manualshive.com logo in svg

Draytek Vigor 2820 Series, User Manual

The Draytek Vigor 2820 Series offers reliable and secure networking solutions for businesses. Easily set up and configure your device by downloading the free User Manual from manualshive.com. This comprehensive manual provides step-by-step instructions on maximizing the features of your Draytek router. Take control of your network today.

Share
Download
background image

 

 

 

 

 

 

 

 

Vigor2820 Series 

ADSL2/2+ Security Firewall

 

User’s Guide 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 2.01 

Date: 2008/02/19

 

Summary of Contents for Vigor 2820 Series

Page 1: ...Vigor2820 Series ADSL2 2 Security Firewall User s Guide Version 2 01 Date 2008 02 19...

Page 2: ...tions on conservation of the environment Warranty We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years fr...

Page 3: ...st harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause h...

Page 4: ...c Settings 21 2 1 Changing Password 21 2 2 Quick Start Wizard 23 2 2 1 PPPoE PPPoA 24 2 2 2 1483 Bridged IP 26 2 2 3 1483 Routed IP 27 2 3 Online Status 28 2 4 Saving Configuration 30 3 AdvancedWebCon...

Page 5: ...103 3 7 5 IGMP 104 3 7 6 Wake on LAN 105 3 8 VPN and Remote Access 107 3 8 1 Remote Access Control 107 3 8 2 PPP General Setup 107 3 8 3 IPSec General Setup 109 3 8 4 IPSec Peer Identity 110 3 8 5 Rem...

Page 6: ...reate a Remote Dial in User Connection Between the Teleworker and Headquarter 182 4 3 QoS Setting Example 186 4 4 LAN Created by Using NAT 190 4 5 Calling Scenario for VoIP function 191 4 5 1 Calling...

Page 7: ...Vigor2820 S series models support two ISDN ports Phone S0 port is dedicated for ISDN phone and ISDN Phone S0 port is configurable for ISDN line and phone if required It can support multiple SIP regis...

Page 8: ...e WEB UI of this device ISDN TE Terminal Equipment means an interface for transmitting analog signal through Internet between Switching and router Such interface is also named with ISDN S0 extern in G...

Page 9: ...ady to access Internet through WAN connection WAN2 Blinking It will blink while transmitting data On The DoS DDoS function is active DoS Blinking It will blink while deleting an attack VPN On The VPN...

Page 10: ...see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration LAN 1 4 Connecters for local networked devices DSL Connecter f...

Page 11: ...ccess Internet through WAN connection WAN2 Blinking It will blink while transmitting data On The DoS DDoS function is active DoS Blinking It will blink while deleting an attack VPN On The VPN tunnel i...

Page 12: ...e and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration LAN 1 4 Connecters...

Page 13: ...WAN 2 Right LED Green Off The port is disconnected with 10Mbps On A PSTN phone call comes in and out However when the phone call is disconnected the LED will be off about six seconds later Line Off Th...

Page 14: ...see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration Phone 1 2 Connecter for PSTN phone Line Connector of analog p...

Page 15: ...o this port is off hook Off The phone connected to this port is on hook Phone 1 2 Blinking A phone call comes LED on Connector On ISDN NT ISDN S0 intern mode is active and an ISDN phone adapter is con...

Page 16: ...re the default settings Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then...

Page 17: ...ted to this port is on hook Phone 1 2 Blinking A phone call comes LED on Connector On ISDN NT ISDN S0 intern mode is active and an ISDN phone adapter is connected Left LED Orange Blinking ISDN NT ISDN...

Page 18: ...t Restore the default settings Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the butt...

Page 19: ...ble RJ 45 2 Connect one end of an Ethernet cable RJ 45 to one of the LAN ports of the router and the other end of the cable RJ 45 into the Ethernet port on your computer 3 Connect the telephone sets w...

Page 20: ...t ISDN phone However ISDN Phone S0 is configurable as NT or TE mode When the user configures ISDN Phone S0 as NT mode in VoIP Phone Settings the orange LED will light on to indicate ISDN NT is selecte...

Page 21: ...nnected this router can print documents via the router The example provided here is made based on Windows XP 2000 For Windows 98 SE please visit www draytek com Before using it please follow the steps...

Page 22: ...a New Computer A welcome dialog will appear Please click Next 4 Click Local printer attached to this computer and click Next 5 In this dialog choose Create a new port Type of port and use the drop dow...

Page 23: ...following dialog type 192 168 1 1 router s LAN IP in the field of Printer Name or IP Address and type IP_192 168 1 1 as the port name Then click Next 7 Click Standard and choose Generic Network Card 8...

Page 24: ...rrect driver loaded onto your PC When you finish the selection click Next 10 For the final stage you need to go back to Control Panel Printers and edit the property of the new printer you have added 1...

Page 25: ...s are not supported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support Center FAQ Sort by product select the model of th...

Page 26: ...Vigor2820 Series User s Guide 20 This page is left blank...

