background image

 

VigorFly 210 Series User’s Guide 

111

3

3

.

.

1

1

0

0

 

 

W

W

i

i

r

r

e

e

l

l

e

e

s

s

s

s

 

 

L

L

A

A

N

N

 

 

3

3

.

.

1

1

0

0

.

.

1

1

 

 

B

B

a

a

s

s

i

i

c

c

 

 

C

C

o

o

n

n

c

c

e

e

p

p

t

t

s

s

 

 

Over recent years, the market for wireless communications has enjoyed tremendous growth. 
Wireless technology now reaches or is capable of reaching virtually every location on the 
surface of the earth. Hundreds of millions of people exchange information every day via 
wireless communication products. The Vigor router is designed for maximum flexibility and 
efficiency of a small office/home. Any authorized staff can bring a built-in WLAN client PDA 
or notebook into a meeting room for conference without laying a clot of LAN cable or drilling 
holes everywhere. Wireless LAN enables high mobility so WLAN users can simultaneously 
access all LAN facilities just like on a wired LAN as well as Internet access 

The Vigor wireless routers are equipped with a wireless LAN interface compliant with the 
standard IEEE 802.11n draft 2 protocol. To boost its performance further, the Vigor Router is 
also loaded with advanced wireless technology to lift up data rate up to 300 Mbps*. Hence, 
you can finally smoothly enjoy stream music and video.   

Note

The actual data throughput will vary according to the network conditions and 

environmental factors, including volume of network traffic, network overhead and 
building materials. 

In an Infrastructure Mode of wireless network, Vigor wireless router plays a role as an Access 
Point (AP) connecting to lots of wireless clients or Stations (STA). All the STAs will share the 
same Internet connection via Vigor wireless router. The 

General Settings

 will set up the 

information of this wireless network, including its SSID as identification, located channel etc.   

 

S

S

e

e

c

c

u

u

r

r

i

i

t

t

y

y

 

 

O

O

v

v

e

e

r

r

v

v

i

i

e

e

w

w

 

 

Real-time Hardware Encryption: 

Vigor Router is equipped with a hardware AES encryption 

engine so it can apply the highest protection to your data without influencing user experience. 

Complete Security Standard Selection:

 To ensure the security and privacy of your wireless 

communication, we provide several prevailing standards on market. 

Summary of Contents for VigorFly 210

Page 1: ......

Page 2: ...VigorFly 210 Series User s Guide ii VigorFly 210 Wi Fi Router User s Guide Version 1 1 Firmware Version V1 3 5 Date July 18 2014 ...

Page 3: ...ation of the environment Warranty We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indica...

Page 4: ... not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the inter...

Page 5: ... Setting up the Internet Connection for WAN1 16 2 3 4 Setting up the Internet Connection for WAN2 23 2 3 5 Setting up the Wireless Connection 26 2 3 6 Saving the Wizard Configuration 33 2 4 Online Status 34 2 5 Saving Configuration 35 2 6 Registering Vigor Router 36 AdvancedWebConfiguration 39 3 1 WAN 39 3 1 1 Internet Access 41 3 1 2 Multi VLAN 54 3 2 LAN 57 3 2 1 General Setup 59 3 2 2 Static Ro...

Page 6: ...AN to LAN 102 3 8 6 Connection Management 108 3 9 USB Application 109 3 9 1 Batch Firmware Upgrade 109 3 10 Wireless LAN 111 3 10 1 Basic Concepts 111 3 10 2 General Setup 113 3 10 3 Security 116 3 10 4 Access Control 125 3 10 5 WPS 126 3 10 6 WDS 128 3 10 7 Universal Repeater 131 3 10 8 AP Discovery 135 3 10 9 WDS AP Status 136 3 10 10 WMM Configuration 136 3 10 11 Station List 138 3 11 IPv6 139 ...

Page 7: ...13 5 Connection Graph 168 3 13 6 APP QoS Monitor 168 3 13 7 Traffic Graph 169 3 13 8 Ping Diagnosis 170 3 14 Support Area 170 Trouble Shooting 173 4 1 Checking If the Hardware Status Is OK or Not 173 4 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 174 4 3 Pinging the Router from Your Computer 177 4 4 Checking If the ISP Settings are OK or Not 178 4 5 Backing to Factor...

Page 8: ......

Page 9: ...riends to hook up PCs via embedded 10 100 Ethernet LAN switch to enjoy multimedia applications Two antennas provide you with speedy WLAN networking If you are out of coverage of fixed line you can directly plug 3 5G WiMAX LTE USB modem to USB port on VigorFly 210 The sharing 3 5G WiMAX LTE connection accommodates adequate downstream upstream capacity for residential needs The integrated 802 11n Dr...

Page 10: ...ancel current settings and recover to the previous saved settings Clear all the selections and parameters settings including selection from drop down list All the values must be reset with factory default settings Add new settings for specified item Edit the settings for the selected item Delete the selected item with the corresponding settings Note For the other buttons shown on the web pages ple...

Page 11: ...ireless access point is not ready WLAN Blue LED on WLAN button Blinking Blue Blink when wireless traffic goes through Off The WPS is off Blinking Orange Blink with 1 second cycle for 2 minutes WPS is enabled and waiting for wireless client to connect with it WPS Orange LED on WLAN button Blinking Orange Blink when wireless traffic goes through WPS Button Press this button for 2 seconds to wait for...

Page 12: ...ter with a RJ 45 cable 3 Connect one end of the power adapter to the Power port of this device Connect the other end to the wall outlet of electricity 4 Power on the router 5 Check the ACT WAN and LAN LEDs to assure network connections For the detailed information of LED status please refer to section 1 1 Note To get a better WiMAX signal please use a USB extension cable to connect USB WiMAX dongl...

Page 13: ... this router can print documents via the router The example provided here is made based on Windows 7 For other Windows system please visit www draytek com Before using it please follow the steps below to configure settings for connected computers or wireless clients 1 Connect the printer with the router through USB parallel port 2 Open All Programs Getting Started Devices and Printers ...

Page 14: ...de 6 3 Click Add a printer 4 A dialog will appear Click Add a local printer and click Next 5 In this dialog choose Create a new port In the field of Type of port use the drop down list to select Standard TCP IP Port Then click Next ...

Page 15: ...es User s Guide 7 6 In the following dialog type 192 168 1 1 router s LAN IP in the field of Hostname or IP Address and type 192 168 1 1 as the Port name Then click Next 7 Click Standard and choose Generic Network Card ...

Page 16: ...w your system will ask you to choose right name of the printer that you installed onto the router Such step can make correct driver loaded onto your PC When you finish the selection click Next 9 Type a name for the chosen printer Click Next ...

