manualshive.com logo in svg

Draytek VigorNIC 132 series, User Manual

The Draytek VigorNIC 132 series offers exceptional networking capabilities. Enhance your network performance with this reliable product. For an effortless setup, refer to the user manual available for free download from manualshive.com. Discover the full potential of your Draytek VigorNIC 132 series with this comprehensive manual.

Share
Download
background image

 

VigorNIC 132 Series User’s Guide   

114 

Block TCP flag scan 

Check the box to activate the Block TCP flag scan function. 
Any TCP packet with anomaly flag setting is dropped. Those 

scanning activities include no flag scanFIN without ACK 
scanSYN FINscanXmas scan and full Xmas scan

Block Tear Drop 

Check the box to activate the Block Tear Drop function. 
Many machines may crash when receiving ICMP datagrams 

(packets) that exceed the maximum length. To avoid this 
type of attack, the Vigor device is designed to be capable of 

discarding any fragmented ICMP packets with a length 
greater than 1024 octets. 

Block Ping of Death 

Check the box to activate the Block Ping of Death function. 

This attack involves the perpetrator sending overlapping 
packets to the target hosts so that those target hosts will 

hang once they re-construct the packets. The Vigor devices 
will block any packets realizing this attacking activity. 

Block ICMP Fragment 

 

Check the box to activate the Block ICMP fragment 

function. Any ICMP packets with more fragment bit set are 
dropped. 

Block Unassigned Numbers  Check the box to activate the Block Unknown Protocol 

function. Individual IP packet has a protocol field in the 
datagram header to indicate the protocol type running over 

the upper layer. However, the protocol types greater than 
100 are reserved and undefined at this time. Therefore, the 
router should have ability to detect and reject this kind of 

packets. 

Warning Messages 

We provide Syslog function for user to retrieve message 
from Vigor device. The user, as a Syslog Server, shall 

receive the report sending from Vigor device which is a 
Syslog Client. 
All the warning messages related to DoS Defense will be 
sent to user and user can review it through Syslog daemon. 

Look for the keyword DoS in the message, followed by a 
name to indicate what kind of attacks is detected. 

 

Summary of Contents for VigorNIC 132 series

Page 1: ......

Page 2: ...VigorNIC 132 Series User s Guide ii VigorNIC 132 Series VDSL2 ADSL2 PCI E Card User s Guide Version 1 1 Firmware Version V3 7 9 For future update please visit DrayTek web site Date May 17 2016 ...

Page 3: ...e warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty work...

Page 4: ...Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a...

Page 5: ... 1 2 1 Details Page for PPPoE in WAN1 Physical Mode ADSL 29 II 1 2 2 Details Page for MPoA Static or Dynamic IP in WAN1 Physical Mode ADSL 32 II 1 2 3 Details Page for PPPoE PPPoA in WAN1 Physical Mode VDSL 34 II 1 2 4 Details Page for Static or Dynamic IP in WAN1 Physical Mode VDSL 35 II 1 2 5 Details Page for PPPoE in WAN2 Physical Mode Fiber 37 II 1 2 6 Details Page for Static or Dynamic IP in ...

Page 6: ... Part III Security 99 III 1 Firewall 100 Web User Interface 102 III 1 1 General Setup 102 III 1 2 Filter Setup 106 III 1 3 DoS Defense 112 Application Notes 116 A 1 How to Configure Certain Computers Accessing to Internet 116 III 2 Central Security Management CSM 120 Web User Interface 121 III 2 1 URL Content Filter Profile 121 Application Notes 125 A 1 How to Create an Account for MyVigor 125 A 2...

Page 7: ...Dial out Triggering 169 VI 1 2 Routing Table 170 VI 1 3 ARP Cache Table 171 VI 1 4 IPv6 Neighbour Table 172 VI 1 5 DHCP Table 173 VI 1 6 NAT Sessions Table 174 VI 1 7 DNS Cache Table 175 VI 1 8 Ping Diagnosis 176 VI 1 9 Data Flow Monitor 177 VI 1 10 Trace Route 179 VI 1 11 IPv6 TSPC Status 180 VI 1 12 DSL Status 181 VI 2 Checking If the Hardware Status Is OK or Not 182 VI 3 Checking If the Network...

Page 8: ......

Page 9: ...P Pa ar rt t I I I In ns st ta al ll la at ti io on n This part will introduce Vigor device and guide to install the device in hardware and software ...

Page 10: ......

Page 11: ...rNIC 132 LED Status Explanation On The Fiber WAN is connected VigorNIC 132F The Ethernet WAN connection is ready VigorNIC 132 WAN2 Blinking It will blink while transmitting data On DSL connection synchronized DSL Blinking Quickly DSL is handshaking Slowly DSL tries to synchronize Off The system is not ready or is failed ACT Blinking The system is ready and can work normally LED on Connector Interf...

Page 12: ... computer 2 Remove the cover of your computer 3 Choose a spare card slot and insert VigorNIC 132 network card into the card slot 4 Use RJ 11 cable for AnnexA or RJ 45 cable for AnnexB to connect DSL interface to the external VDSL splitter to establish DSL connection VigorNIC 132 Or insert the fiber cable into WAN2 interface to establish fiber WAN connection VigorNIC 132F 5 Install the cover of you...

Page 13: ...min admin as the Username Password and click Login Info If you fail to access to the web configuration please go to Trouble Shooting for detecting and solving your problem 3 Now the Main Screen will appear 4 The web page can be logged out according to the chosen condition The default setting is Auto Logout which means the web configuration system will logout after 5 minutes without any operation C...

Page 14: ...into the web user interface with admin mode 3 Go to System Maintenance page and choose Administrator Password 4 Enter the login password the default is admin on the field of Old Password Type New Password and Confirm Password Then click OK to continue Info The maximum length of the password you can set is 23 characters 5 Now the password has been changed Next time use the new password to access th...

Page 15: ...ection status including System Information IPv4 Internet Access IPv6 Internet Access Interface physical connection and Quick Access Click Dashboard from the main menu on the left side of the main page A web page with default selections will be displayed on the screen Refer to the following figure ...

Page 16: ... five seconds When you move and click the mouse cursor on LEDs except ACT WAN2 or DSL related web setting page will be open for you to configure if required For detailed information about the LED display refer to I 1 1 LED Indicators and Connectors I I 5 5 2 2 N Na am me e w wi it th h a a L Li in nk k A name with a link e g Router Name Current Time WAN1 2 and etc below means you can click it to o...

Page 17: ...tatus Dynamic DDNS TR 069 Schedule Syslog Mail Alert and Firewall Object Setting are displayed here Move your mouse cursor on any one of the links and click on it The corresponding setting page will be open immediately Note that there is a plus icon located on the left side of LAN Click it to review the LAN connection s used presently Host connected physically to the router via LAN port s will be ...

Page 18: ...lick the icon on the top of the main screen to display all the functions I I 5 5 5 5 W We eb b C Co on ns so ol le e It is not necessary to use the telnet command via DOS prompt The changes made by using web console have the same effects as modified through web user interface The functions settings modified under Web Console also can be reviewed on the web user interface Click the Web Console icon...

Page 19: ...VigorNIC 132 Series User s Guide 9 ...

Page 20: ...the Config Backup icon It allows you to backup current settings as a file Such configuration file can be restored by using System Maintenance Configuration Backup Simply click the icon on the top of the main screen and a pop up dialog will appear Click Save to store the setting I I 5 5 7 7 L Lo og go ou ut t Click this icon to exit the web user interface ...

Page 21: ...8 8 1 1 P Ph hy ys si ic ca al l C Co on nn ne ec ct ti io on n Such page displays the physical connection status such as LAN connection status WAN connection status ADSL information and so on P Ph hy ys si ic ca al l C Co on nn ne ec ct ti io on n f fo or r I IP Pv v4 4 P Pr ro ot to oc co ol l ...

Page 22: ...in green means such interface is enabled Line Displays the physical connection VDSL ADSL or Fiber of this interface Name Display the name of the router Mode Displays the type of WAN connection e g PPPoE Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface GW IP Displays the IP address of the default gateway TX Packets Displays the total transmitted pac...

Page 23: ...isplays the type of WAN connection e g TSPC Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface Gateway IP Displays the IP address of the default gateway Info The words in green mean that the WAN connection of that interface is ready for accessing Internet the words in red mean that the WAN connection of that interface is not ready for accessing Inter...

Page 24: ...y Go to Wizards Quick Start Wizard The first screen of Quick Start Wizard is entering login password After typing the password please click Next On the next page as shown below please select the WAN interface that you use If DSL interface is used please choose WAN1 if fiber interface is used please choose WAN2 At present only WAN1 is available Then click Next for next step ...

Page 25: ...ype a name to identify such WAN DSL Mode Specify the physical mode Auto VDSL2 only or ADSL only for such router manually You have to select the appropriate Internet access type according to the information from your ISP For example you should select PPPoE mode if the ISP provides you PPPoE interface In addition the field of For ADSL Only will be available only when ADSL is detected Then click Next...

Page 26: ...e two modes offered for you to choose for WAN1 interface Choose PPPoE PPPoA as the protocol For ADSL Only Such field is provided for ADSL only You have to choose encapsulation and type the values for VPI and VCI Or click Auto detect to find out the best values Fixed IP Click Yes to enable Fixed IP feature IP Address Type the IP address if Fixed IP is enabled Subnet Mask Type the subnet mask Defaul...

Page 27: ...s from 0 to 4095 Priority Type the packet priority number for such VLAN The range is from 0 to 7 Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 2 After finished the above settings simply click Next Manually enter the Username Password provided by your ISP Available settings are explained as follows ...

Page 28: ...next setting page Cancel Click it to give up the quick start wizard 3 After finished the above settings click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 Now you can enjoy surfing on the Internet ...

Page 29: ...d for you to choose for WAN1 interface Choose MPoA Static or Dynamic IP as the protocol For ADSL Only Such field is provided for ADSL only You have to choose encapsulation and type the values for VPI and VCI Or click Auto detect to find out the best values Fixed IP Click Yes to enable Fixed IP feature IP Address Type the IP address if Fixed IP is enabled Subnet Mask Type the subnet mask Default Ga...

Page 30: ...the function of VLAN with tag Tag value Type the value as the VLAN ID number The range is from 0 to 4095 Priority Type the packet priority number for such VLAN The range is from 0 to 7 Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 2 Please type in the IP address mask gateway information originally ...

Page 31: ... Network LAN is a group of subnets regulated and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP When the data flow passing through the Network Address Translation NAT function of the router will dedicate to translate public private addresses and the packets will be delivered to the correct host PC in the local area network DNS IG...

Page 32: ...te IP address assigned by the built in DHCP server of the Vigor device The router itself will also use the default private IP address 192 168 1 1 to communicate with the local hosts Meanwhile Vigor device will communicate with other network devices through a public IP address When the data flow passing through the Network Address Translation NAT function of the router will dedicate to translate pu...

Page 33: ...f the ISP connections all the traffic will be guided and switched to the normal communication port for proper operation Please configure WAN1 WAN2 WAN3 and WAN4 settings This webpage allows you to set general setup for WAN1 WAN2 WAN3 and WAN4 respectively In default WAN2 is disabled If you want to enable it simply click the WAN2 link and select Yes in the field of Enable For VigorNIC 132 Series ex...

Page 34: ...such interface Physical Mode Display the physical mode of such interface If VDSL2 is detected this field will display VDSL2 if ADSL is detected it will display ADSL DSL Mode Specify the physical mode VDSL2 or ADSL for such router manually Physical Type For such interface no type can be selected VLAN Tag insertion ADSL The settings configured in this field are available for ADSL Enable Enable the f...

Page 35: ...number to all packets on the WAN while sending them out Please type the tag value and specify the priority for the packets sending by WAN1 Disable Disable the function of VLAN with tag Tag value Type the value as the VLAN ID number The range is form 0 to 4095 Priority Type the packet priority number for such VLAN The range is from 0 to 7 After finished the above settings click OK to save the setti...

Page 36: ...Type the description for such WAN interface VLAN Tag insertion Enable Enable the function of VLAN with tag The router will add specific VLAN number to all packets on the WAN while sending them out Please type the tag value and specify the priority for the packets sending by WAN1 Disable Disable the function of VLAN with tag Tag value Type the value as the VLAN ID number The range is form 0 to 4095...

Page 37: ...s the name of the WAN1 WAN2 that entered in general setup Physical Mode It shows the physical connection for WAN1 ADSL VDSL2 WAN2 Fiber accroding to the real network connection Access Mode Use the drop down list to choose a proper access mode The details page of that mode will be popped up If not click Details Page for accessing the page to configure the settings Details Page This button will open...

Page 38: ...ption number 100 Data abcd When such function is enabled the specified values for DHCP option will be seen in DHCP reply packets Interface Specify the WAN interface s that will be overwritten by such function WAN5 WAN7 can be located under WAN Multi PVC VLAN Option Number Type a number for such function DataType Choose the type ASCII or Hex for the data to be stored Data Type the content of the da...

Page 39: ...s configured here are specified for ADSL only Multi PVC channel The selections displayed here are determined by the page of Internet Access Multi PVC VLAN Select M PVCs Channel means no selection will be chosen Encapsulating Type Drop down the list to choose the type provided by ISP VPI Type in the value provided by ISP VCI Type in the value provided by ISP Modulation Default setting is Multimode ...

Page 40: ... open the following dialog ISP Access Setup Enter your allocated username password and authentication parameters according to the information provided by your ISP Username Type in the username provided by ISP in this field Password Type in the password provided by ISP in this field Separate Account for ADSL In default WAN1 supports VDSL2 ADSL and uses the same PPPoE account and password for connec...