Page 27: ...assword for this device you have to access into the web browse with default password first 1 Make sure your computer connects to the router correctly Notice You may either simply set up your computer...

Page 28: ...have 4 Go to System Maintenance page and choose Administrator Password 5 Enter the login password the default is blank on the field of Old Password Type New Password Then click OK to continue 6 Now t...

Page 29: ...please click Next On the next page as shown below please select the WAN interface WAN 1 or WAN2 that you use If DSL interface is used please choose WAN1 if WAN2 interface is used please choose WAN2 C...

Page 30: ...Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single...

Page 31: ...will be shown User Name Assign a specific valid user name provided by the ISP Password Assign a valid password provided by the ISP Confirm Password Retype the password Click Next for viewing summary o...

Page 32: ...I IP P Click 1483 Bridged IP as the protocol Type in all the information that your ISP provides for this protocol Click Next for viewing summary of such connection Click Finish A page of Quick Start W...

Page 33: ...3 Routed IP as the protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Next to see the following page Click Finish A page of Q...

Page 34: ...s shows the system status WAN status ADSL Information and other status related to this router within one page If you select PPPoE PPPoA as the protocol you will find out a link of Dial PPPoE or Drop P...

Page 35: ...ry DNS Displays the IP address of the primary DNS Secondary DNS Displays the IP address of the secondary DNS LAN Status IP Address Displays the IP address of the LAN interface TX Packets Displays the...

Page 36: ...ys the total transmitted packets at the ISDN interface TX Rate Displays the speed of transmitted octets at the ISDN interface RX Pkts Displays the total number of received packets at the ISDN interfac...

Page 37: ...55 255 From 192 168 0 0 to 192 168 255 255 W Wh ha at t a ar re e P Pu ub bl li ic c I IP P A Ad dd dr re es ss s a an nd d P Pr ri iv va at te e I IP P A Ad dd dr re es ss s As the router plays a rol...

Page 38: ...original Ethernet WAN1 still can be used and Load Balance can be done in the router Besides 3G USB Modem in WAN2 also can be used as backup device Therefore when WAN1 is not available the router will...

Page 39: ...DSL port yet the physical connection for WAN2 is done through an Ethernet port P1 or USB port You cannot change it To use 3G network connection through 3G USB Modem choose 3G USB Modem as the physical...

Page 40: ...ge of WAN Internet Access In addition there are three selections for you to choose for different purposes WAN2 Fail It means the connection for WAN1 will be activated when WAN2 is failed WAN2 Upload s...

Page 41: ...o the Internet when WAN 1 is inactive for some reason Display Name It shows the name of the WAN1 WAN2 that entered in general setup Physical Mode It shows the physical port for WAN1 WAN2 Config Inform...

Page 42: ...he protocol then it is not necessary for you to change any settings in this group PPPoE Pass through The router offers PPPoE dial up connection Besides you also can establish the PPPoE connection dire...

Page 43: ...s function WAN IP Alias If you have multiple public IP addresses and would like to utilize them on the WAN interface please use WAN IP Alias You can set up to 8 public IP addresses other than the curr...

Page 44: ...ernet Access Multi PVCs Select M PVCs Channel means no selection will be chosen Encapsulating Type Drop down the list to choose the type provided by ISP VPI Type in the value provided by ISP VCI Type...

Page 45: ...to exit the dialog IP Address Type in the private IP address Subnet Mask Type in the subnet mask Gateway IP Address Type in gateway IP address Default MAC Address Type in MAC address for the router Yo...

Page 46: ...Select PAP only or PAP or CHAP for PPP Idle Timeout Set the timeout for breaking down the Internet after passing through the time without any action This setting is active only when the Active on dema...

Page 47: ...sed and all the settings that you adjusted in this page will be invalid Keep WAN Connection Normally this function is designed for Dynamic IP environments because some ISPs will drop connections if th...

Page 48: ...atic IP mode If necessary type in secondary IP address for necessity in the future P PP PT TP P f fo or r W WA AN N2 2 To use PPTP as the accessing protocol of the Internet select PPTP mode The follow...

Page 49: ...Network Settings Obtain an IP address automatically Click this button to obtain the IP address automatically Specify an IP address Click this radio button to specify some data IP Address Type the IP...

Page 50: ...1 1 5 5 M Mu ul lt ti i P PV VC Cs s This router allows you to create multi PVCs for different data transferring for using Simply go to Internet Access and select Multi PVC Setup page G Ge en ne er ra...

Page 51: ...e for this channel The types will be different according to the protocol setting that you choose WAN link for Channel 3 4 5 are provided for router borne application such as TR069 and VoIP The setting...

Page 52: ...ording to the information that your ISP provides PCR It represents Peak Cell Rate The default setting is 0 SCR It represents Sustainable Cell Rate The value of SCR must be smaller than PCR MBS It repr...