Page 17: ...VigorFly 210 Series User s Guide 9 10 Choose Do not share this printer and click Next 11 Then in the following dialog click Finish ...

Page 18: ... Guide 10 12 The new printer has been added and displayed under Printers and Faxes Click the new printer icon and click Printer server properties 13 Edit the property of the new printer you have added by clicking Configure Port ...

Page 19: ...eries User s Guide 11 14 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK The printer can be used for printing now Most of the printers with different manufacturers are compatible with vigor router ...

Page 20: ...t please visit www DrayTek com to find out the printer list Open Support FAQ Application Notes find out the link of Printer Server and click it then click the What types of printers are compatible with Vigor router link Then click the What types of printers are compatible with Vigor router link Note 2 Vigor router supports printing request from computers via LAN ports but not WAN port ...

Page 21: ...efault IP address of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and type http 192 168 1 1 The following window will be open to ask for username and password 3 Type admin admin on Username Password and click Login for web configuration Notice If you fail to access to the web configuration plea...

Page 22: ...type admin admin on Username Password for admin mode and click Login Note The home page will change slightly in accordance with the type of the router you have 3 To change the password please access into Admin Mode Then go to System Maintenance page and choose Administration Password 4 Type new user name in the field of Account and new password in the field of Password Then click OK to continue 5 ...

Page 23: ...can be under an environment with high speed NAT the configuration provide here can help you to deploy and use the router quickly The first screen of Quick Start Wizard is welcome page please click Next 2 2 3 3 1 1 S Se et tt ti in ng g u up p t th he e P Pa as ss sw wo or rd d The first screen of Quick Start Wizard is entering login account and password After typing a new password please click Nex...

Page 24: ...and specify the NTP server s Then click Next for next step 2 2 3 3 3 3 S Se et tt ti in ng g u up p t th he e I In nt te er rn ne et t C Co on nn ne ec ct ti io on n f fo or r W WA AN N1 1 On the next page as shown below please select the appropriate connection type according to the information from your ISP There are several types offered in this page Each connection type will bring out different...

Page 25: ...ow Item Description Service Provider Choose the local service provider which can serve network service according to the nature of USB Modem LTE WiMAX installed For example you live in Taiwan and have a WiMAX modem inserted onto VigorFly 210 You can choose Taiwan Global Mobile to configure necessary settings and then surf the Internet easily The available settings will be different based on the ser...

Page 26: ...m P PP PP P M Mo od de e If you want to access Internet by 3G USB modem choose this mode as the protocol and type the required information in this web page Available parameters are listed below Item Description SIM PIN code Type PIN code of the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have a...

Page 27: ...le ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface Available parameters are listed below Item Description IP Address Type the IP address Subnet Mask Type the subnet mask Default Gateway Type the gateway ...

Page 28: ...to type any IP address manually Simply choose this type and the system will obtain the IP address automatically from DHCP server Available parameters are listed below Item Description Router Name Default setting is VigorFly210 After finishing the settings here please click Next ...

Page 29: ...ut user name password and authentication mode If your ISP provides you the PPPoE connection please select PPPoE for this router The following page will be shown Available parameters are listed below Item Description User Name Assign a specific valid user name provided by the ISP Password Assign a valid password provided by the ISP Confirmed Password Type the password again for confirmation Service...

Page 30: ...rameters are listed below Item Description L2TP PPTP Server IP Specify the IP address of the PPTP L2TP server Username Assign a specific valid user name provided by the ISP Password Assign a valid password provided by the ISP Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Always On Choose it to enable router always keep con...

Page 31: ...you want to connect to Internet all the time you can choose Always On After finishing the settings here please click Next 2 2 3 3 4 4 S Se et tt ti in ng g u up p t th he e I In nt te er rn ne et t C Co on nn ne ec ct ti io on n f fo or r W WA AN N2 2 WAN 2 is only used for backup WAN1 interface You will get different web settings according to the service provider specified 3 3G G 4 4G G U US SB B...

Page 32: ... you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP PPP Username Type the PPP username optional PPP Password Type the PPP password optional PPP Authentication Select PAP only or ...

Page 33: ...ure Available parameters are listed below Item Description Service Provider Choose the local service provider which can serve network service according to the nature of USB Modem LTE WiMAX installed For example you live in Taiwan and have a WiMAX modem inserted onto VigorFly 210 You can choose Taiwan Global Mobile to configure necessary settings and then surf the Internet easily The available sett...

Page 34: ... settings here please click Next 2 2 3 3 5 5 S Se et tt ti in ng g u up p t th he e W Wi ir re el le es ss s C Co on nn ne ec ct ti io on n Now you have to set up the wireless connection Available parameters are listed below Item Description Enable Wireless LAN Check the box to enable the wireless function Hide SSID Check this box to prevent from wireless sniffing and make it harder for unauthoriz...

Page 35: ... All wireless devices must support the same WEP encryption bit size and have the same key Available parameters are listed below Item Description Key 1 Key 4 Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal value...

Page 36: ...ow Item Description WPA Algorithm Choose the WPA algorithm TKIP AES or TKIP AES Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that ...

Page 37: ...A mode algorithm Radius server Radius server port and Radius server secret respectively Available parameters are listed below Item Description WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RF...

Page 38: ... Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenti...

Page 39: ...at is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a...

Page 40: ... after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second M Mi ix xe ed d W WP PA A W WP PA A2 2 8 80 02 2 1 1x x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 ...

Page 41: ...nt between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second After finishing...

Page 42: ...ow Item Description LAN Status IP Address Displays the IP address of the LAN interface TX Packets Displays the total transmitted packets at the LAN interface RX Packets Displays the total number of received packets at the LAN interface TX Bytes Displays the total transmitted rate at the LAN interface RX Bytes Displays the total number of received rate at the LAN interface WAN Status IP Displays th...

Page 43: ...ing Operational for the connected dongle Base Station ID Display the MAC address of the remote base station Signal Strength RSSI Display the strength of the wireless signal Signal Quality CINR Display the quality of the wireless signal The larger the value number is the better the quality shall be Note The words in green mean that the WAN connection of that interface is ready for accessing Interne...

Page 44: ... to register your Vigor router to MyVigor website for getting more service Please follow the steps below to finish the router registration 1 Please login the web configuration interface of Vigor router by typing admin admin as User Name Password 2 Click Support Area Production Registration from the home page 3 A Login page will be shown on the screen Please type the account and password that you c...

Page 45: ...e following page appears please type in Nickname for the router and choose the right registration date from the popup calendar it appears when you click on the box of Registration Date After adding the basic information for the router please click Submit 6 When the following page appears your router information has been added to MyVigor database ...

