address here because your ISP should provide...

Page 33: ...e is an example of setting Static Route in Main Router so that user A and B locating in different subnet can talk to each other via the router Assuming the Internet access has been configured and the...

Page 34: ...t those hosts on the internal private subnets ex 192 168 10 0 24 can access the Internet via the router and continuously exchange of IP routing information with different subnets 2 Click the LAN Stati...

Page 35: ...he Static Route Configuration page 2 Select Inactive Disable from the drop down menu and then click the OK button to disable the route 3 3 2 2 4 4 V VL LA AN N Virtual LAN function provides you a very...

Page 36: ...e 1 If VLAN 0 is consisted of hosts linked to P1 and P2 and VLAN 1 is consisted of hosts linked to P3 and P4 2 After checking the box to enable VLAN function you will check the table according to the...

Page 37: ...d into one public IP address thus you can have only one IP address on behalf of the entire internal hosts z Enhance security of the internal network by obscuring the IP address There are many attacks...

Page 38: ...u know you have to forward rather than forward all ports Otherwise you will compromise the firewall type security initially deployed by the NAT facility To use this function please go to NAT page and...

Page 39: ...than the default port 80 to avoid conflict such as 8080 This can be set in the System Maintenance Management You then will access the admin screen of by suffixing the IP address with 8080 e g http 19...

Page 40: ...t to open the following page Enable Check to enable the DMZ Host function Private IP Enter the private IP address of the DMZ host or click Choose PC to select one Choose PC Click this button and then...

Page 41: ...Open Ports to open the following page Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit...

Page 42: ...e private IP address of the local host or click Choose PC to select one Choose PC Click this button and subsequently a window having a list of private IP addresses of local hosts will automatically po...

Page 43: ...outer to build an unwanted outgoing connection The most basic security concept is to set user name and password while you install your router The administrator login will prevent unauthorized access t...

Page 44: ...rnet connection Data Filter is applied to incoming and outgoing traffic It will check packets according to the filter rules If legal the packet will pass the router The following illustrations are flo...

Page 45: ...er such as the number of thresholds is identified as an attack and the Vigor router will activate its defense mechanism to mitigate in a real time manner The below shows the attack types that DoS DDoS...

Page 46: ...rnet researchers The server will look up the URL and return a category to your router Your Vigor router will then decide whether to allow access to this site according to the categories you have selec...

Page 47: ...ted UDP Packets By checking this box you can play these kinds of on line games If security concern is in higher priority you cannot enable Accept Incoming Fragmented UDP Packets 3 3 4 4 3 3 F Fi il lt...

Page 48: ...rule and that does not match further rules will be dropped Pass If No Further Match A packet matching the rule and that does not match further rules will be passed through Branch to other Filter Set...

Page 49: ...tion Protocol IP address Subnet Mask Operator Start Port and End Port settings It is used for Data Filter only Keep State is in the same nature of modern term Stateful Packet Inspection It tracks pack...

Page 50: ...ock To block selected IM applications during specific periods enter the number of the scheduler predefined in Applications Call Schedule 3 3 4 4 5 5 P P2 2P P B Bl lo oc ck ki in ng g P2P is the short...

Page 51: ...specified protocol Disallow upload Forbid the client to access into the application through the specified protocol for downloading Yet uploading is allowed 3 3 4 4 6 6 D Do oS S D De ef fe en ns se e...

Page 52: ...router will start to randomly discard the subsequent UDP packets for a period defined in Timeout The default setting for threshold and timeout are 150 packets per second and 10 seconds respectively En...

Page 53: ...ight block some legal packets For example when you activate the fraggle attack defense all broadcast UDP packets coming from the Internet are blocked Therefore the RIP packets from the Internet might...

Page 54: ...er can review it through Syslog daemon Look for the keyword DoS in the message followed by a name to indicate what kind of attacks is detected 3 3 4 4 7 7 U UR RL L C Co on nt te en nt t F Fi il lt te...

Page 55: ...or a complete URL string Multiple keywords within a frame are separated by space comma or semicolon In addition the maximal length of each frame is 32 character long After specifying keywords the Vigo...

Page 56: ...e cookie transmission from inside to outside world to protect the local user s privacy Proxy Check the box to reject any proxy transmission To control efficiently the limited bandwidth usage it will b...

Page 57: ...the Internet It is particularly helpful if you host a web server FTP server or other server behind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDN...

Page 58: ...t the service provider for the DDNS account Service Type Select a service type Dynamic Custom Static Domain Name Type in a domain name that you applied previously Login Name Type in the login name tha...

Page 59: ...in hours so that users can connect to the Internet only during certain hours say business hours The schedule is also applicable to other functions You have to set your time before set schedule In Syst...

Page 60: ...PPPoE Internet access connection to be always on Force On from 9 00 to 18 00 for whole week office hour Other time the Internet access connection should be disconnected Force Down Office Hour Force O...