Page 53: ...usage of PVC check this box to invoke this setting And type the number for VLAN ID number Click Clear to remove all the configurations in this page if you do not satisfy it When you finish the configu...

Page 54: ...down menu to change the WAN interface Src IP Start Displays the IP address for the start of the source IP Src IP End Displays the IP address for the end of the source IP Dest IP Start Displays the IP...

Page 55: ...specified WAN interface If this field is blank it means that all the source IPs inside the LAN will be passed through the WAN interface Dest IP Start Type the destination IP start for the specified WA...

Page 56: ...does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assign...

Page 57: ...t ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simpl...

Page 58: ...lt 192 168 1 1 1st Subnet Mask Type in an address code that determines the size of the network Default 255 255 255 0 24 For IP Routing Usage Click Enable to invoke this function The default setting is...

Page 59: ...net with neighboring routers DHCP Server Configuration DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatc...

Page 60: ...IP address 194 109 6 66 to this field Secondary IPAddress You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provid...

Page 61: ...that user A and B locating in different subnet can talk to each other via the router Assuming the Internet access has been configured and the router works properly z use the Main Router to surf the I...

Page 62: ...nd continuously exchange of IP routing information with different subnets 2 Click the LAN Static Route and click on the Index Number 1 Check the Enable box Please add a static route as shown below whi...

Page 63: ...and select VLAN The following page will appear Click Enable to invoke VLAN function To add or remove a VLAN please refer to the following example 1 If VLAN 0 is consisted of hosts linked to P1 and P2...

Page 64: ...disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List ARP Table This table i...

Page 65: ...d to the router s public IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes z Sa...

Page 66: ...address port of the server The port redirection can only apply to incoming traffic To use this function please go to NAT page and choose Port Redirection web page The Port Redirection Table provides...

Page 67: ...nge as the port redirection mode you will see two boxes on this field Simply type the required number on the first box The second one will be assigned automatically later Private IP Specify the privat...

Page 68: ...rts to the specific private IP address port of host in the LAN However other IP protocols for example Protocols 50 ESP and 51 AH do not travel on a fixed port Vigor router provides a facility DMZ Host...

Page 69: ...AN Alias for PPPoE PPPoA or MPoA mode you will find them in Aux WAN IP for your selection Enable Check to enable the DMZ Host function Private IP Enter the private IP address of the DMZ host or click...

Page 70: ...Vigor2820 Series User s Guide 64 When you have selected one private IP from the above dialog the IP address will be shown on the following screen Click OK to save the setting...

Page 71: ...relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name...

Page 72: ...click Choose PC to select one Choose PC Click this button and subsequently a window having a list of private IP addresses of local hosts will automatically pop up Select the appropriate IP address of...

Page 73: ...groups for using conveniently Later we can select that object group that can apply it For example all the IPs in the same department can be defined with an IP object a range of IP address 3 3 4 4 1 1...

Page 74: ...he IP address Select Single Address if this object contains one IP address only Select Range Address if this object contains several IPs within a range Select Subnet Address if this object contains on...

Page 75: ...Index column for settings in detail Name Type a name for this profile Maximum 15 characters are allowed Interface Choose WAN LAN or Any to display all the available IP objects with the specified inter...

Page 76: ...Factory Default Clear all profiles Click the number under Index column for settings in detail Name Type a name for this profile Protocol Specify the protocol s which this profile will apply to Source...

Page 77: ...last values are different it indicates that all the ports except the range defined here are available for this service type the port number greater than this value is available the port number less th...

Page 78: ...shown in this box Selected Service Type Objects Click button to add the selected IP objects in this box 3 3 4 4 5 5 C CS SM M P Pr ro of fi il le e You can define policy profiles for different policy...

Page 79: ...IM VoIP P2P provided here for you to choose to disallow people using Simple check the box es and then click OK Later in the Firewall Filter Setup Edit Filter Set Edit Filter Rule page you can use Con...

Page 80: ...outer to build an unwanted outgoing connection The most basic security concept is to set user name and password while you install your router The administrator login will prevent unauthorized access t...

Page 81: ...rnet connection Data Filter is applied to incoming and outgoing traffic It will check packets according to the filter rules If legal the packet will pass the router The following illustrations are flo...

Page 82: ...ism to mitigate in a real time manner The below shows the attack types that DoS DDoS defense function can detect 1 SYN flood attack 2 UDP flood attack 3 ICMP flood attack 4 TCP Flag scan 5 Trace route...

Page 83: ...ded into 40 easy to understand categories This database is updated as frequent as daily by a global team of Internet researchers The server will look up the URL and return a category to your router Yo...

Page 84: ...rofile selected here For detailed information refer to the section of CSM profile setup Some on line games for example Half Life will use lots of fragmented UDP packets to transfer game data Instincti...

Page 85: ...Filter Rule index button to enter the Filter Rule setup page Check to enable the Filter Rule Check this box to enable the filter rule Comments Enter filter set comments description Maximum length is...