Page 46: ...VigorFly 210 Series User s Guide 38 7 Click OK Now you have finished the product registration ...

Page 47: ...ngs for different WAN modes please go to Internet Access group B Ba as si ic cs s o of f I In nt te er rn ne et t P Pr ro ot to oc co ol l I IP P N Ne et tw wo or rk k IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid address conflicts IP addresses are publicly registered w...

Page 48: ...concentrator This implementation provides users with significant ease of use Meanwhile it provides access control billing and type of service according to user requirement When a router begins to connect to your ISP a serial of discovery process will occur to ask for a connection Then a session will be created Your user ID and password is authenticated via PAP or CHAP with RADIUS authentication sy...

Page 49: ...s the menu items for WAN 3 3 1 1 1 1 I In nt te er rn ne et t A Ac cc ce es ss s This page allows you to set WAN configuration with different modes Use the Connection Type drop down list to choose one of the WAN modes The corresponding page will be displayed Each item is explained as follows Item Description Index Display the WAN interface Physical Mode It shows the physical connection for WAN1 Et...

Page 50: ... Enable Enable the function of DHCP Option Each DHCP option is composed by an option number with data For example Option number 100 Data abcd When such function is enabled the specified values for DHCP option will be seen in DHCP reply packets Option Number Type a number for such function Note If you choose to configure option 61 here the detailed settings in WAN Internet Access will be overwritte...

Page 51: ... automatically from a DHCP server on the Internet To use Static IP or Dynamic IP as the accessing protocol of the internet please choose Static or Dynamic IP mode from Access drop down menu Then click Detail Page to open the following web page Available parameters are listed below Item Description Obtain an IP address automatically To get an IP address from DHCP server simply click this button The...

Page 52: ... PING function please specify the IP address for the system to PING it for keeping alive PING Interval Enter the interval for the system to execute the PING operation MTU It means Max Transmit Unit for packet The default setting is 1442 WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or ...

Page 53: ...d Confirm Password Re enter the password for confirmation Service Name Enter the description of the specific network service PPP MP Setup Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand...

Page 54: ...hrough Ping Detect Mode Choose None or Ping Detect for the system to execute for WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displays value for your reference TTL value is set by telnet command WAN Physical Type Specify the data transmitting rate for such mode MAC Address Clone MAC Address Clone is availab...

Page 55: ...ord Type in the password provided by ISP in this field PPP Setup Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MTU It means Max Transmit Unit for packet Th...

Page 56: ...all the settings here please click OK to activate them 3 3G G 4 4G G U US SB B M Mo od de em m P PP PP P M Mo od de em m f fo or r W WA AN N1 1 If your router connects to a 3G 4G modem and you want to access Internet via 3G 4G modem choose 3G 4G as connection type and type the required information in this web page Available parameters are listed below Item Description 3G USB Modem 3G Always On SIM...

Page 57: ... PAP only or PAP or CHAP for PPP MTU It means Max Transmit Unit for packet The default setting is 1442 MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address After finishing all the settings here please click OK to activate them 4 4G G U US SB B M Mo od de em m ...

Page 58: ...ffered for you to choose as cipher suite Keep the default setting will be better Such item is required for WiMAX USB Modem MTU It means Max Transmit Unit for packet The default setting is 1360 Keep WAN Connection Normally this function is designed for Dynamic IP environments because some ISPs will drop connections if there is no traffic within certain periods of time Check Enable PING to keep aliv...

Page 59: ...e your WAN1 connection type is not in 3G 4G mode When the WAN1 connection is broken the router will try to keep the connection with 3G mode After WAN1 connection is recovered router will disconnect the 3G 3G connection automatically Below shows the configuration page for 3G 4G USB Modem Available parameters are listed below Item Description 3G USB Modem SIM PIN code Type PIN code of the SIM card t...

Page 60: ...After finishing all the settings here please click OK to activate them 4 4G G U US SB B M Mo od de em m D DH HC CP P M Mo od de e f fo or r W WA AN N2 2 Below shows the configuration page for 4G USB Modem Available parameters are listed below Item Description 4G USB Modem Service Provider Choose the local service provider which can serve network service according to the nature of USB Modem LTE WiM...

Page 61: ... service provider Such item is required for WiMAX USB Modem Cipher Suite Cipher Suite There are two encryption methods offered for you to choose as cipher suite Keep the default setting will be better Such item is required for WiMAX USB Modem MTU It means Max Transmit Unit for packet The default setting is 1360 SMS for WAN backup Use the drop down list to choose one of the SMS profiles created in ...

Page 62: ... to activate such setting Management WAN VLAN Setting Enable Management WAN Setup Check the box to enable Management WAN configuration Management WAN VLAN ID Data sent out through the WAN port will be tagged with VLAN ID number specified here The range of ID number you can type is from 0 4095 Management WAN Setting Click this link to open Management WAN setting Channel Display the number of each c...

Page 63: ...ccess Add Tag To identify the usage of VLAN check this box to invoke this setting And type the number for VLAN ID number Priority It is used to set the priority for the audio and or video data transmission The adjustable range is from 0 lowest to 7 highest After finishing all the settings here please click OK to save the configuration ...

Page 64: ...d as follows Item Description Enable Multi VLAN Setup Check this box to activate such setting Enable Check this box to enable that channel Only channel 3 to 8 can be set in this page for channel 1 to 2 are reserved for NAT using P1 to P4 It means the LAN port 1 to 4 Check the box to designate the LAN port for channel 2 to 7 SSID1 to SSID3 Check the box to designate the SSID for channel 2 to 7 When...

Page 65: ...s is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that yo...

Page 66: ...s allows users to change the information of the router such as IP address and the routers will automatically inform for each other W Wh ha at t i is s S St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified...

Page 67: ...for connecting to a subnet Default 192 168 2 1 2nd Subnet Mask An address code that determines the size of the network NAT Check the box to execute the function of NAT in LAN PPPoE Passthrough If you want to use PPPoE server in the network via Vigor router please check this box to redirect the PPPoE frames to the specified location DHCP Server Configuration DHCP stands for Dynamic Host Configurati...

Page 68: ... DNS servers Otherwise LAN PCs use the router as their DNS server and the router will do DNS proxy for them Primary DNS Address You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server If your ISP does not provide it the router will automatically apply default DNS Server IP address 194 109 6 66 to this field Secondary DNS Address You c...

Page 69: ... Add a routing rule Destination Type the IP address for the routing rule applied to Range Choose Host or Net for specifying gateway or netmask setting of such routing rule Netmask Type the netmask for such routing rule if you choose Net as Range setting Gateway Type the gateway address for such routing rule Interface Choose WAN or LAN as the interface for such route Comment Type words as notificat...