Page 41: ...ddress by typing on the boxes of MAC Address for the router Specify a MAC Address Type the MAC address for the router manually Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Applications Schedule web page and you can use the number that you have set in that web page After finished the above settings click OK to sa...

Page 42: ...e The following web page will appear Available settings are explained as follows Item Description Enable Disable Click Enable for activating this function If you click Disable this function will be closed and all the settings that you adjusted in this page will be invalid Modem Settings for ADSL only Set up the DSL parameters required by your ISP These settings configured here are specified for AD...

Page 43: ... WAN IP Network Settings This group allows you to obtain an IP address automatically and allows you type in IP address manually WAN IP Alias If you have multiple public IP addresses and would like to utilize them on the WAN interface please use WAN IP Alias You can set up to 8 public IP addresses other than the current one you are using Notice that this setting is available for WAN1 only Type the ...

Page 44: ...rd Type in the password provided by ISP in this field Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Applications Schedule web page and you can use the number that you have set in that web page WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect...

Page 45: ...N IP Alias You can set up to 8 public IP addresses other than the current one you are using Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address Default MAC Address You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC Address for the router Specify a MAC Address Type the MAC address for the router manually Aft...

Page 46: ...connection is on or off TTL Time to Live Set TTL value of PING operation MTU It means Max Transmit Unit for packet RIP Protocol Routing Information Protocol is abbreviated as RIP RFC1058 specifying how routers exchange routing tables information Click Enable RIP for activating this function WAN IP Network Settings This group allows you to obtain an IP address automatically and allows you type in I...

Page 47: ... settings that you adjusted in this page will be invalid ISP Access Setup Enter your allocated username password and authentication parameters according to the information provided by your ISP Service Name Optional Enter the description of the specific network service Username Type in the username provided by ISP in this field The maximum length of the user name you can set is 63 characters Passwo...

Page 48: ... interface please use WAN IP Alias You can set up to 32 public IP addresses other than the current one you are using Type the additional WAN IP address and check the Enable box Then click OK to exit the dialog Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address Default MAC Address You can use Default MAC Address or specify another MAC address by ty...

Page 49: ... the system to execute the PING operation WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect Ping Detect or Always On for the system to execute for WAN detection If you choose Ping Detect as the detection mode you have to type required settings for the following items Ping IP If you choose ...

Page 50: ... name that you have assigned Specify an IP address Click this radio button to specify some data if you want to use Static IP mode IP Address Type the IP address Subnet Mask Type the subnet mask Gateway IP Address Type the gateway IP address Default MAC Address Click this radio button to use default MAC address for the router Specify a MAC Address Some Cable service providers specify a specific MAC...

Page 51: ...ess between the gateway and Vigor device through IPv6CP Later use DHCPv6 or accept RA to acquire the IPv6 prefix address such as 2001 B010 7300 200 64 offered by the ISP In addition PCs under LAN also can have the public IPv6 address for Internet access by means of the generated prefix No need to type any other information for PPP mode Available settings are explained as follows Item Description P...

Page 52: ...ur IPv4 WAN connection is OK and apply one free account from hexago http gogonet gogo6 com page freenet6 account before you try to use TSPC for network connection TSPC would connect to tunnel broker and requests a tunnel according to the specifications inside the configuration file It gets a public IPv6 IP address and an IPv6 prefix from the tunnel broker and then monitors the state of the tunnel ...

Page 53: ... 6 A AI IC CC CU U Available settings are explained as follows Item Description Always On Check this box to keep the network connection always Username Type the name obtained from the broker Please apply new account at http www sixxs net It is suggested for you to apply another username and password The maximum length of the name you can set is 19 characters Password Confirm Password Type the pass...

Page 54: ... from server Available settings are explained as follows Item Description Identify Association Choose Prefix Delegation or Non temporary Address as the identify association IAID Type a number as IAID After finished the above settings click OK to save the settings I II I 1 1 2 2 1 12 2 D De et ta ai il ls s P Pa ag ge e f fo or r I IP Pv v6 6 S St ta at ti ic c I IP Pv v6 6 This type allows you to ...

Page 55: ...Length Type the fixed value for prefix length Add Click it to add a new entry Delete Click it to remove an existed entry Current IPv6 Address Table Display current interface IPv6 address Static IPv6 Gateway Configuration IPv6 Gateway Address Type your IPv6 gateway address here After finished the above settings click OK to save the settings ...

Page 56: ... 0 16 So you can use a fixed endpoint rather than anycast endpoint The mode has more reliability Available settings are explained as follows Item Description Remote Endpoint IPv4 Address Type the static IPv4 address for the remote server 6in4 IPv6 Address Type the static IPv6 address for IPv4 tunnel with the value for prefix length LAN Routed Prefix Type the static IPv6 address for LAN routing wit...

Page 57: ...on 6rd Mode Auto 6rd Retrieve 6rd prefix automatically from 6rd service provider The IPv4 WAN must be set as DHCP Static 6rd Set 6rd options manually IPv4 Border Relay Type the IPv4 addresses of the 6rd Border Relay for a given 6rd domain IPv4 Mask Length Type a number of high order bits that are identical across all CE IPv4 addresses within a given 6rd domain It may be any value between 0 and 32 ...

Page 58: ...VigorNIC 132 Series User s Guide 48 After finished the above settings click OK to save the settings Below shows an example for successful IPv6 connection based on 6rd mode ...

Page 59: ...t PVC line that will be used as multi PVC Available settings are explained as follows Item Description Channel Display the number of each channel Channels 1 and 2 are used by the Internet Access web user interface and can not be configured here Channels 3 5 are configurable Enable Display whether the settings in this channel are enabled Yes or not No WAN Type Displays the physical medium that the ...

Page 60: ...ic WAN type to be built upon In the Multi PVC application only the Ethernet WAN type is available The user will be able to select the physical WAN interface the channel shall use here General Settings VLAN Header Check the box to enable the following two options VLAN Tag Type the value as the VLAN ID number Valid settings are in the range from 1 to 4095 The network traffic flowing on each channel ...

Page 61: ...sword Type in the password provided by ISP in this field The maximum length of the password you can set is 48 characters PPP Authentication Select PAP only or PAP or CHAP for PPP Always On Check it to keep the network connection always Idle Timeout Set the timeout for breaking down the Internet after passing through the time without any action Fixed IP Click Yes to use this function and type in a ...

Page 62: ...ype for the channel according to the information that your ISP provides PCR It represents Peak Cell Rate The default setting is 0 SCR It represents Sustainable Cell Rate The value of SCR must be smaller than PCR MBS It represents Maximum Burst Size The range of the value is 10 to 50 PVC to PVC Binding It allows the enabled PVC channel to use the same ADSL connection settings of another PVC channel...

Page 63: ...apsulated with the header of IPv4 first Later the packets will be transformed and judged by IPv4 router Once the packets arrive the border between IPv4 and IPv6 the header of IPv4 on the packets will be removed Then the packets with IPv6 address will be forwarded to the destination of IPv6 network Translation Such feature is active only for the user who uses IPv4 to communicate with other user usi...

Page 64: ...page Refer to the following PPP Dual Stack application IPv4 and IPv6 services can be utilized at the same time Choose PPP and type the information for PPPoE of IPv4 Access into the setting page for IPv6 service it is not necessary for you to configure anything Click OK and open Online Status If the connection is successful you will get the IP address for IPv4 and IPv6 at the same time ...

Page 65: ...VigorNIC 132 Series User s Guide 55 ...

Page 66: ...information for TSPC service Info While using such mode you have to make sure the IPv4 network connection is normal In the following figure the TSPC information is obtained from http gogo6 com after applied for the service Click OK and open Online Status If the connection is successful the physical connection will be shown as follows ...

Page 67: ... Info While using such mode you have to make sure the IPv4 network connection is normal In the following figure the AICCU information is obtained from https www sixxs net main after applied for the service Click OK and open Online Status If the connection is successful the physical connection will be shows as follows ...

Page 68: ...r s Guide 58 DHCPv6 Client Choose DHCPv6 Client Click one of the identity associations and type the IAID number Click OK and open Online Status If the connection is successful the physical connection will be shows as follows ...

Page 69: ...ries User s Guide 59 Static IPv6 Choose Static IPv6 Type IPv6 address Prefix Length and Gateway Address Click OK and open Online Status If the connection is successful the physical connection will be shows as follows ...

Page 70: ...n4 Static Tunnel Choose 6in4 Static Tunnel Type remote endpoint IPv4 address 6in4 IPv6 Address LAN Routed Prefix and Tunnel TTL Click OK and open Online Status If the connection is successful the physical connection will be shows as follows ...

Page 71: ...es User s Guide 61 6rd Choose 6rd Type IPv4 Border Relay IPv4 Mask Length 6rd Prefix and 6rd Prefix Length Click OK and open Online Status If the connection is successful the physical connection will be shows as follows ...

Page 72: ...lick the IPv6 tab 2 In the field of Router Advertisement Server the default setting is Enable The client s PC will ask RADVD service for the Prefix of IPv6 address automatically and generate an Interface ID by itself to compose a full and unique IPv6 address 3 In the field of DHCPv6 Server when DHCPv6 service is enabled you can assign available IPv6 address for the client manually Info When both m...

Page 73: ...he command of ipconfig Refer to the following figure From the above figure we can see IPv6 IP address has been captured by the system 2 Use the Ping command to ping any IPv6 address indicating an IPv6 website For example www kame net is a website supporting IPv4 IP and IPv6 IP services Its IPv6 address is seen with a format of 2001 200 dff fff1 216 3eff feb1 44d7 After getting the above message it...

Page 74: ...type an URL of IPv6 e g www kame net If your computer accesses into the website by using IPv6 address you may see a turtle dancing on the screen If not only a steady turtle will be seen If you can see a turtle dancing on the screen that means IPv6 service is ready for you to access and utilize ...

Page 75: ...e the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor device has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that you can set up a p...

Page 76: ...S St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified subnet to another specified subnet without the presence of RIP W Wh ha at t a ar re e V Vi ir rt tu ua al l L LA AN Ns s a an nd d R Ra at te e C Co o...

Page 77: ...nd refer to the following explanations for detailed information Available settings are explained as follows Item Description LAN IP Network Configuration For NAT Usage IP Address Type in private IP address for connecting to a local private network Default 192 168 1 1 Subnet Mask Type in an address code that determines the size of the network Default 255 255 255 0 24 For IP Routing Usage Click Enab...

Page 78: ...c Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatches related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your network If you want to use another DHCP server in the network other than the Vigor device...

Page 79: ...abcd When such function is enabled the specified values for DHCP option will be seen in DHCP reply packets Option Number Type a number for such option If you choose to configure option 61 here the detailed settings in WAN Interface Access will be overwritten DataType Choose the type ASCII Hex or IP address for the data to be stored Data Type the real content of the data to be processed by the func...

Page 80: ...n name is already in the DNS cache the router will resolve the domain name immediately Otherwise the router forwards the DNS query packet to the external DNS server by establishing a WAN e g DSL Cable connection Force router to use address for DNS Force Vigor router to use DNS servers configured in LAN1 instead of DNS servers given by the Internet Access server PPPoE PPTP L2TP or DHCP server When ...

Page 81: ...nfiguration Disable Click it to disable RADVD server Advertisement Lifetime The lifetime associated with the default router in units of seconds It s used to control the lifetime of the prefix The maximum value corresponds to 18 2 hours A lifetime of 0 indicates that the router is not a default router and should not appear on the default router list DHCPv6 Server Configuration Enable Server Click i...

Page 82: ...s configuration IPv6 Address Type static IPv6 address for LAN Prefix Length Type the fixed value for prefix length Add Click it to add a new entry Delete Click it to remove an existed entry Current IPv6 Address Table Display current used IPv6 addresses When you finish the configuration please click OK to save and exit this page ...

Page 83: ...ion Enable Click this radio button to invoke this function However IP MAC which is not listed in IP Bind List also can connect to Internet Disable Click this radio button to disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List ARP Table This table is the LAN ARP table of thi...

Page 84: ...ble or the IP MAC address typed in Add and Edit to the table of IP Bind List Update It allows you to edit and modify the selected IP address and MAC address that you create before Delete You can remove any item listed in IP Bind List Simply click and select the one and click Delete The selected item will be removed from the IP Bind List Backup Store the configuration for Bind IP to MAC as a file R...

Page 85: ...blic IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated into one public IP address thus you can have only one IP address on behalf ...

Page 86: ...ress domain name are recognized by all users Since the server is actually located inside the LAN the network well protected by NAT of the router and identified by its private IP address port the goal of Port Redirection function is to forward all access request with public IP address from external users to the mapping private IP address port of the server The port redirection can only apply to inc...

Page 87: ...rt layer protocol TCP or UDP Public Port Display the port number which will be redirected to the specified Private IP and Port of the internal host Private IP Display the IP address of the internal host providing the service Status Display if the profile is enabled v or not x Press any number under Index to access into next page for configuring port redirection Available settings are explained as ...

Page 88: ... and the second box as the ending port Private IP Specify the private IP address of the internal host providing the service If you choose Range as the port redirection mode you will see two boxes on this field Type a complete IP address in the first box as the starting point The second one will be assigned automatically later Private Port Specify the private port number of the service offered by t...

Page 89: ...ingle host in the LAN Regular web surfing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc The security properties of NAT are somewhat bypassed if you set up DMZ host We sug...

Page 90: ...ate IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ host When you have selected one private IP from the above dialog the IP address will be shown on the following screen Click OK to save the setting DMZ Host for WAN2 is slightly different with WAN1 Active True IP selection is available for WAN1 only See the following figure If you previously ha...