Page 86: ...ed groups or objects please choose Group and Objects as the Address Type From the IP Group drop down list choose the one that you want to apply Or use the IP Object drop down list to choose the object...

Page 87: ...ed packets Too Short Apply the rule only to packets that are too short to contain a complete header Filter Specifies the action to be taken when packets match the rule Block Immediately Packets matchi...

Page 88: ...two IP filters call filter or data filter You may preset 12 call filters and data filters in Filter Setup and even link them in a serial manner Each filter set is composed by 7 filter rules which can...

Page 89: ...o 50 packets per second and 10 seconds respectively Enable UDP flood defense Check the box to activate the UDP flood defense function Once detecting the Threshold of the UDP packets from the Internet...

Page 90: ...d more fragment bit set Block Fraggle Attack Check the box to activate the Block fraggle Attack function Any broadcast UDP packets received from the Internet is blocked Activating the DoS DDoS defense...

Page 91: ...can review it through Syslog daemon Look for the keyword DoS in the message followed by a name to indicate what kind of attacks is detected 3 3 5 5 5 5 U UR RL L C Co on nt te en nt t F Fi il lt te e...

Page 92: ...e Vigor router provides 8 frames for users to define keywords and each frame supports multiple keywords The keyword could be a noun a partial noun or a complete URL string Multiple keywords within a f...

Page 93: ...le file Check the box to reject any downloading behavior of the executable file from the Internet exe com scr pif bas bat inf reg Cookie Check the box to filter out the cookie transmission from inside...

Page 94: ...3 6 6 1 1 S Se es ss si io on ns s L Li im mi it t A PC with private IP address can access to the Internet via NAT router The router will generate the records of NAT sessions for such connection The P...

Page 95: ...e end IP address for limit session Maximum Sessions Defines the available session number for each host in the specific range of IP addresses If you do not set the session number in this field the syst...

Page 96: ...bandwidth Default TX limit Define the default speed of the upstream for each computer in LAN Default RX limit Define the default speed of the downstream for each computer in LAN Limitation List Displ...

Page 97: ...or crucial applications and marking them for high priority service level enforcement throughout the network z Scheduling Based on classification of service level to assign packets to queues and associ...

Page 98: ...etup link to access into next page for the general setup of WAN 1 2 interface As to class rule simply click the Edit link to access into next for configuration You can configure general setup for the...

Page 99: ...his box The default value is 10000kbps Reserved Bandwidth Ratio It is reserved for the group index in the form of ratio of reserved bandwidth to upstream speed and reserved bandwidth to downstream spe...

Page 100: ...Qo oS S The first three Class 1 to Class 3 class rules can be adjusted for your necessity To add edit or delete the class rule please click the Edit link of that one After you click the Edit link you...

Page 101: ...net Address you have to fill in Start IP address and Subnet Mask DiffServ CodePoint All the packets of data will be divided with different levels and will be processed according to the level type by t...

Page 102: ...e S Se er rv vi ic ce e T Ty yp pe e f fo or r C Cl la as ss s R Ru ul le e To add a new service type edit or delete an existed service type please click the Edit link under Service Type field After y...

Page 103: ...ion Click Single or Range as the Type If you select Range you have to type in the starting port number and the end porting number on the boxes below Port Number Type in the starting port number and th...

Page 104: ...ind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service p...

Page 105: ...ount If you did check the box you will see a check mark appeared on the Active column of the previous web page in step 2 WAN Interface Select the WAN interface order to apply settings here Service Pro...

Page 106: ...is also applicable to other functions You have to set your time before set schedule In System Maintenance Time and Date menu press Inquire Time button to set the Vigor router s clock to current time...

Page 107: ...d in Idle Timeout field Disable Dial On Demand Specify the connection to be up when it has traffic on the line Once there is no traffic over idle timeout the connection will be down and never up again...

Page 108: ...d by Internet service providers It is the most common method of authenticating and authorizing dial up and tunneled network users The built in RADIUS client feature enables the router to assist the re...

Page 109: ...essenger to allow full use of the voice video and messaging features Enable UPNP Service Accordingly you can enable either the Connection Control Service or Connection Status Service After setting Ena...

Page 110: ...ve found out the UPnP weaknesses and hence you need to ensure that you have applied the latest service packs and patches Non privileged users can control some router functions including removing and a...

Page 111: ...us If you check Enable IGMP Proxy you will get the following page All the multicast groups will be listed and all the LAN ports P1 to P4 are available for use 3 3 7 7 6 6 W Wa ak ke e o on n L LA AN N...

Page 112: ...t have been configured in Firewall Bind IP to MAC will be shown in this drop down list Choose the IP address from the drop down list that you want to wake up MAC Address Type any one of the MAC addres...

Page 113: ...his feature can be applied for ISDN remote dial in or ISDN LAN to LAN connection in i series models 3 3 8 8 1 1 R Re em mo ot te e A Ac cc ce es ss s C Co on nt tr ro ol l Enable the necessary VPN ser...