Page 70: ... this function However IP MAC which is not listed in IP Bind List also can connect to Internet Disable Click this radio button to disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List ARP Table This table is the LAN ARP table of this router The information for IP and MAC will...

Page 71: ...ernal hosts When the outgoing packets destined to some public server on the Internet reach the NAT router the router will change its source address into the public IP address of the router select the available public port and then forward it At the same time the router shall list an entry in a table to memorize this address port mapping relationship When the public server response the incoming tra...

Page 72: ...of special applications Common application of Open Port includes P2P application e g BT KaZaA Gnutella WinMX eMule and others Internet Camera etc Ensure that you keep the application involved up to date to avoid falling victim to any security exploits To use Port Redirection please go to NAT page and choose Port Redirection web page The Port Redirection Table provides 30 port mapping entries for t...

Page 73: ... the type for such profile The type of Virtual server offers several options with dedicated server and port number Packets passing through such port number will be redirected into the local IP address and local port assigned below If User Define is selected there are four sub options offered to choose If Virtual Server is selected specify a server from the drop down list ...

Page 74: ... private IP address of the internal host providing the service I Local Port Specify the private port number of the service offered by the internal host Comment Type a brief description for such profile if required The Maximum length is 23 character long After finishing all the settings here please click OK to save the configuration ...

Page 75: ...ies from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc Note The security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional filter rules or a secondary firewall Clic...

Page 76: ...ttack The attacks are usually categorized into two types the flooding type attacks and the vulnerability attacks The flooding type attacks will attempt to exhaust all your system s resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables the Vigor router to inspect every incoming p...

Page 77: ...econd and 10 seconds respectively Enable UDP flood defense Check the box to activate the UDP flood defense function Once detecting the Threshold of the UDP packets from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent UDP packets for a period defined in Timeout The default setting for threshold and timeout are 1500 packets per second and 10...

Page 78: ... in ng g This page allows you to set up to 32 MAC IP Port Filtering rules When you finish the filtering rule simply click OK The new rule will be displayed below in this page Available parameters are listed below Item Description Basic Settings MAC IP Port Filtering Choose Enable to activate MAC IP Port Filtering function Default Policy Accepted all the packets that do not match with any rule will...

Page 79: ...t filtering which examines a packet based on the information in its header stateful inspection builds up a state machine to track each connection traversing all interfaces of the firewall and makes sure they are valid The stateful firewall of Vigor router not just examine the header information also monitor the state of the connection The purpose of this is to enable the SPI firewall for the filte...

Page 80: ...ecline the HTTP request to that web page thus can limit user s access to the website You may imagine URL Content Filter as a well trained convenience store clerk who won t sell adult magazines to teenagers At office URL Content Filter can also provide a job related only environment hence to increase the employee work efficiency How can URL Content Filter work better than traditional firewall in th...

Page 81: ...all the settings here please click OK to save the configuration 3 3 5 5 C CS SM M C Co on nt te en nt t S Se ec cu ur ri it ty y M Ma an na ag ge em me en nt t C CS SM M CSM is an abbreviation of Content Security Management which is used to filter the web content to reach a goal of security management 3 3 5 5 1 1 W We eb b C Co on nt te en nt t F Fi il lt te er r We all know that the content on th...

Page 82: ... Please note that this action will not introduce any delay in your Web surfing because each of multiple load balanced database servers can handle millions of requests for categorization Note 1 Web Content Filter WCF is not a built in service of Vigor router but a service powered by Commtouch If you want to use such service trial or formal edition you have to perform the procedure of activation fir...

Page 83: ...y a green light will be shown on the screen Activate Click it to activate Commtouch WCF mechanism Misclassified Report You can send a report for mistaken classified URL to Commtouch by clicking such link H Ho ow w t to o a ac ct ti iv va at te e w we eb b c co on nt te en nt t f fi il lt te er r Before activating web content filter register your Vigor router first Refer to 2 6 Registering Vigor Ro...

Page 84: ...you to change the account name Transfer It allows you to transfer the Vigor device together with applied license to someone who has already registered another account in myvigor draytek com Be sure to press this button to transfer the product to whom you want to give Otherwise he she might not be able to maintain the license hooked up to the Vigor device Back It allows you to return to the previou...

Page 85: ... Agreement The system will find out the date for you to activate this version of service Then click Next 5 When this page appears click Register 6 Next when the registration is completed You will get the following screen 7 Return to web configuration of VigorFly 210 8 Refresh the page of CSM Web Content Filter ...

Page 86: ...1 S Se es ss si io on n L Li im mi it t A PC with private IP address can access to the Internet via NAT router The router will generate the records of NAT sessions for such connection The P2P Peer to Peer applications e g BitTorrent always need many sessions for procession and also they will occupy over resources which might result in important accesses impacted To solve the problem you can use li...

Page 87: ...dress for limit session End IP Defines the end IP address for limit session Session Limit Defines the available session number for each host in the specific range of IP addresses If you do not set the session number in this field the system will use the default session limit for the specific limitation you set for each index Add Adds the specific session limitation onto the list above Edit Allows ...

Page 88: ...andwidth Default TX limit Define the default speed of the upstream for each computer in LAN Default RX limit Define the default speed of the downstream for each computer in LAN Limitation List Display a list of specific limitations that you set on this web page Specific Limitation Start IP Define the start IP address for limit bandwidth End IP Define the end IP address for limit bandwidth TX limit...

Page 89: ...the downstream If you do not set the limit in this field the system will use the default speed for the specific limitation you set for each index After finishing all the settings please click OK to save the configuration 3 3 6 6 3 3 Q Qu ua al li it ty y o of f S Se er rv vi ic ce e Deploying QoS Quality of Service management to guarantee that all applications receive the service levels required a...

Page 90: ...rface QoS Group Setting Group Display the purpose Upload Download of the rule to be applied Name Display the name s grouped for Upload Download Rule Allow to configure detailed settings for the selected group Click Edit to access into the detailed setting page APP QoS Monitor Check the box of Enable Application QoS Monitor The system will monitor the application and display current status on this ...

Page 91: ...ttings are explained as follows Item Description QoS Control There are four classes of QoS offered by Vigor router Each class contains different settings Here we take Bi direction as an example Related settings will be explained below Upload Bandwidth It will be applied to outgoing traffic Use the drop down list to specify the bandwidth for data transmission If you choose User defined you have to ...

Page 92: ...t 256Kbps upstream if you would like to use G 711 SIP UDP Port Set a port number used for SIP QoS Upload Group Settings There are four classes of Highest High Normal and Low which represent the priority of data transmission Rate Define the transmission receiving percentage of upload download bandwidth for each class Ceil It determines the largest bandwidth that each class highest high default low ...