Page 91: ... are explained as follows Item Description Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network service Local IP Address Display the private IP address of the local host offering the service Status Display the ...

Page 92: ...this button and subsequently a window having a list of private IP addresses of local hosts will automatically pop up Select the appropriate IP address of the local host in the list Protocol Specify the transport layer protocol It could be TCP UDP or none for selection Start Port Specify the starting port number of the service offered by the local host End Port Specify the ending port number of the...

Page 93: ...evices are compatible with the DDNS services supplied by most popular DDNS service providers such as www dyndns org www no ip com www dtdns com www changeip com www dynamic nameserver com You should visit their websites to register your own domain name for the router S Sc ch he ed du ul le e The Vigor device has a built in clock which can update itself manually or automatically by means of Network...

Page 94: ... Set to Factory Default Clear all profiles and recover to factory settings View Log Display DDNS log status Force Update Force the router updates its information to DDNS server Auto Update interval Set the time for the router to perform auto update for DDNS service Index Click the number below Index to access into the setting page of DDNS setup to set account s Domain Name Display the domain name ...

Page 95: ...ill see a check mark appeared on the Active column of the previous web page in step 3 Service Provider Select the service provider for the DDNS account Service Type Select a service type Dynamic Custom or Static If you choose Custom you can modify the domain that is chosen in the Domain Name field Note that such option is not available when Customized is selected as Service Provider Domain Name Ty...

Page 96: ...onse Type any text that you want to receive from the DDNS server Note that such option is available when Customized is selected as Service Provider Login Name Type in the login name that you set for applying domain Password Type in the password that you set for applying domain Wildcard and Backup MX The Wildcard and Backup MX Mail Exchange features are not supported for all Dynamic DNS providers Y...

Page 97: ...am mi ic c D DN NS S A Ac cc co ou un nt ts s Uncheck Enable Dynamic DNS Setup and click Clear All button to disable the function and clear all accounts from the router D De el le et te e a a D Dy yn na am mi ic c D DN NS S A Ac cc co ou un nt t Click the Index number you want to delete and then click Clear All button to delete the account ...

Page 98: ... clock to current time of your PC The clock will reset once if you power down or reset the router There is another way to set up time You can inquiry an NTP server a time server on the Internet to synchronize the router s clock This method can only be applied when the WAN connection has been built up Available settings are explained as follows Item Description Set to Factory Default Clear all prof...

Page 99: ...n to be dial on demand and the value of idle timeout should be specified in Idle Timeout field Disable Dial On Demand Specify the connection to be up when it has traffic on the line Once there is no traffic over idle timeout the connection will be down and never up again during the schedule Idle Timeout Specify the duration or period for the schedule How often Specify how often the schedule will b...

Page 100: ... PPPoE always on from 9 00 to 18 00 for whole week 3 Configure the Force Down from 18 00 to next day 9 00 for whole week 4 Assign these two profiles to the PPPoE Internet access profile Now the PPPoE Internet connection will follow the schedule order to perform Force On or Force Down action according to the time plan that has been pre defined in the schedule profiles ...

Page 101: ...n Control Service or Connection Status Service Default WAN It is used to specify the WAN interface for applying such function The reminder as regards concern about Firewall and UPnP Can t work with Firewall Software Enabling firewall applications on your PC may cause the UPnP function not working properly This is because these applications will block the accessing ability of some network ports Sec...

Page 102: ...GMP Proxy Check this box to enable this function The application of multicast will be executed through WAN LTE PVC VLAN port In addition such function is available in NAT mode Refresh Click this link to renew the working multicast group status Group ID This field displays the ID port for the multicast group The available range for IGMP starts from 224 0 0 0 to 239 255 255 254 P1 It indicates the L...

Page 103: ...ter offers IPv4 and IPv6 for you to configure the static route Both protocols bring different web pages S St ta at ti ic c R Ro ou ut te e f fo or r I IP Pv v4 4 Available settings are explained as follows Item Description Index The number 1 to 30 under Index allows you to open next page to set up static route Destination Address Displays the destination address of the static route Status Displays...

Page 104: ...internal Router A 192 168 1 2 create a public subnet 211 100 88 0 via an internal Router B 192 168 1 3 have set Main Router 192 168 1 1 as the default gateway for the Router A 192 168 1 2 Before setting Static Route user A cannot talk to user B for Router A can only forward recognized packets to its default gateway Main Router 1 Go to LAN page and click General Setup select 1st Subnet as the RIP P...

Page 105: ...as follows Item Description Enable Click it to enable this profile Destination IP Address Type an IP address as the destination of such static route Subnet Mask Type the subnet mask for such static route Network Interface Use the drop down list to specify an interface for such static route 3 Return to Static Route Setup page Click on another Index Number to add another static route as show below w...

Page 106: ...s the destination address of the static route Status Displays the status of the static route Set to Factory Default Clear all of the settings and return to factory default settings Viewing IPv6 Routing Table Displays the routing table for your reference Click any underline of index number to get the following page Available settings are explained as follows Item Description Enable Click it to enab...

Page 107: ...VigorNIC 132 Series User s Guide 97 Network Interface Use the drop down list to specify an interface for this static route When you finish the configuration please click OK to save and exit this page ...

Page 108: ...VigorNIC 132 Series User s Guide 98 This page is left blank ...

Page 109: ... distance learning security has been always the most concerned The firewall of the Vigor device helps to protect your local network against attack from unauthorized outsiders It also restricts users in the local network from accessing the Internet CSM is an abbreviation of Central Security Management which is used to filter URL content to reach a goal of security management ...

Page 110: ...denies unsolicited incoming data Selectable Denial of Service DoS Distributed DoS DDoS attacks protection I IP P F Fi il lt te er rs s Depending on whether there is an existing Internet connection or in other words the WAN link status is up or down the IP filter architecture categorizes traffic into two Call Filter and Data Filter Call Filter When there is no existing Internet connection Call Filt...

Page 111: ... exhaust all your system s resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables the Vigor device to inspect every incoming packet based on the attack signature database Any malicious packet that might duplicate itself to paralyze the host in the secure LAN will be strictly bloc...

Page 112: ...work in a serial manner So here you assign the Start Filter Set only Also you can configure to Accept incoming fragmented UDP packets Click Firewall and click General Setup to open the general setup page I II II I 1 1 1 1 1 1 G Ge en ne er ra al l S Se et tu up p P Pa ag ge e Such page allows you to enable disable Call Filter and Data Filter determine general rule for filtering the incoming and ou...

Page 113: ...urity checking for data transmission Such feature is enabled in default All the packets while transmitting through Vigor device will be filtered by firewall If the firewall system e g content filter server does not make any response pass or block for these packets then the router s firewall will block the packets directly Block routing packet from WAN Usually IPv6 network sessions traffic from WAN...

Page 114: ...e filter rule configured in this page The default setting is 10000 URL Content Filter Select one of the URL Content Filter profile settings created in CSM URL Content Filter for applying with this router Please set at least one profile for choosing in CSM URL Content Filter web page first Or choose Create New from the drop down list in this page to create a new profile For troubleshooting needs yo...

Page 115: ...sed Please use the drop down list to choose a codepage If you do not have any idea of choosing suitable codepage please open Syslog From Codepage Information of Setup dialog you will see the recommended codepage listed on the dialog box Window size It determines the size of TCP protocol 0 65535 The more the value is the better the performance will be However if the network is not stable small valu...

Page 116: ...ollows Item Description Filter Rule Click a button numbered 1 7 to edit the filter rule Click the button will open Edit Filter Rule web page For the detailed information refer to the following page Active Enable or disable the filter rule Comment Enter filter set comments description Maximum length is 23 character long Move Up Down Use Up or Down link to move the order of the filter rules Next Fil...

Page 117: ... defined in Applications Schedule setup The default setting of this field is blank and the function will always work Clear sessions when schedule ON Check this box to clear the sessions when the above schedule profiles are applied Direction Set the direction of packet flow It is for Data Filter only For the Call Filter this setting is not available since Call Filter is only applied to outgoing tra...

Page 118: ...P Group drop down list choose the one that you want to apply Or use the IP Object drop down list to choose the object that you want Service Type Click Edit to access into the following dialog to choose a suitable service type To set the service type manually please choose User defined as the Service Type and type them in this dialog In addition if you want to use the service type from defined grou...

Page 119: ...ely Pass Immediately Packets matching the rule will be passed immediately Block If No Further Match A packet matching the rule and that does not match further rules will be dropped Pass If No Further Match A packet matching the rule and that does not match further rules will be passed through Branch to other Filter Set If the packet matches the filter rule the next filter rule will branch to the s...

Page 120: ...will be processed Please use the drop down list to choose a codepage If you do not have any idea of choosing suitable codepage please open Syslog From Codepage Information of Setup dialog you will see the recommended codepage listed on the dialog box Window size It determines the size of TCP protocol 0 65535 The more the value is the better the performance will be However if the network is not sta...

Page 121: ...VigorNIC 132 Series User s Guide 111 ...

Page 122: ...kets from the Internet has exceeded the defined value the Vigor device will start to randomly discard the subsequent TCP SYN packets for a period defined in Timeout The goal for this is prevent the TCP SYN packets attempt to exhaust the limited resource of Vigor device By default the threshold and timeout values are set to 2000 packets per second and 10 seconds respectively That means when 2000 pa...

Page 123: ... function The Vigor device will ignore any IP packets with IP option field in the datagram header The reason for limitation is IP option appears to be a vulnerability of the security for the LAN because it will carry significant information such as security TCC closed user group parameters a series of Internet addresses routing messages etc An eavesdropper outside might learn the details of your p...

Page 124: ...uct the packets The Vigor devices will block any packets realizing this attacking activity Block ICMP Fragment Check the box to activate the Block ICMP fragment function Any ICMP packets with more fragment bit set are dropped Block Unassigned Numbers Check the box to activate the Block Unknown Protocol function Individual IP packet has a protocol field in the datagram header to indicate the protoc...

Page 125: ...VigorNIC 132 Series User s Guide 115 ...

Page 126: ...68 1 10 192 168 1 20 accessing to Internet through Vigor device Others e g 192 168 1 31 and 192 168 1 32 outside the range can get the source from LAN only The way we can use is to set two rules under Firewall For Rule 1 of Set 2 under Firewall Filter Setup is used as the default setting we have to create a new rule starting from Filter Rule 2 of Set 2 1 Access into the web user interface of Vigor...

Page 127: ...o Filter Rule 7 If Block If No Further Match for is selected for Filter the firewall of the router would check the packets with the rules starting from Rule 3 to Rule 7 The packets not matching with the rules will be processed according to Rule 2 4 Next set another rule Just open Firewall Filter Setup Click the Set 2 link and choose the Filter Rule 3 button 5 Check the box of Check to enable the F...

Page 128: ...ist Type 192 168 1 10 in the field of Start IP and type 192 168 1 20 in the field of End IP Then click OK to save the settings The computers within the range can access into the Internet 7 Now check the content of Source IP is correct or not The action for Filter shall be set with Pass Immediately Then click OK to save the settings ...

Page 129: ...32 Series User s Guide 119 8 Both filter rules have been created Click OK Now all the settings are configured well Only the computers with the IP addresses within 192 168 1 10 192 168 1 20 can access to Internet ...

Page 130: ... as a well trained convenience store clerk who won t sell adult magazines to teenagers At office URL Content Filter can also provide a job related only environment hence to increase the employee work efficiency How can URL Content Filter work better than traditional firewall in the field of filtering Because it checks the URL strings or some of HTTP data hiding in the payload of TCP packets while ...

Page 131: ...legacy firewall inspects packets based on the fields of TCP IP headers only On the other hand Vigor device can prevent user from accidentally downloading malicious codes from web pages It s very common that malicious codes conceal in the executable objects such as ActiveX Java Applet compressed files and other executable files Once downloading these types of files from websites you may risk bringi...

Page 132: ... choose this setting both configuration set in this page for URL Access Control and Web Feature will be inactive Both Block The router will block all the packages that match with the conditions specified in URL Access Control and Web Feature below When you choose this setting both configuration set in this page for URL Access Control and Web Feature will be inactive Either URL Access Control First...

Page 133: ...re Action This setting is available only when Either URL Access Control First or Either Web Feature First is selected Pass Allow accessing into the corresponding webpage with the keywords listed on the box below Block Restrict accessing into the corresponding webpage with the keywords listed on the box below If the web pages do not match with the keyword set here it will be processed with reverse ...

Page 134: ...here it will be processed with reverse action Cookie Check the box to filter out the cookie transmission from inside to outside world to protect the local user s privacy Proxy Check the box to reject any proxy transmission To control efficiently the limited bandwidth usage it will be of great value to provide the blocking mechanism that filters out the multimedia files downloading from web pages U...

Page 135: ...ti Spam Web Content Filter Anti Intrusion and etc to filtering the web pages for the sake of protecting your system To access into MyVigor for getting more information please create an account for MyVigor C Cr re ea at te e a an n A Ac cc co ou un nt t v vi ia a M My yV Vi ig go or r W We eb b S Si it te e 1 Access into http myvigor draytek com Find the line of Not registered yet Then click the li...

Page 136: ...Series User s Guide 126 3 Type your personal information in this page and then click Continue 4 Choose proper selection for your computer and click Continue 5 Now you have created an account successfully Click START ...

Page 137: ...reen will be shown to verify the register process is finished Please click Login 8 When you see the following page please type in the account and password that you just created in the fields of UserName and Password Then type the code in the box of Auth Code according to the value displayed on the right side of it Now click Login Your account has been activated You can access into MyVigor server t...