Page 114: ...thm In addition the remote dial in user will use 40 bit to perform encryption prior to using 128 bit for encryption In other words if 128 bit MPPE encryption method is not available then 40 bit encryp...

Page 115: ...nel The Transport mode will add the AH ESP payload and use original IP header to encapsulate the data payload only It can just apply to local packet e g L2TP over IPSec The Tunnel mode will not only a...

Page 116: ...use digital certificate for peer authentication in either LAN to LAN connection or Remote User Dial In connection here you may edit a table of peer certificate for selection As shown below the router...

Page 117: ...to accept the peer with matching value The field can be IP Address Domain or E mail Address The box under the Type will appear according to the type you select and ask you to fill in corresponding se...

Page 118: ...rver through the built in RADIUS client function The following figure shows the summary table Set to Factory Default Click to clear all indexes Index Click the number below Index to access into the se...

Page 119: ...nnel Allow the remote dial in user to make an IPSec VPN connection through Internet L2TP Allow the remote dial in user to make a L2TP VPN connection through the Internet You can select to use L2TP alo...

Page 120: ...e Check the Medium DES 3DES or AES box as the security method Medium Authentication Header AH means data will be authenticated but not be encrypted By default this option is invoked You can uncheck it...

Page 121: ...simultaneously The following figure shows the summary table Set to Factory Default Click to clear all indexes Name Indicate the name of the LAN to LAN profile The symbol represents that the profile i...

Page 122: ...y WAN1 First While connecting the router will use WAN1 as the first channel for VPN connection If WAN1 fails the router will use another WAN interface instead WAN1 Only While connecting the router wil...

Page 123: ...r router will by no where to know this situation To resolve this dilemma by continuously sending PING packets to the remote host the Vigor router can know the true existence of this VPN connection and...

Page 124: ...for IPSec Tunnels and L2TP with IPSec Policy Medium Authentication Header AH means data will be authenticated but not be encrypted By default this option is active High ESP Encapsulating Security Pay...

Page 125: ...00 seconds You may specify a value in between 900 and 86400 seconds IKE phase 2 key lifetime For security reason the lifetime of key should be defined The default value is 3600 seconds You may specify...

Page 126: ...rd of remote dial in user below IPSec Tunnel Allow the remote dial in user to trigger an IPSec VPN connection through Internet L2TP Allow the remote dial in user to make a L2TP VPN connection through...

Page 127: ...e Pre Shared Key Check the box of Pre Shared Key to invoke this function and type in the required characters 1 63 as the pre shared key Digital Signature X 509 Check the box of Digital Signature to in...

Page 128: ...Network IP Remote Network Mask Add a static route to direct all traffic destined to this Remote Network IP Address Remote Network Mask through the VPN connection For IPSec this is the destination cli...

Page 129: ...nections You may disconnect any VPN connection by clicking Drop button You may also aggressively Dial out by using Dial out Tool and clicking Dial button Dial Click this button to execute dial out fun...

Page 130: ...Any entity wants to utilize digital certificates should first request a certificate issued by a CA server It should also retrieve certificates of other trusted CA servers so it can authenticate the p...

Page 131: ...Import Click this button to import a saved file as the certification information Refresh Click this button to refresh the information listed below View Click this button to view the detailed settings...

Page 132: ...ck IMPORT to open the following window Use Browse to find out the saved text file Then click Import The one you imported will be listed on the Trusted CA Certificate window Then click Import to use th...

Page 133: ...mobility in VoIP structure Every one who wants to talk using his her SIP Uniform Resource Identifier SIP Address The standard format of SIP URI is sip user password host port Some fields may be option...

Page 134: ...u have to know your friend s IP Address The Vigor VoIP Routers will build connection between each other Please refer to the section 4 5 2 Our Vigor V models firstly apply efficient codecs designed to...

Page 135: ...total 60 index entries in the phonebook for you to store all your friends and family members SIP addresses Loop through and Backup Phone Number will be displayed if you are using Vigor 2930V for setti...

Page 136: ...ss SIP URL Enter your friend s SIP Address Loop through For the model of Vigor 2820Vn the selection should be as the following Backup Phone Number When the VoIP phone is obstructs or the Internet brea...

Page 137: ...be deleted by the prefix number for calling out through the specific VoIP interface Take the above picture Prefix Table Setup web page as an example the OP number of 886 will be deleted completely fo...

Page 138: ...web page as an example if the dial number is between 7 and 9 that number can apply the prefix number settings here Max Len Set the maximum length of the dial number for applying the prefix number set...

Page 139: ...s will be blocked with such mechanism Index 1 15 in Schedule Enter the index of schedule profiles to control the call barring according to the preconfigured schedules Refer to section 3 5 2 Schedule f...

Page 140: ...gured schedules For Block IP Address this function can block incoming calls through Phone 1 and or Phone 2 coming from IP address Such control also can be done based on preconfigured schedules R Re eg...