Page 93: ...ditions for data Upload and Download After clicking the Edit link under Rule you will get the following web page To configure the detailed settings for the rule click Add to open the following dialog Available settings are explained as follows Item Description Direction Choose Upload or Download that such function will influence ...

Page 94: ...acket Length Specify the length of the packets The adjustable range is from 0 2048 DSCP DSCP Differentiated Services Code Point allows each IP packet to be tagged with different service class for different network transmission The default setting is BE Protocol Specify the protocol for such QoS rule Dest Port Src Port It is available when TCP or UDP is selected as the protocol Application It is av...

Page 95: ... 87 Monitor link After finished settings click OK to save the settings The new rule setting profile will be added and displayed on the page Below shows the QoS rule example for your reference In the QoS Group Setting page you will see ...

Page 96: ...he Internet It is particularly helpful if you host a web server FTP server or other server behind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service providers Basically Vigor routers are compatible with the DDNS services supplied by most popular DDNS servi...

Page 97: ... After finishing all the settings here please click OK to save the configuration 3 3 7 7 2 2 8 80 02 2 1 1d d S Sp pa an nn ni in ng g T Tr re ee e The Spanning Tree Protocol STP is a link layer network protocol that ensures a loop free topology for any bridged LAN Check the box to invoke such feature and click OK to save it 3 3 7 7 3 3 L LL LT TD D Link Layer Topology Discovery LLTD is a propriet...

Page 98: ...directly connected PC peripherals with the existing Windows Plug and Play system For NAT routers the major feature of UPnP on the router is NAT Traversal This enables applications inside the firewall to automatically open the ports that they need to pass through a router It is more reliable than requiring a router to work out by itself which ports need to be opened Further the user does not have t...

Page 99: ...y the application The reminder as regards concern about Firewall and UPnP Can t work with Firewall Software Enabling firewall applications on your PC may cause the UPnP function not working properly This is because these applications will block the accessing ability of some network ports Security Considerations Activating the UPnP function on your network may incur some security threats You should...

Page 100: ...ctions You have to set your time before set schedule In System Maintenance Time and Date menu press Inquire Time button to set the Vigor router s clock to current time of your PC The clock will reset once if you power down or reset the router There is another way to set up time You can inquiry an NTP server a time server on the Internet to synchronize the router s clock This method can only be app...

Page 101: ...gs here please click OK to save the configuration 3 3 7 7 8 8 S SM MS S The function of SMS Short Message Service is that Vigor router sends a message to user s mobile or e mail box through specified service provider to assist the user knowing the real time abnormal situations or sending message to the user when backup WAN WAN2 is on Vigor router allows you to set up to 10 SMS profiles which will ...

Page 102: ...e SMS provider object profile from the drop down list Username Type a user name that the sender can use to register to selected SMS provider The maximum length of the name you can set is 31 characters Password Type a password that the sender can use to register to selected SMS provider The maximum length of the password you can set is 31 characters Phone Number List Display the phone number create...

Page 103: ...Type the content of the SMS Send Message Click it to send a test message to the specified phone number OK Click it to save the configuration and exit the page Cancel Click it to return to the previous page without saving the configuration Delete Delete current profile with the settings configuration 4 Enter all the settings and click OK 3 3 7 7 9 9 A Ap pp pl le e i iO OS S K Ke ee ep p A Al li iv...

Page 104: ... Item Description Enable Static Host Function Check the box to enable such function Static Host List Display a list of the static hosts created Edit Static Host Host IP Type the IP address of the host that you want to add as a static host Host Name Type the name of the host Add Click it to add the new typed host IP with host name and display on the Static Host List Delete Remove the selected stati...

Page 105: ... point to point private link Below shows the menu items for VPN and Remote Access 3 3 8 8 1 1 R Re em mo ot te e A Ac cc ce es ss s C Co on nt tr ro ol l Enable the necessary VPN service as you need If you intend to run a VPN server inside your LAN you should disable the VPN service of Vigor Router to allow VPN tunnel pass through as well as the appropriate NAT settings such as DMZ or open port 3 ...

Page 106: ...tion algorithm In addition the remote dial in user will use 40 bit to perform encryption prior to using 128 bit for encryption In other words if 128 bit MPPE encryption method is not available then 40 bit encryption scheme will be applied to encrypt the data Maximum MPPE This option indicates that the router will use the MPPE encryption scheme with maximum bits 128 bit to encrypt the data UserName...

Page 107: ...the data payload only It can just apply to local packet e g L2TP over IPSec The Tunnel mode will not only add the AH ESP payload but also use a new IP header Tunneled IP header to encapsulate the whole original IP packet Authentication Header AH provides data authentication and integrity for IP packets passed between VPN peers This is achieved by a keyed one way hash function to the packet to crea...

Page 108: ...ccess by maintaining a table of remote user profile so that users can be authenticated to dial in via VPN connection You may set parameters including specified connection peer ID connection type VPN connection including PPTP IPSec Tunnel and L2TP by itself or over IPSec and corresponding security methods etc The router provides 32 access accounts for dial in users Besides you can extend the user a...

Page 109: ... account Check the box to enable this function Idle Timeout If the dial in user is idle over the limitation of the timer the router will drop this connection By default the Idle Timeout is set to 300 seconds Allowed Dial In Type PPTP Allow the remote dial in user to make a PPTP VPN connection through the Internet You should set the User Name and Password of remote dial in user below IPSec Tunnel A...

Page 110: ...fy the IP address of the remote node Pre Shared Key Check the box of Pre Shared Key to invoke this function and type in the required characters 1 63 as the pre shared key IPSec Security Method This group of fields is a must for IPSec Tunnels and L2TP with IPSec Policy when you specify the remote node Phase 1 2 Algorithm It means payload data will be encrypted and authenticated You may select encry...

Page 111: ...e symbol V and X represent the profile to be active and inactive respectively To edit each profile 1 Click each index to edit each profile and you will get the following page Each LAN to LAN profile includes 4 subgroups If the fields gray out it means you may leave it untouched The following explanations will guide you to fill all the necessary fields For the web page is too long we divide the pag...

Page 112: ...he connection has been idled over the value the router will drop the connection Dial Out Settings Type of Server I am calling PPTP Build a PPTP VPN connection to the server through the Internet You should set the identity like User Name and Password below for the authentication of remote server IPSec Tunnel Build an IPSec VPN connection to the server through Internet L2TP with IPSec Policy Build a...