Page 138: ... A Block the web page containing the word of Facebook 1 Open Object Settings Keyword Object Click an index number to open the setting page 2 In the field of Contents please type facebook Configure the settings as the following figure 3 Open CSM URL Content Filter Profile Click an index number to open the setting page 4 Configure the settings as the following figure 5 When you finished the above st...

Page 139: ...in the field of URL Content Filter Now users cannot open any web page with the word facebook inside B Disallow users to play games on Facebook 1 Open Object Settings Keyword Object Click an index number to open the setting page 2 In the field of Contents please type apps facebook Configure the settings as the following figure ...

Page 140: ...ng page 4 Configure the settings as the following figure 5 When you finished the above steps please open Firewall General Setup 6 Click the Default Rule tab Choose the profile just configured from the drop down list in the field of URL Content Filter Now users cannot open any web page with the word facebook inside ...

Page 141: ... t I IV V M Ma an na ag ge em me en nt t There are several items offered for the Vigor device system setup System Status TR 069 Administrator Password Configuration Backup Syslog Mail Alert Time and Date Management Reboot System and Firmware Upgrade ...

Page 142: ... nc ce e For the system setup there are several items that you have to know the way of configuration System Status TR 069 Administrator Password Configuration Backup Syslog Mail Alert Time and Date Management Reboot System and Firmware Upgrade Below shows the menu items for System Maintenance ...

Page 143: ... Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build LAN MAC Address Display the MAC address of the LAN Interface IP Address Display the IP address of the LAN interface Subnet Mask Display the subnet mask address of the LAN interface DHCP Server Display the current status of DHCP se...

Page 144: ...signed IP address of the default gateway IPv6 Address Display the IPv6 address for LAN Scope Display the scope of IPv6 address For example IPv6 Link Local could only be used for direct IPv6 link It can t be used for IPv6 internet Internet Access Mode Display the connection mode chosen for accessing into Internet ...

Page 145: ... the ACS Auto Configuration Server you want to link Please refer to Auto Configuration Server user s manual for detailed information Test With Inform Click it to send a message based on the event code selection to test if such CPE is able to communicate with VigorACS SI server Event Code Use the drop down menu to specify an event to perform the test Last Inform Response Time Display the time that ...

Page 146: ...type the relational settings listed below Server IP Type the IP address of the STUN server Server Port Type the port number of the STUN server Minimum Keep Alive Period If STUN is enabled the CPE must send binding request to the server for the purpose of maintaining the binding in the Gateway Please type a number as the minimum period The default setting is 60 seconds Maximum Keep Alive Period If ...

Page 147: ...ws Item Description Administrator Password Old Password Type in the old password The factory default setting for password is admin New Password Type in new password in this field The length of the password is limited to 23 characters Confirm Password Type in the new password again When you click OK the login window will appear Please use the new password to access into the web user interface again...

Page 148: ...ile to be restored Restore configuration except the login password If the password settings shall not be restored and applied to VigorNIC 132 simply check this box to get rid of password settings Click Restore to restore the configuration If the file is encrypted the system will ask you to type the password to decrypt the configuration file Backup Click it to perform the configuration backup of th...

Page 149: ...e Info Backup for Certification must be done independently The Configuration Backup does not include information of Certificate R Re es st to or re e C Co on nf fi ig gu ur ra at ti io on n 1 Go to System Maintenance Configuration Backup The following windows will be popped up as shown below 2 Click Choose File button to choose the correct configuration file for uploading to the router 3 Click Res...

Page 150: ... Port Assign a port for the Syslog protocol Enable syslog message Check the box listed on this web page to send the corresponding message of firewall VPN User Access Call WAN Router DSL information to Syslog Mail Alert Setup Check Enable to activate function of mail alert Send a test e mail Make a simple test for the e mail address specified in this page Please assign the mail address first and cl...

Page 151: ...OK to save these settings For viewing the Syslog please do the following 1 Just set your monitor PC s IP address in the field of Server IP Address 2 Install the Router Tools in the Utility within provided CD After installation click on the Router Tools Syslog from program menu 3 From the Syslog screen select the router you want to monitor Be reminded that in Network Information select the network ...

Page 152: ...Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Time Server Type the web site of the time server Priority Choose Auto or IPv6 First as the priority Time Zone Select the time zone where the router is located Enable Daylight Saving Check the box to enable the daylight saving Such feature is available for certain area Advanced Click it to ...

Page 153: ...p CVM Access Control and Device Management The management pages for IPv4 and IPv6 protocols are different F Fo or r I IP Pv v4 4 Available settings are explained as follows Item Description Router Name Type in the router name provided by ISP Default Disable Auto Logout If it is enabled the function of auto logout for web user interface will be disabled The web user interface will be open until you...

Page 154: ...ted to 23 characters Set Community Set community by typing a proper name The default setting is private The maximum length of the text is limited to 23 characters Manager Host IP Set one host as the manager to execute SNMP function Please type in IPv4 address to specify certain host Trap Community Set trap community by typing a proper name The default setting is public The maximum length of the te...

Page 155: ... the router from Internet Check the box es to specify Disable PING from the Internet Check the checkbox to disable all PING packets from the Internet For security issue this function is enabled by default Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed IPv6 Address Prefix L...

Page 156: ...edule web page and you can use the number that you have set in that web page If you want to reboot the router using the current configuration check Using current configuration and click Reboot Now To reset the router settings to default values check Using factory default configuration and click Reboot Now The router will take 5 seconds to reboot the system Info When the system pops up Reboot Syste...

Page 157: ...te is www DrayTek com or local DrayTek s web site and FTP site is ftp DrayTek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Choose the right firmware by clicking Select Then click Upgrade The system will upgrade the firmware of the router automatically Click OK The following screen will appear Please execute the firmware upgrade utility first ...

Page 158: ...VigorNIC 132 Series User s Guide 148 This page is left blank ...

Page 159: ...VigorNIC 132 Series User s Guide 149 P Pa ar rt t V V O Ot th he er rs s Define objects such as IP address service type keyword file extension and others These pre defined objects can be applied in CSM ...

Page 160: ...ts in a limited range usually will be applied in configuring router s settings therefore we can define them with objects and bind them with groups for using conveniently Later we can select that object group that can apply it For example all the IPs in the same department can be defined with an IP object a range of IP address ...

Page 161: ...ditions Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the object profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows ...

Page 162: ...ed with LAN RT VPN interface will be opened for you to choose in Edit Filter Rule page Address Type Determine the address type for the IP address Select Single Address if this object contains one IP address only Select Range Address if this object contains several IPs within a range Select Subnet Address if this object contains one subnet for IP address Select Any Address if this object contains a...

Page 163: ...he Subnet Address type is selected Invert Selection If it is checked all the IP addresses except the ones listed above will be applied later while it is chosen 3 After finishing all the settings here please click OK to save the configuration Below is an example of IP objects settings ...

Page 164: ...are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows ...

Page 165: ...ecified interface chosen above will be shown in this box Selected IP Objects Click button to add the selected IP objects in this box 3 After finishing all the settings here please click OK to save the configuration V V 1 1 3 3 I IP Pv v6 6 O Ob bj je ec ct t You can set up to 64 sets of IPv6 Objects with different conditions Available settings are explained as follows Item Description Set to Facto...

Page 166: ...several IPv6s within a range Select Subnet Address if this object contains one subnet for IPv6 address Select Any Address if this object contains any IPv6 address Select Mac Address if this object contains Mac address Mac Address Type the MAC address of the network card which will be controlled Start IP Address Type the start IP address for Single Address type End IP Address Type the end IP addres...

Page 167: ...ings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows ...

Page 168: ...ed IPv6 Objects Click button to add the selected IPv6 objects in this box 3 After finishing all the settings please click OK to save the configuration V V 1 1 5 5 S Se er rv vi ic ce e T Ty yp pe e O Ob bj je ec ct t You can set up to 96 sets of Service Type Objects with different conditions Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Inde...

Page 169: ...rt columns are available for TCP UDP protocol It can be ignored for other protocols The filter rule will filter out any port number when the first and last value are the same it indicates one port when the first and last values are different it indicates a range for the port and available for this profile when the first and last value are the same it indicates all the ports except the port defined...

Page 170: ... 6 6 S Se er rv vi ic ce e T Ty yp pe e G Gr ro ou up p This page allows you to bind several service types into one group Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile ...

Page 171: ...tings are explained as follows Item Description Name Type a name for this profile Maximum 15 characters are allowed Available Service Type Objects All the available service objects that you have added on Objects Setting Service Type Object will be shown in this box Selected Service Type Objects Click button to add the selected IP objects in this box 3 After finishing all the settings please click ...

Page 172: ... 200 keyword object profiles for choosing as black white list in CSM URL Web Content Filter Profile Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the object profile ...

Page 173: ...gs are explained as follows Item Description Name Type a name for this profile e g game Maximum 15 characters are allowed Contents Type the content for such profile For example type gambling as Contents When you browse the webpage the page with gambling information will be watched out and be passed blocked based on the configuration on Firewall settings 3 After finishing all the settings please cl...

Page 174: ...t in CSM URL Web Content Filter Profile Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will b...

Page 175: ...the selected Keyword objects in this box 3 After finishing all the settings please click OK to save the configuration V V 1 1 9 9 F Fi il le e E Ex xt te en ns si io on n O Ob bj je ec ct t This page allows you to set eight profiles which will be applied in CSM URL Content Filter All the files with the extension names specified in these profiles will be processed according to the chosen action Ava...

Page 176: ...ils 2 The configuration page will be shown as follows Available settings are explained as follows Item Description Profile Name Type a name for this profile The maximum length of the name you can set is 7 characters 3 Type a name for such profile and check all the items of file extension that will be processed in the router Finally click OK to save this profile ...

Page 177: ...ide 167 P Pa ar rt t V VI I T Tr ro ou ub bl le es sh ho oo ot ti in ng g This part will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the web configuration ...

Page 178: ...ow to check your basic installation status stage by stage Checking if the hardware status is OK or not Checking if the network connection settings on your computer are OK or not Pinging the router from your computer Checking if the ISP settings are OK or not Backing to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you ...

Page 179: ... 1 1 1 D Di ia al l o ou ut t T Tr ri ig gg ge er ri in ng g Click Diagnostics and click Dial out Triggering to open the web page The internet connection e g PPPoE is triggered by a package sending from the source IP address Available settings are explained as follows Item Description Decoded Format It shows the source IP address local destination IP remote address the protocol and length of the p...

Page 180: ... s Guide 170 V VI I 1 1 2 2 R Ro ou ut ti in ng g T Ta ab bl le e Click Diagnostics and click Routing Table to open the web page Available settings are explained as follows Item Description Refresh Click it to reload the page ...

Page 181: ...ostics and click ARP Cache Table to view the content of the ARP Address Resolution Protocol cache held in the router The table shows a mapping between an Ethernet hardware address MAC Address and an IP address Available settings are explained as follows Item Description Refresh Click it to reload the page ...

Page 182: ...ping between an Ethernet hardware address MAC Address and an IPv6 address This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click IPv6 Neighbour Table to open the web page Available settings are explained as follows Item Description Refresh Click it to reload the page ...

Page 183: ...conflicts etc Click Diagnostics and click DHCP Table to open the web page and Available settings are explained as follows Item Description Index It displays the connection item number IP Address It displays the IP address assigned by this router for specified PC MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it Leased Time It displays the leased time...

Page 184: ...AT Sessions Table to open the list page Available settings are explained as follows Item Description Private IP Port It indicates the source IP address and port of local PC Pseudo Port It indicates the temporary port of the router used for NAT Peer IP Port It indicates the destination IP address and port of remote host Interface It displays the representing number for different interface Refresh C...

Page 185: ...d displayed on Diagnostics DNS Cache Table Available settings are explained as follows Item Description Clear Click this link to remove the result on the window Refresh Click it to reload the page When an entry s TTL is larger than Check the box the type the value of TTL time to live for each entry Click OK to enable such function It means when the TTL value of each DNS query reaches the threshold...

Page 186: ...or such function Ping through Use the drop down list to choose the WAN LTE interface that you want to ping through or choose Unspecified to be determined by the router automatically Ping to Use the drop down list to choose the destination that you want to ping IP Address Type the IP address of the Host IP that you want to ping Ping IPv6 Address Type the IPv6 address that you want to ping Run Click...

Page 187: ...te RX rate or Session link for arranging the data display Available settings are explained as follows Item Description Enable Data Flow Monitor Check this box to enable this function Refresh Seconds Use the drop down list to choose the time interval of refreshing data flow that will be done by the system automatically Refresh Click this link to refresh this page manually Index Display the number o...

Page 188: ...will be blocked for five minutes The remaining time will be shown on the session column Click it to cancel the IP address blocking Current Peak Speed Current means current transmission rate and receiving rate for WAN interface Peak means the highest peak value detected by the router in data transmission Speed means line speed specified in WAN General Setup If you do not specify any rate at that pa...

Page 189: ...the routes from router to the host Simply type the IP address of the host in the box and click Run The result of route trace will be shown on the screen or Available settings are explained as follows Item Description IPv4 IPv6 Click one of them to display corresponding information for it Trace through Use the drop down list to choose the interface that you want to ping through ...

Page 190: ...tart route tracing work Clear Click this link to remove the result on the window V VI I 1 1 1 11 1 I IP Pv v6 6 T TS SP PC C S St ta at tu us s IPv6 TSPC status web page could help you to diagnose the connection status of TSPC If TSPC has configured properly the router will display the following page when the user connects to tunnel broker successfully Available settings are explained as follows I...