Page 141: ...cified place Call Forward Deact Dial the number typed in this field to release the call forward function Call Forward Busy Act Dial the number typed in this field to forward all the incoming calls to...

Page 142: ...act Dial the number typed in this field to release this function Block Last Calls Act Dial the number typed in this field to block the last incoming phone call P PS ST TN N Some emergency phone e g 91...

Page 143: ...erver Proxy Display the domain name or IP address of the SIP proxy server Account Name Display the account name of SIP address before Ring Port Specify which port will ring when receiving a phone call...

Page 144: ...stem will select a proper way for your VoIP call SIP Port Set the port number for sending receiving SIP message for building a session The default value is 5060 Your peer must set the same value in hi...

Page 145: ...the time expires the router will send another register request to SIP Registrar again NAT Traversal Support If the router e g broadband router you use connects to internet by other device you have to...

Page 146: ...r Mic Speaker that configured in the advanced settings page of Phone Index Default SIP Account draytel_1 is the default SIP account You can click the number below the Index field to change SIP account...

Page 147: ...lowing page for configuring Phone settings Hotline Check the box to enable it Type in the SIP URL in the field for dialing automatically when you pick up the phone set Session Timer Check the box to e...

Page 148: ...e for detailed configuration Index 1 60 in Phone Book Enter the index of phone book profiles Refer to section 3 10 1 DialPlan Phone Book for detailed configuration CLIR hide caller ID Check this box t...

Page 149: ...ccounts as the default one for this phone setting Play dial tone only when account registered Check this box to invoke the function In addition you can press the Advanced button to configure tone sett...

Page 150: ...nging tone busy tone congestion tone by yourself for VoIP phone Also you can specify each field for your necessity It is recommended for you to use the default settings for VoIP communication Volume G...

Page 151: ...te the tone according to the digital form it receive This function is very useful when the network traffic congestion occurs and it still can remain the accuracy of DTMF tone SIP INFO Choose this one...

Page 152: ...ession Rx Jitter The jitter of received voice packets In Calls Accumulation for the times of in call Out Calls Accumulation for the times of out call Miss Calls Accumulation for the times of missing c...

Page 153: ...g user experience Complete Security Standard Selection To ensure the security and privacy of your wireless communication we provide several prevailing standards on market WEP Wired Equivalent Privacy...

Page 154: ...net without hassle of the confidential information leakage For a more flexible deployment you may add filters of MAC addresses to isolate users access from wired LAN Manage Wireless Stations Station L...

Page 155: ...n the wireless utility the user may only see the information except SSID or just cannot see any thing about Vigor wireless router while site surveying The system allows you to set four sets of SSID fo...

Page 156: ...of Access Point and Station in wireless client invoke this function at the same time That is the wireless client must support this feature and invoke the function too Note Vigor610 wireless adapter s...

Page 157: ...EP Accepts only WEP clients and the encryption key should be entered in WEP Key WPA PSK Accepts only WPA clients and the encryption key should be entered in PSK WPA2 PSK Accepts only WPA2 clients and...

Page 158: ...one key can be selected at a time The keys can be entered in ASCII or Hexadecimal Check the key you wish to use 3 3 1 11 1 4 4 A Ac cc ce es ss s C Co on nt tr ro ol l For additional security of wire...

Page 159: ...the selected MAC address in the list Edit Edit the selected MAC address in the list Cancel Give up the access control set up OK Click it to save the access control list Clear All Clean all entries in...

Page 160: ...n Bridge mode packets received from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the following examples h...

Page 161: ...ecurity Settings page this check box will be dimmed Pre shared Key Type 8 63 ASCII characters or 64 hexadecimal digits leading by 0x Bridge If you choose Bridge as the connecting mode please type in t...

Page 162: ...ean for usage Also it can be used to facilitate finding an AP for a WDS link Notice that during the scanning process about 5 seconds no client is allowed to connect to Vigor This page is used to scan...

Page 163: ...wireless clients now along with its status code There is a code summary below for explanation For convenient Access Control you can select a WLAN station and click Add to Access Control below Refresh...

Page 164: ...Sy ys st te em m S St ta at tu us s The System Status provides basic network settings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware ver...

Page 165: ...AC address of the wireless LAN Frequency Domain It can be Europe 13 usable channels USA 11 usable channels etc The available channels supported by the wireless products in different countries are vari...

Page 166: ...the router to send notification to CPE Or click Disable to close the mechanism of notification 3 3 1 12 2 3 3 A Ad dm mi in ni is st tr ra at to or r P Pa as ss sw wo or rd d This page allows you to...

Page 167: ...it another name by yourself 4 Click Save button the configuration will download automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating...

Page 168: ...3 1 12 2 5 5 S Sy ys sl lo og g M Ma ai il l A Al le er rt t SysLog function is provided for users to monitor router There is no bother to directly get into the Web Configurator of the router or borr...