Page 113: ...f fields is applicable for IPSec Tunnels and L2TP with IPSec Policy Pre Shared Key Input 1 63 characters as pre shared key IPSec Security Method This group of fields is a must for IPSec Tunnels and L2TP with IPSec Policy Advanced Specify mode proposal and key life of each IKE phase Gateway etc The window of advance setup is shown as below IKE phase 1 mode Select from Main mode and Aggressive mode ...

Page 114: ...N server The length of the ID is limited to 47 characters Available settings are explained as follows Item Description Allowed Dial In Type Determine the dial in connection with different types PPTP Allow the remote dial in user to make a PPTP VPN connection through the Internet You should set the User Name and Password of remote dial in user below IPSec Tunnel Allow the remote dial in user to tri...

Page 115: ...fields is applicable for IPSec Tunnels and L2TP with IPSec Policy when you specify the IP address of the remote node Pre Shared Key Check the box of Pre Shared Key to invoke this function and type in the required characters 1 63 as the pre shared key IPSec Security Method This group of fields is a must for IPSec Tunnels and L2TP with IPSec Policy when you specify the remote node Phase 1 2 Algorith...

Page 116: ...n by clicking Drop button You may also aggressively Dial out by using Dial out Tool and clicking Dial button Available settings are explained as follows Item Description General Mode This filed displays the profile configured in LAN to LAN with Index number and VPN Server IP address Dial Click this button to execute dial out function Refresh Seconds Choose the time for refresh the dial information...

Page 117: ...h Firmware Upgrade can solve the problem Not only it is easy to operate but also it can save the time of firmware upgrade for other router s Each item is explained as follows Item Description Enable Batch Firmware Upgrade Server Check the box to enable such function and let VigorFly 210 acts as a firmware upgrade server Index Display the number of the batch profile Model Name Display the name of t...

Page 118: ... the location of the firmware including the name and the directory In this case type fw vigor2860 vigor2860 all Add Click it to add the settings configuration and return to previous page A new created profile will be displayed on the previous page Clear Click it to cancel the settings configuration Cancel Click it to cancel the settings configuration and return to last web page 6 Choose the model ...

Page 119: ... 11n draft 2 protocol To boost its performance further the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps Hence you can finally smoothly enjoy stream music and video Note The actual data throughput will vary according to the network conditions and environmental factors including volume of network traffic network overhead and building materials In ...

Page 120: ...al a pre defined key is used for encryption during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your n...

Page 121: ...D and the wireless channel Please refer to the following figure for more information Available settings are explained as follows Item Description Enable Wireless LAN Check the box to enable wireless function Mode At present the router can connect to 11g Only 11b Only 11n Only Mixed 11g 11n Mixed 11b 11g Mixed 11b 11g 11n stations simultaneously Simply choose Mixed 11b 11g 11n mode ...

Page 122: ...ther through Access Point however they can access wired PCs on LAN and access Internet via WAN interface IGMP Snooping Check the box to activate IGMP snooping for the station which access into Internet through such SSID Channel Means the channel of frequency of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea...

Page 123: ...verage Check this box to enable the function Besides it will be displayed on the Wireless LAN for you to access for detailed configuration Open Wireless LAN Universal Repeater Please refer to the corresponding section for detailed information Antenna Specify the type of the antenna used for your router Tx Power Set the power percentage for transmission signal of access point The greater the value ...

Page 124: ...ct settings please click OK to save and invoke it By clicking the Security Settings a new web page will appear so that you could configure the settings Available settings are explained as follows Item Description Mode There are several modes provided for you to choose Disable The encryption mechanism is turned off WEP Accepts only WEP clients and the encryption key should be entered in WEP Key ...

Page 125: ...be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and ...

Page 126: ...as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but ...

Page 127: ...vailable settings are explained as follows Item Description 802 1x WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption RADIUS Server Guide you to access into next pop up window to configure RADIUS server settings Click the link of RADIUS Server to access into the following page for more settings Available settings are explained as follo...

Page 128: ...econd WPA 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Available settings are explained as follows Item Description WPAAlgorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to ...

Page 129: ... RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform a...

Page 130: ...y generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authen...

Page 131: ... Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication ...

Page 132: ...t TKIP AES or TKIP AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default ...

Page 133: ...et Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second 3 3 1 10 0 4 4 A Ac cc ce es ss s C Co on nt tr ro ol l For additional security of wireless access the Access Control facility allows you to restrict the network access right by co...

Page 134: ...10 0 5 5 W WP PS S WPS Wi Fi Protected Setup provides easy procedure to make network connection between wireless station and wireless access point vigor router with the encryption of WPA and WPA2 It is the simplest way to build connection between wireless network clients and vigor router Users do not need to select any encryption mode and type any long encryption passphrase to setup a wireless cli...

Page 135: ...ode you have to know the PIN code specified in wireless client Then provide the PIN code of the wireless client you wish to connect to the vigor router Available settings are explained as follows Item Description Enable WPS Check this box to enable WPS setting WPS Current Status Display related system information for WPS If the wireless ...

Page 136: ...t will return to normal condition after two minutes You need to setup WPS within two minutes Configure via Client PinCode Type the PIN code specified in wireless client you wish to connect and click Start PIN button The WLAN LED on the router will blink fast when WPS is in progress It will return to normal condition after two minutes You need to setup WPS within two minutes 3 3 1 10 0 6 6 W WD DS ...

Page 137: ...her peer AP through WDS links Yet in Bridge mode packets received from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the following examples hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links However hosts connected to Bridge 1 CANNOT communicate with hosts ...

Page 138: ...tion WDS Mode Choose the mode for WDS setting Disable mode will not invoke any WDS setting Bridge Mode is designed to fulfill the first type of application Repeater Mode is for the second one Security There are several types for security Disabled WEP TKIP AES and Key or Peer Mac Address field valid or not Choose one of the types for the router Please disable ...

Page 139: ...u is available only when it is enabled in Wireless LAN General Setup It allows you to specify which AP that remote client can connect to The access point can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to serve all wireless stations within its coverage Note While using Universal Repeater Mode the acces...

Page 140: ...rm the network connection automatically Show auto connection list Click it to open another page which will display all the access point s available for Universal Repeater mode for automatic network connection If you have no idea about the SSID and MAC address of the access point you want to connect simply go to Wireless LAN Access Point Discovery Click Scan and wait for the scanned result Choose o...

Page 141: ...ult name if required O Op pe en n S Sh ha ar re ed d M Mo od de e Available settings are explained as follows Item Description Encryption Type Choose None to disable the WEP Encryption Data sent to the AP will not be encrypted To enable WEP encryption for data transmission please choose WEP WEP Keys Four keys can be entered here but only one key can be selected at a time The format of WEP Key is r...