Page 191: ...VigorNIC 132 Series User s Guide 181 V VI I 1 1 1 12 2 D DS SL L S St ta at tu us s Such page is useful for RD debug or web technician ...

Page 192: ...he steps below to verify the hardware status 1 Check the power line and LAN cable connections Refer to I 2 Hardware Installation for details 2 Make sure the ACT LED on the card blink once per second 3 If not it means that there is something wrong with the hardware status Simply back to I 2 Hardware Installation to execute the hardware installation again And then try again ...

Page 193: ...he link is stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s Info The example is based on Windows 7 As to the examples for other operation systems please refer to the similar steps or find support notes in www DrayTek com 1 Open All Programs Getting Started Control Panel Click Network and Sharing Center 2 In the follo...

Page 194: ...NIC 132 Series User s Guide 184 4 Select Internet Protocol Version 4 TCP IP and then click Properties 5 Select Obtain an IP address automatically and Obtain DNS server address automatically Finally click OK ...

Page 195: ...Guide 185 F Fo or r M Ma ac c O OS S 1 Double click on the current used Mac OS on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 196: ... the router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista 7 The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP add...

Page 197: ...VigorNIC 132 Series User s Guide 187 ...

Page 198: ...gured in Vigor device Check if the LEDs on Vigor device are on or not If not please install an additional switch for connecting both Vigor device and the modem offered by ISP Then check if the LEDs on Vigor device are on or not If the problem of LEDs cannot be solved by the above measures please contact with the nearest reseller or send an e mail to DrayTek FAE for technical support Check if the s...

Page 199: ...wa ar re e R Re es se et t You can reset the router to factory default via Web page Such function is available in Admin Mode only Go to System Maintenance and choose Reboot System on the web page The following screen will appear Choose Using factory default configuration and click Reboot Now After few seconds the device will return all the settings to the factory settings H Ha ar rd dw wa ar re e ...

Page 200: ... C Co on nt ta ac ct ti in ng g D Dr ra ay yT Te ek k If the router still cannot work correctly after trying many efforts please contact your dealer for further help right away For any questions please feel free to send e mail to support DrayTek com ...

Page 201: ...VigorNIC 132 Series User s Guide 191 This page is left blank ...

Page 202: ...VigorNIC 132 Series User s Guide 192 P Pa ar rt t V VI II I T Te el ln ne et t C Co om mm ma an nd ds s ...

Page 203: ...re the Windows Features of Telnet Client has been turned on under Control Panel Programs Type cmd and press Enter The Telnet terminal will be open later In the following window type Telnet 192 168 1 1 as below and press Enter Note that the IP address in the example is the default address of the router If you have changed the default enter the current IP address of the router Next type admin admin ...

Page 204: ...Guide 194 For users using previous Windows system e g 2000 XP simply click Start Run and type Telnet 192 168 1 1 in the Open box as below Next type admin admin for Account Password And type to get a list of valid common commands ...

Page 205: ...tus ATU R Info hw annex B f w annex X Running Mode State TRAINING DS Actual Rate 0 bps US Actual Rate 0 bps DS Attainable Rate 0 bps US Attainable Rate 0 bps DS Path Mode Fast US Path Mode Fast DS Interleave Depth 0 US Interleave Depth 0 NE Current Attenuation 0 dB Cur SNR Margin 0 dB DS actual PSD 0 0 dB US actual PSD 0 0 dB NE Rcvd Cells 0 NE Xmitted Cells 0 NE CRC Count 0 FE CRC Count 0 NE ES C...

Page 206: ...t 4 Multi 5 ADSL2 7 ADSL2_AnnexM 8 ADSL2 14 ADSL2 _AnnexM acqIP It means the way to acquire IP address Type the number to determine the IP address by specifying or assigned dynamically by DHCP server 0 fix_ip 1 dhcp_client PPPoE PPPoA acquire IP method idle Type number to determine the network connection will be kept for always or idle after a certain time 1 always on else idle timeout secs Only f...

Page 207: ...le bridge status save It means to save the configuration to flash enable It means to enable the Multi VLAN function disable It means to disable the Multi VLAN function on off It means to turn on off bridge mode for the specific channel clear It means to turn off and clear all the PVC settings tag tag_no No tag 1 Available number for tag 0 4095 pri pri_no The number 0 to 7 can be set to indicate th...

Page 208: ...st mode DSL debug tool mode is off adsl idle tcpmessage Set DSL debug tool mode on Please reboot system to take effect adsl idle tcpmessage_off Set DSL debug tool mode off Please reboot system to take effect T Te el ln ne et t C Co om mm ma an nd d a ad ds sl l d dr ri iv ve em mo od de e This command is useful for laboratory to measure largest power of data transmission Please follow the steps be...

Page 209: ... level 5 for F5 End to End VC level chklink Check the DSL connection Log_on log_off Enable or disable the OAM log for debug E Ex xa am mp pl le e adsl oamlb chklink on OAM checking dsl link is ON adsl oamlb F5 4 Tx cnt 0 Rx Cnt 0 T Te el ln ne et t C Co om mm ma an nd d a ad ds sl l v vc ci il li im mi it t This command can cancel the limit for vci value Some ISP might set the vci value under 32 I...

Page 210: ...o remove ADSL mode set It means to use default settings plus the new added ADSL mode default It means to use default settings show It means to display current setting adsl_mode There are three modes to be choose ANNEXL ANNEXM annexA ADSL over POTS and ANNEXJ annexB ADSL over ISDN E Ex xa am mp pl le e adsl automode set ANNEXJ Automode supported T1 413 G DMT ADSL2 ADSL2 ANNEXJ adsl automode default...

Page 211: ...elem g vector status trellis retx default us ds bi us upstream ds downstream bi bidirection aelem and g vector can be only on off value The value shall be hex digits bitswap 0 2 sra 0 2 3 4 on off Type on for enabling such function Type off for disabling such function E Ex xa am mp pl le e adsl optn default trellis US ON DS ON bitswap US 0 DS 0 0 default ON 1 ON 2 OFF sra US 0 DS 0 0 default 3 2 O...

Page 212: ...44 79612f21 adsl vendorid on set vid0 vid1 User define CPE Vendor ID is ON T Te el ln ne et t C Co om mm ma an nd d a ad ds sl l a at tm m This command can set QoS parameter for ATM S Sy yn nt ta ax x adsl atm pcr pvc_no PCR max status adsl atm scr pvc_no SCR adsl atm mbs pvc_no MBS adsl atm status S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description pvc_no It means pvc numbe...

Page 213: ... pl le e adsl pvcbinding 3 5 set done bind pvc3 to pvc5 The above example means PVC3 has been bound to PVC5 adsl pvcbinding 3 1 clear pvc 1 binding The above example means the PVC3 binding group has been removed T Te el ln ne et t C Co om mm ma an nd d v vd ds sl l s st ta at tu us s This command is used to display current status of VDSL setting S Sy yn nt ta ax x vdsl status more counts hlog qln ...

Page 214: ...tcpmessage_off DSL debug tool mode is off E Ex xa am mp pl le e vdsl idle on DSL is under IDLE QUIET test mode DSL debug tool mode is off vdsl idle tcpmessage Set DSL debug tool mode on Please reboot system to take effect vdsl idle tcpmessage_off Set DSL debug tool mode off Please reboot system to take effect T Te el ln ne et t C Co om mm ma an nd d v vd ds sl l d dr ri iv ve er rm mo od de e This...

Page 215: ...p pl le e vdsl showbins 2 30 DOWNSTREAM Bin SNR Gain Bi Bin SNR Gain Bi Bin SNR Gain Bi Bin SNR Gain Bi dB 1dB ts dB 1dB ts dB 1dB ts dB 1dB ts Bin SNR Gain Bi Bin SNR Gain Bi Bin SNR Gain Bi Bin SNR Gain Bi dB 1dB ts dB 1dB ts dB 1dB ts dB 1dB ts T Te el ln ne et t C Co om mm ma an nd d v vd ds sl l o op pt tn n This command allows you to configure DSL line feature S Sy yn nt ta ax x vdsl optn FU...

Page 216: ... ID S Sy yn nt ta ax x vdsl vendorid status on off set vid0 vid1 S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description status Display current status of user defined vendor ID on Enable the user defined function off Disable the user defined function set vid0 vid1 It means to set user defined vendor ID with vid0 and vid1 The vendor ID shall be set with HEX format ex 00fe7244 796...

Page 217: ...000 Self test result PASS Transmission mode capability 0X40004004C010400 T Te el ln ne et t C Co om mm ma an nd d b bp pa a This command allows to configure a network setting specified for Australia s ISP S Sy yn nt ta ax x bpa m command parameter S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description m Available settings are 1 and 2 a enable 1 0 to enable disable this entry n ...

Page 218: ...VigorNIC 132 Series User s Guide 208 ServerIP 1 4 index 2 inactive UserName 2 PassWord 2 ServerIP 2 0 ...

Page 219: ...t the administration message MSG means the content less than 255 characters of the message itself obj It means to specify the object for the profile INDEX It means to specify the index number of CSM profile from 1 to 8 n It means to set the profile name PROFILE_NAME It means to specify the name of the profile less than 16 characters p Set the priority defined by the number specified in VALUE for t...

Page 220: ... ax x D De es sc cr ri ip pt ti io on n Parameter Description INDEX It means to specify the index number of CSM profile from 1 to 8 v It means to view the protocol configuration of the CSM profile e It means to enable the function of URL Access Control d It means to disable the function of URL Access Control a Set the action of specific application P or B B Block The web access meets the URL Acces...

Page 221: ... Enable URL Access Control Action pass v Prevent web access from IP address No Obj NO Object Name No Grp NO Group Name csm ucf obj 1 uac a B Profile Index 1 Profile Name game Log none Priority Select Bundle Pass Enable URL Access Control Action block v Prevent web access from IP address No Obj NO Object Name No Grp NO Group Name ...

Page 222: ...e CSM profile e It means to enable the restriction of web feature d It means to disable the restriction of web feature a Set the action of web feature P or B B Block The web access meets the web feature will be blocked P Pass The web access meets the web feature will be passed s It means to enable the the Web Feature configuration Features available for configuration are c Cookie p Proxy u Upload ...

Page 223: ...DNS time The range is from 1 to 14400 E Ex xa am mp pl le e ddns time ddns time update in minutes Valid 1 1440 Now 1440 ddns time 1000 ddns time update in minutes Valid 1 1440 Now 1000 T Te el ln ne et t C Co om mm ma an nd d d do os s This command allows users to configure the settings for DoS defense system S Sy yn nt ta ax x dos V D A dos s ATTACK_F THRESHOLD TIMEOUT dos a e ATTACK_F ATTACK_0 d...

Page 224: ...e system is Activated dos s synflood 50 10 Synflood is enabled Threshold 50 pke sec timeout 10 pke sec T Te el ln ne et t C Co om mm ma an nd d e ex xi it t Type this command will leave telnet window T Te el ln ne et t C Co om mm ma an nd d I In nt te er rn ne et t This command allows you to configure detailed settings for WAN connection S Sy yn nt ta ax x internet W n M n command parameter S Sy y...

Page 225: ...55 255 255 xxx x is changeable as the netmask for WAN port g gateway It means to assign gateway IP for such WAN connection V It means to view Internet Access profile E Ex xa am mp pl le e internet M 1 S tcom u username p password a 0 t 1 i 0 0 0 0 WAN1 Internet Mode set to PPPoE PPPoA WAN1 ISP Name set to tcom WAN1 Username set to username WAN1 Password set successful WAN1 PPP Authentication Type ...

Page 226: ...ddress E Ex xa am mp pl le e ip 2ndaddr ip addr 2nd subnet IP address Now 192 168 2 1 ip 2ndaddr 192 168 2 5 Set 2nd subnet IP address done T Te el ln ne et t C Co om mm ma an nd d i ip p 2 2n nd dm ma as sk k This command allows users to set the mask for IP routed subnet of your router S Sy yn nt ta ax x ip 2ndmask ip 2ndmask 2nd subnet mask S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Pa...

Page 227: ...index number of the table displayed on your screen E Ex xa am mp pl le e ip aux add 192 168 1 65 1 192 168 1 65 has added in index 2 ip aux ip aux add IP Join to NAT Pool ip aux ip aux add IP Join to NAT Pool wanX ip aux remove Index wanX Where IP Auxiliary WAN IP Address Join to NAT Pool 0 or 1 Index The Index number of table wanX add remove an address for WANX Now auxiliary WAN1 IP Address table...

Page 228: ...ddress It means the LAN IP address E Ex xa am mp pl le e ip addr 192 168 50 1 Set IP address OK Info When the LAN IP address is changed the start IP address of DHCP server are still the same To make the IP assignment of the DHCP server being consistent with this new IP address they should be in the same network segment the IP address of the PC must be fixed with the same LAN IP address network seg...

Page 229: ...lows users to review current status for the arp table arp accept allows to accept or reject the source destination MAC address arp setCacheLife allows users to configure the duration in which ARP caches can be stored on the system If ip arp setCacheLife is set with 60 it means you have an ARP cache at 0 second Sixty seconds later without any ARP messages received the system will think such ARP cac...

Page 230: ...ber c option number x option value ip dhcpc option u idx unmber ip dhcpc release wan number ip dhcpc renew wan number ip dhcpc status S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description option It is an optional setting for DHCP server h display usage l list all custom set DHCP options d delete custom dhcp client option by index number e enable disable option feature 1 enable...