Page 169: ...r monitor PC s IP address in the field of Server IP Address 2 Install the Router Tools in the Utility within provided CD After installation click on the Router Tools Syslog from program menu 3 From th...

Page 170: ...use the browser time from the remote administrator PC host as router s system time Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Time P...

Page 171: ...box es to specify Disable PING from the Internet Check the checkbox to reject all PING packets from the Internet For security issue this function is enabled by default Access List You could specify t...

Page 172: ...3 3 1 12 2 8 8 R Re eb bo oo ot t S Sy ys st te em m The Web Configurator may be used to restart your router Click Reboot System from System Maintenance to open the following page If you want to rebo...

Page 173: ...an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek...

Page 174: ...agnostics 3 3 1 13 3 1 1 D Di ia al l o ou ut t T Tr ri ig gg ge er r Click Diagnostics and click Dial out Trigger to open the web page The internet connection e g ISDN PPPoE PPPoA etc is triggered by...

Page 175: ...reload the page 3 3 1 13 3 3 3 A AR RP P C Ca ac ch he e T Ta ab bl le e Click Diagnostics and click ARP Cache Table to view the content of the ARP Address Resolution Protocol cache held in the router...

Page 176: ...assigned by this router for specified PC MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it Leased Time It displays the leased time of the specified PC...

Page 177: ...lick Ping Diagnosis to pen the web page Ping through Use the drop down list to choose the WAN interface that you want to ping through or choose Unspecified to be determined by the router automatically...

Page 178: ...lick IP Address TX rate RX rate or Session link for arranging the data display Enable Data Flow Monitor Check this box to enable this function Refresh Seconds Use the drop down list to choose the time...

Page 179: ...remaining time will be shown on the session column 3 3 1 13 3 8 8 T Tr ra af ff fi ic c G Gr ra ap ph h Click Diagnostics and click Traffic Graph to pen the web page Choose WAN1 Bandwidth WAN2 Bandwid...

Page 180: ...address of the host in the box and click Run The result of route trace will be shown on the screen Trace through Use the drop down list to choose the WAN interface that you want to ping through or ch...

Page 181: ...y want to connect to network securely such as the remote branch office and headquarter According to the network structure as shown in the below illustration you may follow the steps to create a LAN to...

Page 182: ...number to edit a profile 4 Set Common Settings as shown below You should enable both of VPN connections because any one of the parties may start the VPN connection 5 Set Dial Out Settings as shown bel...

Page 183: ...ression for this Dial Out connection 6 Set Dial In settings to as shown below to allow Router B dial in to build VPN connection If an IPSec based service is selected you may further specify the remote...

Page 184: ...for this Dial In connection 7 At last set the remote network IP subnet in TCP IP Network Settings so that Router A can direct the packets destined to the remote network to Router B via the VPN connec...

Page 185: ...etup such as the pre shared key that both parties have known 3 Go to LAN to LAN Click on one index number to edit a profile 4 Set Common Settings as shown below You should enable both of VPN connectio...

Page 186: ...rname Password PPP Authentication and VJ Compression for this Dial Out connection 6 Set Dial In settings to as shown below to allow Router A dial in to build VPN connection If an IPSec based service i...

Page 187: ...rther specify the remote peer IP Address Username Password and VJ Compression for this Dial In connection 7 At last set the remote network IP subnet in TCP IP Network Settings so that Router B can dir...

Page 188: ...as shown in the below illustration you may follow the steps to create a Remote User Profile and install Smart VPN Client on the remote host Settings in VPN Router in the enterprise office 1 Go to VPN...

Page 189: ...ion If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the...

Page 190: ...please use Network and Dial up connections or Smart VPN Client complimentary software to help you create PPTP L2TP and L2TP over IPSec tunnel You can find it in CD ROM in the package or go to www dray...

Page 191: ...uthentication method If the Pre Shared Key is selected it should be consistent with the one set in VPN router If a PPP based service is selected you should further specify the remote VPN server IP add...

Page 192: ...tt ti in ng g E Ex xa am mp pl le e Assume a teleworker sometimes works at home and takes care of children When working time he would use Vigor router at home to connect to the server in the headquart...

Page 193: ...Guide 187 3 Return to previous page Enter the Name of Index Class 1 by clicking Edit link Type the name E mail for Class 1 4 For this index the user will set reserved bandwidth e g 25 for E mail using...

Page 194: ...up link for WAN1 7 Check Enable UDP Bandwidth Control on the bottom to prevent enormous UDP traffic of VoIP influent other application Click OK 8 If the worker has connected to the headquarter using h...

Page 195: ...89 9 Click Edit to open the following window Check the ACT box first 10 Then click Edit of Local Address to set a worker s subnet address Click Edit of Remote Address to set headquarter s IP address L...

Page 196: ...vate IP address Subnet Mask is 192 168 1 1 255 255 255 0 The built in DHCP server is enabled so it assigns every local NATed host an IP address of 192 168 1 x starting from 192 168 1 10 You can just s...