Page 61: ...ed devices the ease of installation and configuration which is already available for directly connected PC peripherals with the existing Windows Plug and Play system For NAT routers the major feature...

Page 62: ...essenger to discover what are behind a NAT router The application will also learn the external IP address and configure port mappings on the router Subsequently such a facility forwards packets from t...

Page 63: ...ications and marking them for high priority service level enforcement throughout the network z Scheduling Based on classification of service level to assign packets to queues and associated service ty...

Page 64: ...ng The following QoS policies will be defined in the form of ratio of upstream downstream speed We will also provide application QoS requirement as reference to help you accomplish this task The setti...

Page 65: ...andwidth ratio on the right field This is a protection of TCP application traffic since UDP application traffic such as streaming video will exhaust lots of bandwidth Limited_bandwidth Ratio The ratio...

Page 66: ...e port configuration type Single or Range and type in the range for the Port Number 3 3 6 6 V VP PN N a an nd d R Re em mo ot te e A Ac cc ce es ss s A Virtual Private Network VPN is the extension of...

Page 67: ...ents that the MPPE encryption method will be optionally employed in the router for the remote dial in user If the remote dial in user does not support the MPPE encryption algorithm the router will tra...

Page 68: ...its policies to the remote peer and then remote peer tries to find a highest priority match with its policies Eventually to set up a secure tunnel for IKE Phase 2 Phase 2 negotiation IPSec security me...

Page 69: ...ing Security Payload ESP means payload data will be encrypted and authenticated You may select encryption algorithm from Data Encryption Standard DES Triple DES 3DES and AES 3 3 6 6 4 4 I IP PS Se ec...

Page 70: ...matching value The field includes Country C State ST Location L Organization O Organization Unit OU Common Name CN and Email E 3 3 6 6 5 5 R Re em mo ot te e D Di ia al l I In n U Us se er r You can...

Page 71: ...ymbol V and X represent the specific dial in user to be active and inactive respectively Click each index to edit one remote user profile Each Dial In Type requires you to fill the different correspon...

Page 72: ...d be the same as the ID you set in the Local ID of IKE advanced settings window Enter Peer ISDN number if you select ISDN above Also you should further specify the corresponding security methods on th...

Page 73: ...ial in user The budget will be decreased automatically per callback connection 3 3 6 6 6 6 L LA AN N t to o L LA AN N Here you can manage LAN to LAN connections by maintaining a table of connection pr...

Page 74: ...connection has been idled over the value the router will drop the connection Enable PING to keep alive This function is to help the router to determine the status of IPSec VPN connection especially u...

Page 75: ...pure L2TP connection Nice to Have Apply the IPSec policy first if it is applicable during negotiation Otherwise the dial out VPN connection becomes one pure L2TP connection Must Specify the IPSec pol...

Page 76: ...and key life of each IKE phase Gateway etc The window of Advance setup is as show below IKE phase 1 mode Select from Main mode and Aggressive mode The ultimate outcome is to exchange security proposa...

Page 77: ...ack Function for I models The callback function provides a callback service as a part of PPP suite only for the ISDN dial in user The router owner will be charged the connection fee by the telecom Req...

Page 78: ...the authentication methods and security methods in the general settings User Name This field is applicable when you select PPTP or L2TP w or w out IPSec policy above This field is also applicable if y...

Page 79: ...The default value is 0 0 0 0 which means the Vigor router will get a remote Gateway IP address from the remote router during the IPCP negotiation phase If the WAN IP address is fixed by remote side sp...

Page 80: ...he digital signature of the certificate issuing authority so that a recipient can verify that the certificate is real Here Vigor router support digital certificates conforming to standard X 509 Any en...

Page 81: ...rate Certificate Request window Type in all the information that the window request Then click Generate again Import Click this button to import a saved file as the certification information Refresh C...

Page 82: ...rtificate To import a pre saved trusted CA certificate please click IMPORT to open the following window Use Browse to find out the saved text file Then click Import The one you imported will be listed...

Page 83: ...ld get the current running firmware version or firmware related information from this presentation Model Name Displays the model name of the router Firmware Version Displays the firmware version of th...

Page 84: ...this filed Retype New Password Type in the new password again When you click OK the login window will appear Please use the new password to access into the web configurator again 3 3 8 8 3 3 C Co on n...

Page 85: ...fig cfg The above example is using Windows platform for demonstrating examples The Mac or Linux platform will appear different windows but the backup function is still available R Re es st to or re e...

Page 86: ...a port for the Syslog protocol SMTP Server The IP address of the SMTP server Mail To Assign a mail address for sending mails out Return Path Assign a path for receiving the mail from outside Click OK...

Page 87: ...se the browser time from the remote administrator PC host as router s system time Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Time Pro...

Page 88: ...e Internet For security issue this function is enabled by default Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maxim...

Page 89: ...ck Using current configuration and click OK To reset the router settings to default values check Using factory default configuration and click OK The router will take 5 seconds to reboot the system 3...

Page 90: ...lay the broadband access mode and status If the broadband connection is active it will show Internet access mode is enabled If the connection is idle it will show WAN IP Address The WAN IP address for...

Page 91: ...in the router The table shows a mapping between an Ethernet hardware address MAC Address and an IP address Refresh Click it to reload the page Clear Click it to clear the whole table 3 3 9 9 5 5 D DH...

Page 92: ...igor3100 Series User s Guide 86 Refresh Click it to reload the page 3 3 9 9 6 6 N NA AT T S Se es ss si io on ns s T Ta ab bl le e Click Diagnostics and click NAT Sessions Table to open the setup page...

Page 93: ...cording to the network structure as shown in the below illustration you may follow the steps to create a LAN to LAN profile These two networks LANs should NOT have the same network address Settings in...

Page 94: ...Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address IKE A...

Page 95: ...d you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup...

Page 96: ...n Settings in Router B in the remote office 1 Go to Remote Access Control to enable the necessary VPN service 2 Then for using PPP based services such as PPTP L2TP or ISDN you have to set general sett...

Page 97: ...l Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address...

Page 98: ...lected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General...

Page 99: ...r3100 Series User s Guide 93 7 At last set the remote network IP subnet in TCP IP Network Settings so that Router B can direct the packets destined to the remote network to Router A via the VPN connec...

Page 100: ...he network structure as shown in the below illustration you may follow the steps to create a Remote User Profile and install Smart VPN Client on the remote host Settings in VPN Router in the enterpris...

Page 101: ...ion If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the...

Page 102: ...omplimentary software to help you create PPTP L2TP and L2TP over IPSec tunnel You can find it in CD ROM in the package or go to www draytek com download center Install as instructed 2 After successful...

Page 103: ...based service is selected you should further specify the remote VPN server IP address Username Password and encryption method The User Name and Password should be consistent with the one set up in th...

Page 104: ...ver in the headquater office downtown via either HTTPS or VPN to check email and access internal database Meanwhile children may chat on VoIP or Skype in the restroom 1 Make sure the QoS Control on th...

Page 105: ...s Name of Index 3 In this index she will set reserve bandwidth for 1 VPN tunnel And click Advance button on the right 8 Click edit to open a new window First check the ACT box Then click SrcEdit to se...

Page 106: ...00 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage To use another DHCP server in the network rather than the built in one of Vigor Router you have to ch...

Page 107: ...Vigor3100 Series User s Guide 101 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage...

Page 108: ...y u us si in ng g A A P Pu ub bl li ic c S Su ub bn ne et t An example of setting Vigor router for IP routing of public subnet and the corresponding deployment are shown below You can just set the set...

Page 109: ...103 4 4 6 6 R Re eq qu ue es st t a a c ce er rt ti if fi ic ca at te e f fr ro om m a a C CA A s se er rv ve er r o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r 1 Go to Certificate Management...

Page 110: ...Enter the information in the certificate request 3 Copy and save the X509 Local Certificate Requet as a text file and save it for later use 4 Connect to CA server via web browser Follow the instructi...

Page 111: ...le Select Router Offline request or IPSec Offline request below Then you have done the request and the server now issues you a certificate Select Base 64 encoded certificate and Download CA certificat...

Page 112: ...NE CERTIFICATE 6 You may review the detail information of the certificate by clicking View button 4 4 7 7 R Re eq qu ue es st t a a C CA A C Ce er rt ti if fi ic ca at te e a an nd d S Se et t a as s...

Page 113: ...e to download click CA Certificate Current and Base 64 encoded and Download CA certificate to save the cer file 3 Back to Vigor router go to Trusted CA Certificate Click IMPORT button and browse the f...

Page 114: ...Vigor3100 Series User s Guide 108...

Page 115: ...I If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable connections...

Page 116: ...the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Go to Control Panel and then double click on Network Connections 2 Right click on...

Page 117: ...atically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Netwo...

Page 118: ...router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP The DOS command dialog will app...

Page 119: ...ess Setup group and then check whether the ISP settings are set correctly F Fo or r P PP PP Po oE E P PP PP Po oA A U Us se er rs s 1 Check if the Enable option is selected 2 Check if all parameters o...

Page 120: ...Try to reset the router by software or hardware Warning After pressing factory default setting you will loose all settings you did before Make sure you have recorded all useful settings before you pr...

Page 121: ...he router again to fit your personal request 5 5 6 6 C Co on nt ta ac ct ti in ng g Y Yo ou ur r D De ea al le er r If the router still cannot work correctly after trying many efforts please contact y...

Page 122: ...Vigor3100 Series User s Guide 116...

Reviews:

No comments