Page 231: ...cription IP address It means the WAN IP address WAN1 WAN2 PVC3 PVC4 PVC 5 It means the WAN port PVC that the above IP address passes through E Ex xa am mp pl le e ip ping 172 16 3 229 WAN1 Pinging 172 16 3 229 with 64 bytes of Data Receive reply from 172 16 3 229 time 0ms Receive reply from 172 16 3 229 time 0ms Receive reply from 172 16 3 229 time 0ms Packets Sent 5 Received 5 Lost 0 0 loss T Te ...

Page 232: ...P address Port S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description IP address Type the WAN or LAN IP address of the remote device Port Type a port number e g 23 Available settings 0 65535 E Ex xa am mp pl le e ip telnet 172 17 3 252 23 T Te el ln ne et t C Co om mm ma an nd d i ip p r ri ip p This command allows users to set the RIP routing information protocol of IP S Sy yn...

Page 233: ...etting for specified WAN interface 1 Enable the function of setting RIP of WAN IP 0 Disable the function E Ex xa am mp pl le e ip wanrip Valid ex ip wanrip ifno e 0 1 ifno 1 WAN1 2 WAN2 3 PVC3 4 PVC4 5 PVC5 e 0 1 0 disable 1 enable Now status WAN 1 Rip Protocol disable WAN 2 Rip Protocol disable WAN 3 Rip Protocol disable WAN 4 Rip Protocol disable WAN 5 Rip Protocol disable ip wanrip 5 e 1 ip wan...

Page 234: ...P address of the destination netmask It means the netmask of the specified IP address gateway It means the gateway of the connected router ifno It means the connection interface 3 WAN1 5 WAN3 6 WAN4 7 WAN5 However WAN3 WAN4 WAN5 are router borne WANs rtype It means the type of the route default default route static static route cnc It means current IP range for CNC Network default Set WAN1 WAN2 of...

Page 235: ...home proxy server for using On off show help It means to turn on off display or get more information of the T_home service query It means to set IGMP general query interval The default value is 125000 ms ppp 0 No need to set IGMP with PPP header 1 Set IGMP with PPP header status It means to display current status for proxy server E Ex xa am mp pl le e ip igmp t_home on T Home Setting T Home Servic...

Page 236: ...e for exceeding session limit and set how many seconds the IP session block works S Sy yn nt ta ax x ip session on ip session off ip session default num ip session defaultp2p num ip session status ip session show ip session timer num ip session block unblock IP ip session add del IP1 IP2 num p2pnum S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description on It means to turn on se...

Page 237: ...session number is 100 T Te el ln ne et t C Co om mm ma an nd d i ip p b ba an nd dw wi id dt th h This command allows users to set maximum bandwidth limit number for the specified IP S Sy yn nt ta ax x ip bandwidth on ip bandwidth off ip bandwidth default tx_rate rx_rate ip bandwidth status ip bandwidth show ip bandwidth add del IP1 IP2 tx rx shared S Sy yn nt ta ax x D De es sc cr ri ip pt ti io ...

Page 238: ...bindmac strict_on ip bindmac show ip bindmac add IP MAC Comment ip bindmac del IP all S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description on It means to turn on IP bandmac policy Even the IP is not in the policy table it can still access into network off It means to turn off all the bindmac policy strict_on It means that only those IP address in IP bindmac policy table can a...

Page 239: ...2 Series User s Guide 229 E Ex xa am mp pl le e ip bindmac add 192 168 1 46 00 50 7f 22 33 55 just for test ip bindmac show ip bind mac function is turned ON IP 192 168 1 46 bind MAC 00 50 7f 22 33 55 Comment just ...

Page 240: ...e IPv6 address for your router S Sy yn nt ta ax x ip6 addr s prefix prefix length LAN WAN1 WAN2 iface ip6 addr d prefix prefix length LAN WAN1 WAN2 iface ip6 addr a LAN WAN1 WAN2 iface S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description s It means to add a static ipv6 address d It means to delete an ipv6 address a It means to show current address es status u It means to show...

Page 241: ... ask the DNS setting D It means to ask the DNS name n It means to ask NTP i It means to ask NIS I It means to ask NIS name p It means to ask NISP P It means to ask NISP name b It means to ask BCMCS B It means to ask BCMCS name r It means to ask refresh time Parameter 1 the parameter related to the request will be displayed 0 the parameter related to the request will not be displayed E Ex xa am mp ...

Page 242: ...rface WAN2 has following DHCPv6 client settings DHCPv6 client enabled request IA_NA whose IAID equals to 2008 system reboot T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 d dh hc cp p s se er rv ve er r This command allows you to configure DHCPv6 server S Sy yn nt ta ax x ip6 dhcp server command parameter S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description server It mean...

Page 243: ...cr ri ip pt ti io on n Parameter Description W n W means to set WAN interface and n means different selections Default is WAN1 n 1 WAN1 n 2 WAN2 n 3 WAN3 n X WANx M n M means to set Internet Access Mode Mandatory and n means different modes represented by 0 5 n 0 Offline n 1 PPP n 2 TSPC n 3 AICCU n 4 DHCPv6 n 5 Static n 6 6in4 Static n 7 6rd command parameter The available commands with parameter...

Page 244: ... ln ne et t C Co om mm ma an nd d i ip p6 6 n ne ei ig gh h This command allows you to display IPv6 neighbour table S Sy yn nt ta ax x ip6 neigh s inet6_addr eth_addr LAN WAN1 WAN2 ip6 neigh d inet6_addr LAN WAN1 WAN2 ip6 neigh a inet6_addr N LAN WAN1 WAN2 S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description s It means to add a neighbour d It means to delete a neighbour a It ...

Page 245: ...VigorNIC 132 Series User s Guide 235 WAN2 00 00 00 00 00 00 CONNECTED LAN NONE ...

Page 246: ...added T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 r ro ou ut te e This command allows you to S Sy yn nt ta ax x ip6 route s prefix prefix length gateway LAN WAN1 WAN2 iface D ip6 route d prefix prefix length ip6 route a LAN WAN1 WAN2 iface S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description s It means to add a route d It means to delete a route a It means to show the ...

Page 247: ...n nt ta ax x ip6 ping IPV6 address Host LAN WAN1 WAN2 S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description IPV6 address Host It means to specify the IPv6 address or host for ping LAN WAN1 WAN2 It means to specify LAN or WAN interface for such address E Ex xa am mp pl le e ip6 ping 2001 4860 4860 8888 WAN2 Pinging 2001 4860 4860 8888 with 64 bytes of Data Receive reply from 20...

Page 248: ...0 ms 5 2001 7F8 1 A501 5169 1 330 ms 6 2001 4860 1 0 4B3 350 ms 7 2001 4860 8 0 2DAF 330 ms 8 2001 4860 2 0 66E 340 ms 9 Request timed out 10 2001 4860 4860 8888 350 ms Trace complete T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 t ts sp pc c This command allows you to display TSPC status S Sy yn nt ta ax x ip6 tspc ifno S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Descripti...

Page 249: ...er is not a default router and should not appear on the default router list Type the number unit second you want V It means to show the RADVD configuration r It means RA default test r num It means RA test for item num E Ex xa am mp pl le e ip6 radvd s 1 1800 ip6 radvd V IPv6 Radvd Config Radvd Enable Default Lifetime 1800 seconds T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 m mn ng gt t Thi...

Page 250: ...le e ip6 mngt list add 1 FE80 250 7FFF FE12 1010 128 ip6 mngt list add 2 FE80 250 7FFF FE12 1020 128 ip6 mngt list add 3 FE80 250 7FFF FE12 2080 128 ip6 mngt list IPv6 Access List Index IPv6 Prefix Prefix Length 1 FE80 250 7FFF FE12 1010 128 2 FE80 250 7FFF FE12 1020 128 3 FE80 250 7FFF FE12 2080 128 ip6 mngt status IPv6 Remote Management telnet off http off ping off T Te el ln ne et t C Co om mm ...

Page 251: ...cr ri ip pt ti io on n Parameter Description ifno It means the connection interface 1 WAN1 2 WAN2 add It means to add an IPv6 address which can be used to execute management through Internet prefix It means to type the IPv6 address which will be used for accessing Internet prefix length It means to type a fixed value as the length of the prefix remove It means to remove delete the specified index ...

Page 252: ... view VcdhrtzZ S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description V It means to show the version of this IP filter c It means to show the running call filter rules d It means to show the running data filter rules h It means to show the hit number of the filter rules r It means to show the running call and data filter rules t It means to display all the information at one ti...

Page 253: ...ons for packet not matching any rule e g p 1 Type 0 to let all the packets pass Type 1 to block all the packets R v4 v6 Enable Disable Accept routing packet from WAN i e R v4 0 Set Accept routing packet from WAN by IPv4 is enable i e R v4 1 Set Accept routing packet from WAN by IPv6 is disable i e R v6 0 Set Accept routing packet from WAN by IPv4 is enable i e R v6 1 Set Accept routing packet from...

Page 254: ...ayTek Banner Enable Apply IP filter to VPN incoming packets Enable Accept large incoming fragmented UDP or ICMP packets Enable Strict Security Checking APP Enforcement T Te el ln ne et t C Co om mm ma an nd d i ip pf f r ru ul le e This command is used to set filter rule for firewall S Sy yn nt ta ax x ipf rule s r command parameter ipf rule s r v S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on...

Page 255: ... representing different address type 0 Subnet Address 1 Single Address 2 Any Address 3 Range Address Example Set Subnet Address d u 0 192 168 1 10 255 255 255 0 Set Single Address d u 1 192 168 1 10 Set Any Address d u 2 Set Range Address d u 3 192 168 1 10 192 168 1 15 d o g obj It means to specify destination IP object and IP group o indicates object g indicates group obj indicates index number ...

Page 256: ...r profile will be applied index Available settings range from 0 8 0 means no profile will be applied c It means to set code page Different number represents different code page 0 None 1 ANSI 1250 Central Europe 2 ANSI 1251 Cyrillic 3 ANSI 1252 Latin I 4 ANSI 1253 Greek 5 ANSI 1254 Turkish 6 ANSI 1255 Hebrew 7 ANSI 1256 Arabic 8 ANSI 1257 Baltic 9 ANSI 1258 Viet Nam 10 OEM 437 United States 11 OEM ...

Page 257: ... Set None Max Sessions Limit 32000 Current Sessions 0 Mac Bind IP Non Strict Qos Class None APP Enforcement None URL Content Filter None Load Balance policy Auto select Log Disable CodePage ANSI 1252 Latin I Window size 65535 Session timeout 1440 DrayTek Banner Enable Strict Security Checking APP Enforcement T Te el ln ne et t C Co om mm ma an nd d i ip pf f f fl lo ow wt tr ra ac ck k This comman...

Page 258: ...lowtrack view f Start to show the flowtrack sessions state ORIGIN 192 168 1 11 59939 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 59939 ifno 3 proto 17 age 93023180 3920 flag 203 ORIGIN 192 168 1 11 15073 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 15073 ifno 3 proto 17 age 93025100 2000 flag 203 ORIGIN 192 168 1 11 7247 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 7247 ifno 3 proto 17 a...

Page 259: ...server IP 0 0 0 0 Relay agent IP 0 0 0 0 25 36 41 580 DHCP WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 Next server IP 0 0 0 0 Relay agent IP 0 0 0 0 25 36 49 580 DHCP WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 Next server IP 0 0 0 0 Relay agent IP 0 0 0 0 25 36 57 580 DHCP WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 MORE q Quit Enter New Lines...

Page 260: ...p ps sp po or rt t This command allows users to set HTTPS port for management S Sy yn nt ta ax x mngt httpsport Https port S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description Https port It means to type the number for HTTPS port The default setting is 443 E Ex xa am mp pl le e mngt httpsport 443 Set web server port to 443 done T Te el ln ne et t C Co om mm ma an nd d m mn ng...

Page 261: ...Te el ln ne et t C Co om mm ma an nd d m mn ng gt t n no op pi in ng g This command is used to pass or block Ping from LAN PC to the internet S Sy yn nt ta ax x mngt noping on mngt noping off mngt noping viewlog mngt noping clearlog S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description on All PING packets will be forwarded from LAN PC to Internet off All PING packets will be b...

Page 262: ...g of defense worm packet including source MAC and source IP clearlog It means to remove the log of defense worm packet E Ex xa am mp pl le e mngt defenseworm add 21 Add TCP port 21 Block TCP port list 135 137 138 139 445 21 mngt defenseworm del 21 Delete TCP port 21 Block TCP port list 135 137 138 139 445 T Te el ln ne et t C Co om mm ma an nd d m mn ng gt t r rm mt tc cf fg g This command can all...

Page 263: ...r accept PING packets from the Internet S Sy yn nt ta ax x mngt echoicmp enable mngt echoicmp disable S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description enable It means to accept the echo ICMP packet disable It means to drop the echo ICMP packet E Ex xa am mp pl le e mngt echoicmp enable Echo ICMP packet enabled T Te el ln ne et t C Co om mm ma an nd d m mn ng gt t a ac cc ...

Page 264: ... pt ti io on n Parameter Description command parameter The available commands with parameters are listed below means that you can type in several commands in one line e 1 2 1 Enable the SNMP function 2 Disable the SNMP function g Community name It means to set the name for getting community by typing a proper character max 23 characters s Community name It means to set community by typing a proper...

Page 265: ... view the information of the specified object profile Example object ip obj 1 v n NAME It means to define a name for the IP object NAME Type a name with less than 15 characters Example object ip obj 9 n bruce i INTERFACE It means to define an interface for the IP object INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 3 means WAN Example object ip obj 8 i 0 s INVERT It means to set invert sel...