Page 197: ...usage 4 4 5 5 C Ca al ll li in ng g S Sc ce en na ar ri io o f fo or r V Vo oI IP P f fu un nc ct ti io on n 4 4 5 5 1 1 C Ca al ll li in ng g v vi ia a S SI IP P S Se ev ve er r Example 1 Both John a...

Page 198: ...e and dials 1111 DialPlan Phone Number for David Settings for David DialPlan index 1 Phone Number 2222 Display Name John SIP URL 1234 draytel org SIP Accounts Settings Profile Name iptel 1 Register vi...

Page 199: ...cks up the phone and dials 1111 DialPlan Phone Number for David Or He picks up the phone and dials 4321 David s Account Name Settings for David DialPlan index 1 Phone Number 2222 Display Name John SIP...

Page 200: ...ain Realm blank Proxy blank Act as outbound proxy unchecked Display Name Arnor Account Name 1234 Authentication ID unchecked Password blank Expiry Time use default value CODEC RTP DTMF Use default val...

Page 201: ...click Install Now under Syslog description to install the corresponding program 4 The file RTSxxx exe will be asked to copy onto your computer Remember the place of storing the execution file 5 Go to...

Page 202: ...Programs and choose Router Tools XXX Firmware Upgrade Utility 12 Type in your router IP usually 192 168 1 1 13 Click the button to the right side of Firmware file typing box Locate the files that you...

Page 203: ...ide 197 14 Click Send 15 Now the firmware update is finished 4 4 7 7 R Re eq qu ue es st t a a c ce er rt ti if fi ic ca at te e f fr ro om m a a C CA A s se er rv ve er r o on n W Wi in nd do ow ws s...

Page 204: ...e Management and choose Local Certificate 2 You can click GENERATE button to start to edit a certificate request Enter the information in the certificate request 3 Copy and save the X509 Local Certifi...

Page 205: ...ake a Windows 2000 CA server for example Select Request a Certificate Select Advanced request Select Submit a certificate request a base64 encoded PKCS 10 file or a renewal request using a base64 enco...

Page 206: ...te Now you should get a certificate cer file and save it 5 Back to Vigor router go to Local Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router Whe...

Page 207: ...ti if fi ic ca at te e a an nd d S Se et t a as s T Tr ru us st te ed d o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r 1 Use web browser connecting to the CA server that you would like to retr...

Page 208: ...d CA Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router When finished click refresh and you will find the below illustration 4 You may review the...

Page 209: ...cking to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer for advanced help 5 5 1 1 C Ch he ec c...

Page 210: ...er trying the above section if the link is stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s The example is based on Wi...

Page 211: ...atically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Netwo...

Page 212: ...router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP The DOS command dialog will app...

Page 213: ...No ot t Click WAN Internet Access and then check whether the ISP settings are set correctly Click WAN1 or WAN2 link to review the settings that you configured previously F Fo or r P PP PP Po oE E U Us...

Page 214: ...de 208 F Fo or r S St ta at ti ic c D Dy yn na am mi ic c I IP P U Us se er rs s 1 Check if the Enable option is selected 2 Check if IP address Subnet Mask and Gateway are entered with correct values...

Page 215: ...s after inserting 3G USB Modem into your Vigor2820 Later the USB LED will light on which means the installation of USB Modem is successful If the USB LED does not light on please remove and reinsert t...

Page 216: ...o or ry y D De ef fa au ul lt t S Se et tt ti in ng g I If f N Ne ec ce es ss sa ar ry y Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by so...

Page 217: ...Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request 5 5 7 7 C Co on n...

Reviews:

No comments

Related manuals for Vigor 2820 Series

ZyXEL Communications ENTERPRISE NETWORK CENTER Manual preview
ENTERPRISE NETWORK CENTER
Brand: ZyXEL Communications Pages: 302
H3C SecPath F10 0 Series Installation Manual preview
SecPath F10 0 Series
Brand: H3C Pages: 68
PaloAlto Networks Prisma SD-WAN ION 2000 Hardware Reference Manual preview
Prisma SD-WAN ION 2000
Brand: PaloAlto Networks Pages: 38
Check Point Smart-1 5050 Manual preview
Smart-1 5050
Brand: Check Point Pages: 2
Check Point 15400 Replacing preview
15400
Brand: Check Point Pages: 7
H3C SecPath F5030 Configuration Manual preview
SecPath F5030
Brand: H3C Pages: 39
Moxa Technologies NPort 6250 Series Quick Installation Manual preview
NPort 6250 Series
Brand: Moxa Technologies Pages: 2
Moxa Technologies IEC-G102-BP Series Quick Installation Manual preview
IEC-G102-BP Series
Brand: Moxa Technologies Pages: 10
Moxa Technologies IEF-G9010 Series User Manual preview
IEF-G9010 Series
Brand: Moxa Technologies Pages: 90

Brands by name

Popular brands

Load more brands