Page 142: ...vailable settings are explained as follows Item Description Encryption Type Select TKIP or AES as the algorithm for WPA Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde After finishing all the settings here please click OK to save the configuration ...

Page 143: ...ID Display the SSID of the AP scanned by this router BSSID Display the MAC address of the AP scanned by this router RSSI Display the signal strength RSSI is the abbreviation of Receive Signal Strength Indication Channel Display the wireless channel used for the AP that is scanned by this router Encryption Display the encryption mode for the scanned AP Authentication Display the authentication type...

Page 144: ...he Access Point 3 3 1 10 0 1 10 0 W WM MM M C Co on nf fi ig gu ur ra at ti io on n WMM is an abbreviation of Wi Fi Multimedia It defines the priority levels for four access categories derived from 802 1d prioritization tabs The categories are designed with specific types of traffic voice video best effort and low priority data There are four accessing categories AC_BE AC_BK AC_VI and AC_VO for WM...

Page 145: ...r than CWMin or equals to CWMin value Both values will influence the time delay for WMM accessing categories The difference between AC_VI and AC_VO categories must be smaller however the difference between AC_BE and AC_BK categories must be greater Txop It means transmission opportunity For WMM categories of AC_VI and AC_VO that need higher priorities in data transmission please set greater value ...

Page 146: ...ent uses for connection with such AP Encrypt Display the encryption mode used by the wireless client Refresh Click this button to refresh the status of station list Add to Access Control Client s MAC Address For additional security of wireless access the Access Control facility allows you to restrict the network access right by controlling the wireless LAN MAC address of client Only the valid MAC ...

Page 147: ...ible types contain Link Local only Static IPv6 and TSPC Each type requires different parameter settings L Li in nk k L Lo oc ca al l O On nl ly y Link Local address is used for communicating with neighbouring nodes on the same link It is defined by the address prefix fe80 10 You don t need to setup Link Local address manually for it is generated automatically according to your MAC Address ...

Page 148: ...ay address here Primary DNS Server Type your IPv6 primary DNS Server address here Secondary DNS Server Type your IPv6 secondary DNS Server address here T TS SP PC C Tunnel setup protocol client TSPC is an application which could help you to connect to IPv6 network easily Please make sure your IPv4 WAN connection is OK and apply one free account from hexage http gogonet gogo6 com page freenet6 acco...

Page 149: ...t IPv6 in IPv4 Native Request an IPv6 in IPv4 tunnel IPv6 in IPv4 NAT Traversal Request an IPv6 in UDP of IPv4 tunnel for clients behind a NAT Auto reconnect Delay After passing the time set here the client will retry to connect in case of failure or keepalive timeout 0 means not retry Keepalive Check the box to keep the connection between TSPC and tunnel broker always on TSPC will send ping packe...

Page 150: ... Available settings are explained as follows Item Description Ipv6 dhcp ia Choose Prefix Delegation or Non temporary Address as the identify association IAID Type a number as IAID After finished the above settings click OK to save the settings P PP PP P During the procedure of IPv4 PPPoE connection we can get the IPv6 Link Local Address between the gateway and Vigor router through IPv6CP Later use...

Page 151: ...escription Ipv6 6to4 relay Type an IP address of 6to4 relay router which connected an IPv4 network and an IPv6 network 3 3 1 11 1 2 2 L LA AN N G Ge en ne er ra al l S Se et tu up p This page defines the IPv6 connection types for LAN interface Possible types contain DHCPv6 Server and RADVD Each type requires different parameter settings Available settings are explained as follows Item Description ...

Page 152: ...s Type the start and end address for IPv6 server DNS Server IPv6 Address Primary DNS Server Type in the primary IP address for the DNS Server Secondary DNS Server Type in secondary IP address for the primary DNS Server After finishing all the settings here please click OK to save the configuration 3 3 1 11 1 3 3 F Fi ir re ew wa al ll l S Se et tu up p This page allows users to set firewall rules ...

Page 153: ...ble settings are explained as follows Item Description Name Type a name for the rule Protocol Specify a protocol for this rule Source IP Type Determine the IP type as the source Source IP Type the IPv6 address here if you choose Single as Source IP Type Source IP Subnet Type the subnet mask here if you choose Subnet as Source IP Type Destination IP Type Determine the IP type as the destination ...

Page 154: ...ocol Destination Start Port Type a value as the destination start port Such value will be available only TCP UDP is selected as the protocol Destination End Port optional Type a value as the destination end port Such value will be available only TCP UDP is selected as the protocol Action Set the action that the router will perform for the packets through the protocol of IPv6 ACCEPT If the IPv6 pac...

Page 155: ...iguration 3 3 1 11 1 5 5 T TS SP PC C S St ta at tu us s IPv6 TSPC status web page could help you to diagnose the connection status of TSPC TSPC log contains some debug information from program If TSPC has not configured properly the router will display the following page when the user tries to connect through TSPC connection When TSPC configuration has been done the router will start to connect T...

Page 156: ...th tunnel broker and so on Tunnel Status Disconnected The remote client doesn t connect to the tunnel server Connecting The remote client is connecting to the tunnel server Connected The remote client has been connected to the tunnel server Activity Sent sent to the tunnel RX bytes Received received from the tunnel RX bytes When the router connects to the tunnel broker the router will use RADVD to...

Page 157: ...r s Guide 149 When your PC obtains the IPv6 address please connect to http www ipv6 org If your PC access Internet via IPv6 connection your IPv6 address will be shown on the web page immediately Refer to the following figure ...

Page 158: ... the box and type the port number respectively to enable the remote management of services Available settings are explained as follows Item Description Allow management from the Internet Enable HTTP HTTPS ICMP Ping TELNET Enable the checkbox to allow system administrators to login from the Internet There are several servers provided by the system to allow you managing the router from Internet Chec...

Page 159: ...s the menu items for System Maintenance 3 3 1 12 2 1 1 S Sy ys st te em m S St ta at tu us s The System Status provides basic network settings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation Each item is explained as follows Item Description Model Display the model name of t...

Page 160: ...v6 address of the LAN Interface Wireless MAC Address Display the MAC address of the WLAN Interface SSID Display the SSID of this router Channel Display the channel that wireless LAN used IPv6 Address Display the IPv6 address of the wireless LAN Interface WAN 1 Connected Type Display the network connection type for this router Link Status Display if current network is connected or not MAC Address D...

Page 161: ...change it The default CPE username and password are vigor and password You will need it when you configure VigorACS server Available parameters are explained as follows Item Description ACS Settings Such data must be typed according to the ACS Auto Configuration Server you want to link Please refer to VigorACS user s manual for detailed information URL Type the URL for VigorACS server If the conne...