Page 266: ...ter Description setdefault It means to return to default settings for all profiles INDEX It means the index number of the specified group profile v It means to view the information of the specified group profile Example object ip grp 1 v n NAME It means to define a name for the IP group NAME Type a name with less than 15 characters Example object ip grp 8 n bruce i INTERFACE It means to define an ...

Page 267: ...orNIC 132 Series User s Guide 257 1 0 2 0 3 0 4 0 5 0 6 0 7 0 object ip grp 2 i 1 object ip grp 2 a 1 2 IP Group Profile 2 Name First Interface Lan Included ip object index 0 1 1 2 2 0 3 0 4 0 5 0 6 0 7 0 ...

Page 268: ...E Type a name with less than 15 characters Example object ip obj 9 n bruce i INTERFACE It means to define an interface for the IP object INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 3 means WAN Example object ip obj 8 i 0 s INVERT It means to set invert seletion for the object profile INVERT 0 means disableing the function INVERT 1 means enabling the function Example object ip obj 3 s 1 a...

Page 269: ...for all profiles INDEX It means the index number of the specified group profile v It means to view the information of the specified group profile Example object ip grp 1 v n NAME It means to define a name for the IP group NAME Type a name with less than 15 characters Example object ip grp 8 n bruce i INTERFACE It means to define an interface for the IP group INTERFACE 0 means any INTERFACE 1 means...

Page 270: ...p pt ti io on n Parameter Description setdefault It means to return to default settings for all profiles INDEX It means the index number of the specified service object profile v It means to view the information of the specified service object profile Example object service obj 1 v n NAME It means to define a name for the IP object NAME Type a name with less than 15 characters Example object servi...

Page 271: ...END_P type a port number to indicate destination port Example object service obj 3 d 1 100 200 E Ex xa am mp pl le e object service obj 1 n limit object service obj 1 p 255 object service obj 1 s 1 120 240 object service obj 1 d 1 200 220 object service obj 1 v Service Object Profile 1 Name limit Protocol 255 Source port check action Source port range 120 240 Destination port check action Destinat...

Page 272: ...ce object index 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 object service grp 1 a 1 2 Service Group Profile 1 Name Grope_1 Included service object index 0 1 1 2 2 0 3 0 4 0 5 0 6 0 7 0 T Te el ln ne et t C Co om mm ma an nd d o ob bj je ec ct t k kw w This command is used to create keyword profile S Sy yn nt ta ax x object kw obj setdefault object kw obj show PAGE object kw obj INDEX v object kw obj INDEX n ...

Page 273: ...l ln ne et t C Co om mm ma an nd d o ob bj je ec ct t f fe e This command is used to create File Extension Object profile S Sy yn nt ta ax x object fe show object fe setdefault object fe obj INDEX v object fe obj INDEX n NAME object fe obj INDEX e CATEGORY FILE_EXTENSION object fe obj INDEX d CATEGORY FILE_EXTENSION S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description show It...

Page 274: ... olb ole tlb viv vrm ace arj bzip2 bz2 cab gz gzip rar sit zip bas bat com exe inf pif reg scr Example object fe obj 1 e bmp E Ex xa am mp pl le e object fe obj 1 n music object fe obj 1 e Audio object fe obj 1 v Profile Index 1 Profile Name music Image category bmp dib gif jpeg jpg jpg2 jp2 pct pcx pic pict png tif tiff Video category asf avi mov mpe mpeg mpg v mp4 qt rm v wmv 3gp 3gpp 3gpp2 3g2 ...

Page 275: ...VigorNIC 132 Series User s Guide 265 Executation category bas bat com exe inf pif reg scr ...

Page 276: ...0F Set Port 1 Force speed 100 Full duplex OK T Te el ln ne et t C Co om mm ma an nd d p po or rt tm ma ap pt ti im me e This command allows you to set a time of keeping the session connection for specified protocol S Sy yn nt ta ax x portmaptime command parameter S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description command parameter The available commands with parameters are ...

Page 277: ...his command m mode It means to define which traffic the QoS control settings will apply to and eable QoS control 0 disable 1 in apply to incoming traffic only 2 out apply to outgoing traffic only 3 both apply to both incoming and outgoing traffic Default is enable for outgoing traffic i bandwidth It means to set inbound bandwidth in kbps Ethernet WAN only The available setting is from 1 to 100000 ...

Page 278: ...0 t 1 WAN1 QOS mode is both Wan 1 is XDSL model don t need to set up Wan 1 is XDSL model don t need to set up WAN1 class 3 ratio set to 20 WAN1 udp bandwidth control set to enable WAN1 udp bandwidth limit ratio set to 50 WAN1 Outbound TCP ACK Prioritizel set to enable QoS WAN1 set complete restart QoS ...

Page 279: ...or example l 172 16 3 9 addr1 addr2 It means Range address Please specify the IP addresses for example l 172 16 3 9 172 16 3 50 addr1 subnet It means the subnet address with start IP address Please type the subnet and the IP address for example l 172 16 3 9 255 255 0 0 0 any It means Any address Simple type l to specify any address for this command r addr Set the remote address addr1 It means Sing...

Page 280: ...m ma an nd d q qo os s t ty yp pe e This command allows user to configure protocol type and port number for QoS S Sy yn nt ta ax x qos type a service name e no d no S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description a name It means to add rule e no It means to edit user defined service type no means the index number Available numbers are 1 40 d no It means to delete user de...

Page 281: ...C Co om mm ma an nd d s sh ho ow w l la an n1 1 l la an n2 2 d dh hc cp p This command displays current status of LAN IP address settings E Ex xa am mp pl le e show lan1 1st subnet settings IP address 192 168 1 1 Subnet mask 255 255 255 0 RIP Disable show lan2 2nd subnet settings Status Inactive IP address 192 168 2 5 Subnet mask 255 255 255 0 RIP Disable show dhcp DHCP settings Status Active Star...

Page 282: ...DNS setting E Ex xa am mp pl le e show dns Domain name server settings LAN1 Primary DNS Not set LAN1 Secondary DNS Not set T Te el ln ne et t C Co om mm ma an nd d s sh ho ow w o op pe en np po or rt t This command displays current status of open port setting E Ex xa am mp pl le e show openport Openport settings Index Status Comment Local IP Address No data entry T Te el ln ne et t C Co om mm ma a...

Page 283: ...Protocol Flag T Te el ln ne et t C Co om mm ma an nd d s sh ho ow w p pm mt ti im me e This command displays the reuse time of NAT session Level0 It is the default setting Level1 It will be applied when the NAT sessions are smaller than 25 of the default setting Level2 It will be applied when the NAT sessions are smaller than the eighth of the default setting E Ex xa am mp pl le e show pmtime Leve...

Page 284: ...5 01 02 Mode State TRAINING TX Block 0 RX Block 0 Corrected Blocks 0 Uncorrected Blocks 0 UP Speed 0 Down Speed 0 SNR Margin 0 Loop Att 0 T Te el ln ne et t C Co om mm ma an nd d s sh ho ow w a ad ds sl l This command displays current status of ADSL E Ex xa am mp pl le e show adsl ATU R Info hw annex B f w annex X Running Mode State TRAINING DS Actual Rate 0 bps US Actual Rate 0 bps DS Attainable ...

Page 285: ... interface S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description reset It means to reset the transmitted received bytes to Zero interface It means to specify WAN1 WAN5 including multi PVC interface for displaying related statistics E Ex xa am mp pl le e show statistic WAN1 total TX 0 Bytes RX 0 Bytes WAN2 total TX 0 Bytes RX 0 Bytes WAN3 total TX 0 Bytes RX 0 Bytes WAN4 total ...

Page 286: ...IP addresses in the pool The maximum is 10 status It means the execution result of this command add It means creating a list of hosts to be assigned del It means removing the selected MAC address MAC Addr It means to specify MAC Address of the host all ALL It means all of the MAC addresses E Ex xa am mp pl le e Vigor ip route add 192 168 1 56 255 255 255 0 192 168 1 12 3 default Vigor srv dhcp pub...

Page 287: ...ddress for DNS Server in LAN S Sy yn nt ta ax x srv dhcp dns2 srv dhcp dns2 DNS IP address S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description It means to display current IP address of DNS 2 for the DHCP server DNS IP address It means the IP address that you want to use as DNS2 Note The IP Routed Subnet DNS must be the same as NAT Subnet DNS E Ex xa am mp pl le e srv dhcp dn...

Page 288: ...rv dhcp frcdnsmanl on Domain name server now is using manual settings srv dhcp frcdnsmanl off Domain name server now is using auto settings T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p g ga at te ew wa ay y This command allows users to specify gateway address for DHCP server S Sy yn nt ta ax x srv dhcp gateway srv dhcp gateway Gateway IP S Sy yn nt ta ax x D De es sc cr ri ip pt...

Page 289: ...l ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p o on n This function allows users to turn on DHCP server It needs rebooting router please type sys reboot command to reboot router T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p r re el la ay y This command allows users to set DHCP relay setting S Sy yn nt ta ax x srv dhcp relay servip server ip srv dhcp relay subnet index ...

Page 290: ...mp pl le e srv dhcp startip 192 168 1 53 This setting will take effect after rebooting Please use sys reboot command to reboot the router T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p s st ta at tu us s This command can display general information for the DHCP server such as IP address MAC address leased time host ID and so on E Ex xa am mp pl le e srv dhcp status DHCP server Rel...

Page 291: ...means the lease time that DHCP server can use The unit is second E Ex xa am mp pl le e srv dhcp leasetime srv dhcp leasetime Lease Time sec Now 86400 T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p n no od de et ty yp pe e This command can set the node type for the DHCP server S Sy yn nt ta ax x srv dhcp nodetype count S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter ...

Page 292: ...v dhcp primWINS 192 168 1 88 srv dhcp primWINS srv dhcp primWINS WINS IP address srv dhcp primWINS clear Now 192 168 1 88 T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p s se ec cW WI IN NS S This command can set the secondary IP address for the DHCP server S Sy yn nt ta ax x srv dhcp secWINS WINS IP address srv dhcp secWINS clear S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on ...

Page 293: ...p p t tf ft tp p This command can set the TFTP server as the DHCP server S Sy yn nt ta ax x srv dhcp tftp TFTP server name S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description TFTP server name It means to type the name of TFTP server E Ex xa am mp pl le e srv dhcp tftp TF123 srv dhcp tftp srv dhcp tftp TFTP server name Now TF123 T Te el ln ne et t C Co om mm ma an nd d s sr r...

Page 294: ...c It means to set option number Available number ranges from 0 to 255 v It means to set option number by typing string a It means to set the option value by specifying the IP address x It means to set option number with the format of Hexadecimal characters u It means to update the option value of the sepecified index idx number It means the index number of the option value E Ex xa am mp pl le e sr...

Page 295: ...everal commands in one line e It means to enable disable such feature 1 enable 0 disable i It means to specify the private IP address of the DMZ host r It means to remove DMZ host setting v It means to display current status E Ex xa am mp pl le e srv nat dmz 1 1 i 192 168 1 96 srv nat dmz v WAN1 DMZ mapping status Index Status WAN1 aux IP Private IP 1 Disable 0 0 0 0 192 168 1 96 T Te el ln ne et ...

Page 296: ... or disable the open port rule profile 0 disable 1 enable c comment It means to type the description less than 23 characters for the defined network service i local ip It means to set the IP address for local computer Local ip Type an IP address in this field w idx It means to specify the public IP 1 WAN1 Default 2 WAN1 Alias 1 and so on p protocol Specify the transport layer protocol Available va...

Page 297: ... D De es sc cr ri ip pt ti io on n Parameter Description Add idx It means to add a new port redirection table with an index number Available index number is from 1 to 10 serv name It means to type one name as service name proto It means to specify TCP or UDP as the protocol pub port It means to specify which port can be redirected to the specified Private IP and Port of the internal host pri ip It...

Page 298: ... 0 2 5 0 0 0 2 6 0 0 0 2 7 0 0 0 2 8 0 0 0 2 9 0 0 0 2 10 0 0 0 2 11 0 0 0 2 12 0 0 0 2 13 0 0 0 2 14 0 0 0 2 15 0 0 0 2 16 0 0 0 2 17 0 0 0 2 18 0 0 0 2 19 0 0 0 2 20 0 0 0 2 Protocol 0 Disable 6 TCP 17 UDP T Te el ln ne et t C Co om mm ma an nd d s sr rv v n na at t s st ta at tu us s This command allows users to view NAT Port Redirection Running Table E Ex xa am mp pl le e srv nat status NAT Po...

Page 299: ... port and DMZ settings E Ex xa am mp pl le e srv nat showall Index Proto WAN IP Port Private IP Port Act R01 TCP 0 0 0 0 80 192 168 1 11 100 Y O01 TCP 0 0 0 0 23 83 192 168 1 100 23 83 Y D01 All 0 0 0 0 192 168 1 96 Y R Port Redirection O Open Ports D DMZ T Te el ln ne et t C Co om mm ma an nd d s sw wi it tc ch h i i This command is used to obtain the TX transmitted or RX received data for each c...

Page 300: ... External Device NO 1 traffic statistic function is enable T Te el ln ne et t C Co om mm ma an nd d s sw wi it tc ch h s st ta at tu us s This command is used to check if auto discovery for external devices is enabled or disabled E Ex xa am mp pl le e switch status External Device auto discovery status Disable No Respond to External Device Enable T Te el ln ne et t C Co om mm ma an nd d s sy ys s ...

Page 301: ...tus Profile version 3 0 0 Status 1 0x491e5e6c sys cfg default T Te el ln ne et t C Co om mm ma an nd d s sy ys s c cm md dl lo og g This command displays the history of the commands that you have typed E Ex xa am mp pl le e sys cmdlog Commands Log The lowest index is the newest 1 sys cmdlog 2 sys cmdlog 3 sys 4 sys cfg status 5 sys cfg T Te el ln ne et t C Co om mm ma an nd d s sy ys s f ft tp pd ...

Page 302: ... le e sys domainname wan1 clever sys domainname wan2 intellegent sys domainname sys domainname wan1 wan2 Domain Name Suffix max 40 characters sys domainname wan1 wan2 clear Now wan1 clever wan2 intelligent T Te el ln ne et t C Co om mm ma an nd d s sy ys s i if fa ac ce e This command displays the current interface connection status UP or Down with IP address MAC address and Netmask for the router...

Page 303: ...0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 05 Interface 8 Ethernet Status DOWN IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 06 Interface 9 Ethernet Status DOWN IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 07 MORE q Quit Enter New Lines Space Bar Next Page ...

Page 304: ...uter sys name sys name wan1 wan2 ASCII string max 20 characters sys name wan1 wan2 clear Now wan1 drayrouter wan2 Note Such name can be used to recognize router s identification in SysLog dialog T Te el ln ne et t C Co om mm ma an nd d s sy ys s p pa as ss sw wd d This command allows users to set password for the administrator sys passwd ASCII string S Sy yn nt ta ax x D De es sc cr ri ip pt ti io...

Page 305: ...ot on autoreboot is ON sys autoreboot 2 autoreboot is ON autoreboot time is 2 hour s T Te el ln ne et t C Co om mm ma an nd d s sy ys s c co om mm mi it t This command allows users to save current settings to FLASH Usually current settings will be saved in SRAM Yet this command will save the file to FLASH E Ex xa am mp pl le e sys commit T Te el ln ne et t C Co om mm ma an nd d s sy ys s t tf ft t...

Page 306: ...kage List Buf sk_buff 200B used 1647 cached 30 Buf KMC4088 4088B used 0 cached 8 Buf KMC2552 2552B used 1641 cached 42 Buf KMC1016 1016B used 7 cached 1 Buf KMC504 504B used 8 cached 8 Buf KMC248 248B used 26 cached 22 Buf KMC120 120B used 67 cached 61 Buf KMC56 56B used 20 cached 44 Buf KMC24 24B used 58 cached 70 Dynamic memory 13107200B 4573168B used 190480B 0B in level 1 2 cache FLOWTRACK Memo...

Page 307: ... play quality off It means to turn off the bridge task E Ex xa am mp pl le e sys britask on bridge task is ON now T Te el ln ne et t C Co om mm ma an nd d s sy ys s t tr r0 06 69 9 This command can set CPE settings for applying in VigorACS S Sy yn nt ta ax x sys tr069 get parm option sys tr069 set parm value sys tr069 getnoti parm sys tr069 setnoti parm value sys tr069 log sys tr069 debug on off s...

Page 308: ... on certificate based authentication off turn off certificate based authentication E Ex xa am mp pl le e sys tr069 get Int nextlevel Total number of parameter is 24 Total content length of parameter is 915 InternetGatewayDevice LANDeviceNumberOfEntries InternetGatewayDevice WANDeviceNumberOfEntries InternetGatewayDevice DeviceInfo InternetGatewayDevice ManagementServer InternetGatewayDevice Time I...

Page 309: ...w level x feature on off y log S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description status It means to show the status of diagnostic log enable It means to enable the function of diag_log disable It means to disenable the function of diag_log flush It means the flush log buffer lineno w It means the total lines for displaying message w Available value ranges from 100 to 50000...

Page 310: ...0000000 000000FF 0 00 02 DSL Entering VDSL2 mode 0 00 03 DSL modem code 05 04 08 00 00 06 0 00 05 DSL Status was switched FirmwareRequest 1 to firmwareReady 3 0 00 05 DSL Status was switched firmwareReady 3 to Init 5 0 00 05 DSL nXtseA 0d nXtseB 00 nXtseV 07 nFwFeatures 5 0 00 05 DSL nHsToneGroupMode 0 nHsToneGroup 106 nToneSet 43 nCamState 2 0 00 05 DSL Line state has changed 000000FF 00000100 0 ...

Page 311: ...hour 0 23 For example sys daylightsave y 9 1 0 14 z month th weekday day in week hour Set the ending poring for yearly type month 1 12 th weekday 1 5 9 last week day in week 0 Sun 1 Mon 2 Tue 3 Wed 4 Thu 5 Fri 6 Sat hour 0 23 For example sys daylightsave z 3 1 6 14 E Ex xa am mp pl le e sys daylightsave y 9 1 0 14 Start Yearly on Sep 1th Sun 14 00 sys daylightsave z 3 1 6 14 End Yearly on Mar 1th ...

Page 312: ... syslog for functions features e g Firewall Mail Save to Syslog Server and so on S Sy yn nt ta ax x sys syslog a enable command parameter S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description command parameter The available commands with parameters are listed below means that you can type in several commands in one line a enable Enable disable the SysLog Access Setup 0 disable...

Page 313: ...B Disk 0 Server IP Address 192 168 1 25 Destination Port 514 Mail Syslog 0 Firewall Log 1 VPN Log 1 User Access Log 1 Call Log 1 WAN Log 1 Router DSL information 1 AlertLog Setup 0 AlertLog Port 514 T Te el ln ne et t C Co om mm ma an nd d s sy ys s t ti im me e This command is used to specify time zone for Vigor device system S Sy yn nt ta ax x sys time server domain sys time inquire sys time sho...

Page 314: ...lava 27 GMT 01 00 Budapest Ljubljana Prague 28 GMT 01 00 Sarajevo Skopje Sofija 29 GMT 01 00 Warsaw Zagreb 30 GMT 01 00 Brussels Copenhagen 31 GMT 01 00 Madrid Paris Vilnius 32 GMT 01 00 Amsterdam Berlin Bern 33 GMT 01 00 Rome Stockholm Vienna 34 GMT 02 00 Bucharest 35 GMT 02 00 Cairo 36 GMT 02 00 Helsinki Riga Tallinn 37 GMT 02 00 Athens Istanbul Minsk 38 GMT 02 00 Jerusalem 39 GMT 02 00 Harare P...

Page 315: ... 00 Auckland Wellington E Ex xa am mp pl le e sys time zone 73 Set Time Zone OK sys time show System Time Current System Time 2000 Jan 04 Tue 00 16 24 Time Server pool ntp org Time Zone Index 73 GMT 12 00 T Te el ln ne et t C Co om mm ma an nd d t te es st tm ma ai il l This command is used to display current settings for sending test mail E Ex xa am mp pl le e testmail Send out test mail Mail Ale...

Page 316: ... 0 ExternalPort 0 PortMapProtocol NULL The tmpvirtual server index 0 PortMapLeaseDuration 0 PortMapEnabled 0 PortMapProtocol NULL The tmpvirtual server index 0 PortMapLeaseDuration 0 PortMapEnabled 0 0 MORE q Quit Enter New Lines Space Bar Next Page T Te el ln ne et t C Co om mm ma an nd d u up pn np p s se er rv vi ic ce e This command can display the information of the UPnP service UPnP service ...

Page 317: ...a am mp pl le e upnp on UPNP start upnp subscribe Vigor upnp subscribe 1 serviceType urn schemas microsoft com service OSInfo 1 Subscribtion1 sid 7a2bbdd0 0047 4fc8 b870 4597b34da7fb eventKey 1 ToSendEventKey 1 expireTime 6926 active 1 DeliveryURLs http 192 168 1 113 2869 upnp eventing twtnpnsiun 2 serviceType urn schemas upnp org service WANCommonInterfaceConfig 1 Subscribtion1 sid d9cd47a5 d9c9 ...

Page 318: ...N interface to apply UPnP S Sy yn nt ta ax x upnp wan n S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description n It means to specify WAN interface to apply UPnP n 0 it means to auto select WAN interface n 1 WAN1 n 2 WAN2 E Ex xa am mp pl le e upnp wan 1 use wan1 now T Te el ln ne et t C Co om mm ma an nd d v vi ig gb br rg g o on n This command can make the router to be regarde...

Page 319: ...unction T Te el ln ne et t C Co om mm ma an nd d v vi ig gb br rg g s st ta at tu us s This command can show whether the Vigor Bridge Function is enabled or disabled E Ex xa am mp pl le e vigbrg status Vigor Bridge Function is enable Wan1 management is disable ...

Page 320: ...g w wa an n1 1o on n This command is used to enable the bridge WAN1 management E Ex xa am mp pl le e vigbrg wan1on Enable Vigor Bridge Wan1 management T Te el ln ne et t C Co om mm ma an nd d v vi ig gb br rg g w wa an n1 1o of ff f This command is used to disable the bridge WAN1 management E Ex xa am mp pl le e vigbrg wan1off Disable Vigor Bridge Wan1 management T Te el ln ne et t C Co om mm ma a...

Page 321: ...lable range is from 1000 to 1500 For Static IP DHCP the maximum number will be 1500 For PPPoE the maximum number will be 1492 For PPTP L2TP the maximum number will be 1460 E Ex xa am mp pl le e wan mtu 1100 wan mtu Static IP DHCP Max MSS 1500 PPPoE Max MSS 1492 PPTP L2TP Max MSS 1460 wan ppp_mss MSS size 1000 1500 Now 1100 T Te el ln ne et t C Co om mm ma an nd d w wa an n D DF F_ _c ch he ec ck k...

Page 322: ... fo or rw wa ar rd d This command allows you to enable or disable the function of WAN forwarding The packets are allowed to be transmitted between different WANs S Sy yn nt ta ax x wan forward on wan forward off S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description on off It means to enable or disable WAN forward E Ex xa am mp pl le e wan forward WAN forwarding is Disable wan ...

Page 323: ... This command allows you to configure display current VDSL status and configure the fallback mode for WAN connection S Sy yn nt ta ax x wan vdsl show basic wan vdsl fbk_mode S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description show basic It means to display current VDSL status fbk_mode It means to display current status of Fallback Mode used Available modes to be set as fallb...

Page 324: ...ion default always_on Disable link detect always connected only support static IP target Set the ping target ip addr It means the IP address used for detection Type an IP address in this field ttl It means to set the ping TTL value work as trace route If you do not set any value for ttl here or just type 0 here the system will use default setting 255 as the ttl value status It means to show the cu...

Page 325: ...us save enable disable on off clear tag tag_no service type vlan priority px wan mvlan keeptag pvc_no on off S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description pvc_no It means index number of PVC There are 10 PVC 0 Channel 1 to 9 Channel 9 allowed to be configured However bridge mode can be set on PVC number 2 to 9 status It means to display the whole Bridge status save It ...

Page 326: ...nnection to a specified WAN interface S Sy yn nt ta ax x wan multifno channel WAN interface wan multifno status S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description channel There are 4 channels including VLAN and PVC Available settings are 1 Channel 1 3 Channel 3 4 Channel 4 5 Channel 5 WAN interface Type a number to indicate the WAN interface 1 WAN1 2 WAN2 status It means to...

Page 327: ...o on n Parameter Description wan Specify which WAN interface will be tagged tag value Type a number for tagging on WAN interface enable disable Enable Specified WAN interface will be tagged Disable Disable the function of tagging on WAN interface stat Display current VLAN status E Ex xa am mp pl le e wan vlan stat Interface Pri Tag Enabled WAN1 ADSL 0 0 WAN1 VDSL 0 0 ...

Reviews:

No comments

Related manuals for VigorNIC 132 series

Rosewill Card Reader RCR103 User Manual preview
Card Reader RCR103
Brand: Rosewill Pages: 3
SENAO 3054 PCI Aries User Manual preview
3054 PCI Aries
Brand: SENAO Pages: 26
Digium TE200 Series User Manual preview
TE200 Series
Brand: Digium Pages: 73
Hama 55749 Operating Instructions Manual preview
55749
Brand: Hama Pages: 32
Datapath VisionRGB-E1S Manual preview
VisionRGB-E1S
Brand: Datapath Pages: 2
Datapath Image4 User Manual preview
Image4
Brand: Datapath Pages: 23
Invengo XC-RF861 User Manual preview
XC-RF861
Brand: Invengo Pages: 48
Assa Abloy HES R100 Aperio Installation And Operating Instructions Manual preview
HES R100 Aperio
Brand: Assa Abloy Pages: 10
ADLINK Technology cPCI-6210 Series User Manual preview
cPCI-6210 Series
Brand: ADLINK Technology Pages: 140
PAX A80 Quick Setup Manual preview
A80
Brand: PAX Pages: 18
Rosslare AY-R12 Installation Manual preview
AY-R12
Brand: Rosslare Pages: 15
Verifi P5100 Quick Installation Manual preview
P5100
Brand: Verifi Pages: 8
GIGA-TMS MSR120 Series User Manual preview
MSR120 Series
Brand: GIGA-TMS Pages: 35
Qcom Q802PWG User Manual preview
Q802PWG
Brand: Qcom Pages: 33
Gainward GTX 660 Brochure preview
GTX 660
Brand: Gainward Pages: 1
Gainward GTX 660 TI PHANTOM Brochure preview
GTX 660 TI PHANTOM
Brand: Gainward Pages: 2
Gainward GTX 580 1536MB GDDR5 GOLDEN SAMPLE Brochure preview
GTX 580 1536MB GDDR5 GOLDEN SAMPLE
Brand: Gainward Pages: 2
Gainward GTX 570 1280MB GOLDEN SAMPLE GOES LIKE HELL Brochure preview
GTX 570 1280MB GOLDEN SAMPLE GOES LIKE HELL
Brand: Gainward Pages: 2

Brands by name

Popular brands

Load more brands