Page 162: ...ime The default setting is Enable Please set interval time or schedule time for the router to send notification to CPE Or click Disable to close the mechanism of notification STUN Settings The default is Disable If you click Enable please type the relational settings listed below Server IP Type the IP address of the STUN server Server Port Type the port number of the STUN server Minimum Keep Alive...

Page 163: ... 3 3 1 12 2 4 4 U Us se er r P Pa as ss sw wo or rd d Sometimes you may want to access into User Mode to configure the web settings for some reason Vigor router allows you to set new user password to login into the WUI to fit your request Simply open System Maintenance User Password Available parameters are explained as follows Item Description Enable User Mode Check this box to enable user mode o...

Page 164: ...1 Open System Maintenance User Password 2 Check the box of Enable User Mode for simple web configuration to enable user mode operation Type a new password in the field of New Password and click OK 3 Log out Vigor router web user interface 4 The following window will be open to ask for username and password Type the new user password in the filed of Password and click Login 5 The main screen with U...

Page 165: ... ku up p t th he e C Co on nf fi ig gu ur ra at ti io on n Follow the steps below to backup your configuration 1 Go to System Maintenance Configuration Backup The following windows will be popped up as shown below 2 Type a key arbitrarily for encrypting the file Keep the key in mind You will need it whenever you want to restore such file Click Backup button to get into the following dialog Click S...

Page 166: ...ion will download automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating examples The Mac or Linux platform will appear different windows but the backup function is still available Note Backup for Certification must be done independently The Configuration Backup does not include information of Certificate ...

Page 167: ...n will be shown as below 2 Click Select button to choose the correct configuration file for uploading to the router 3 Click Restore button and wait for few seconds the following picture will tell you that the restoration procedure is successful Note If the file you want to restore has been encrypted you will be asked to type the encrypted key before clicking Restore ...

Page 168: ...the Syslog server Destination Port Assign a port for the Syslog protocol Log Level Choose the severity level for the system log entry Mail Alert Setup Enable Check Enable to activate function of mail alert SMTP Server The IP address of the SMTP server Mail To Assign a mail address for sending mails out Mail From Assign a path for receiving the mail from outside User Name Type the user name for aut...

Page 169: ...2 Install the Router Tools in the Utility within provided CD After installation click on the Router Tools Syslog from program menu 3 From the Syslog screen select the router you want to monitor Be reminded that in Network Information select the network adapter used to connect to the router Otherwise you won t succeed in retrieving information from the router ...

Page 170: ...the browser time from the remote administrator PC host as router s system time Use NTP Client Select to inquire time information from Time Server on the Internet using assigned protocol Time Zone Select the time zone where the router is located NTP Server Type a new NTP server Daylight Saving Check the box to enable the daylight saving Such feature is available for certain area NTP synchronization...

Page 171: ...inistrators to login from the Internet There are several servers provided by the system to allow you managing the router from Internet Check the box es to specify Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed List IP Indicate an IP address allowed to login to the router S...

Page 172: ...in the future 3 3 1 12 2 1 10 0 F Fi ir rm mw wa ar re e U Up pg gr ra ad de e Before upgrading your router firmware you need to install the Router Tools The Firmware Upgrade Utility is included in the tools The following web page will guide you to upgrade firmware by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web...

Page 173: ...Click Diagnostics and click Routing Table to open the web page Each item is explained as follows Item Description Destination Display the IP address of the routing Netmask Display the subnet mask of the routing Gateway Display the gateway IP address of the routing Flags Display the routing status Interface Display the interface name eth0 eth1 fp etc that used to transfer packets with addresses mat...

Page 174: ...nments This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click DHCP Table to open the web page Each item is explained as follows Item Description Host name Display the name of the computer accepted the assigned IP address by this router IP Address Display the IP address assigned by this router for specified PC MAC Address Display the ...

Page 175: ...ss TX rate RX rate or Session link for arranging the data display Each item is explained as follows Item Description Auto refresh Check this box to let the system automatically refresh this page Refresh Click this link to refresh this page manually Index Display the number of the data flow IP Address Display the IP address of the monitored device TX rate kbps Display the transmission speed of the ...

Page 176: ...b page Choose WAN or Backup WAN for viewing different connection graph Click Refresh to renew the graph at any time 3 3 1 13 3 6 6 A AP PP P Q Qo oS S M Mo on ni it to or r This page displays the APP QoS monitoring status Each item is explained as follows Item Description Enable Application QoS Monitor Check the box to perform the application QoS monitoring ...

Page 177: ...pplication RX rate kbps Display the receiving speed of the monitored application TX traffic kbps Display the transmission traffic of the monitored application RX traffic kbps Display the receiving traffic of the monitored application Accuracy Display how well the application detection works 3 3 1 13 3 7 7 T Tr ra af ff fi ic c G Gr ra ap ph h Click Diagnostics and click Traffic Graph to pen the we...

Page 178: ...s of the Host IP that you want to ping Run Click this button to start the ping work The result will be displayed on the screen Clear Click this link to remove the result on the window 3 3 1 14 4 S Su up pp po or rt t A Ar re ea a When you click the menu item under Support Area you will be guided to visit www draytek com and open the corresponding pages directly Click Support Area Application Note ...

Page 179: ...s Guide 171 Click Support Area FAQ the following web page will be displayed Click Support Area Product Registration the following web page will be displayed Refer to section 2 6 Registering Vigor Router for detailed information ...

Page 180: ...VigorFly 210 Series User s Guide 172 This page is left blank ...

Page 181: ...ng to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer for advanced help 4 4 1 1 C Ch he ec ck ki in ng g I If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable con...

Page 182: ... stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s The example is based on Windows 7 Professional Edition As to the examples for other operation systems please refer to the similar steps or find support notes in www DrayTek com 1 Open All Programs Getting Started Control Panel Click Network and Sharing Center 2 In the...

Page 183: ...t Obtain an IP address automatically and Obtain DNS server address automatically Finally click OK F Fo or r M Ma ac c O OS S 1 Double click on the current used Mac OS on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 184: ...VigorFly 210 Series User s Guide 176 ...

Page 185: ...uter correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista 7 The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address se...

Page 186: ... tt ti in ng g I If f N Ne ec ce es ss sa ar ry y Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by software or hardware Warning After pressing factory default setting you will loose all settings you did before Make sure you have recorded all useful settings before you pressing S So of ft tw wa ar re e R Re es se et t You can reset the rou...

Page 187: ... button Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request 4 4 6 6 C Co on nt ta ac ct ti in ng g D Dr ra ay yT Te ek k If the router still cannot work correctly after trying many efforts please contact your dealer for further help right away For any questions please ...

Reviews: