manualshive.com logo in svg

Draytek Vigor 2910, User Manual

The Draytek Vigor 2910 is a powerful networking device designed to enhance your internet connection. For easy setup and configuration, be sure to download the free Quick Start Manual from manualshive.com. The manual provides clear instructions and helpful tips to get you up and running in no time.

Share
Download
background image

 

 

 

 

 

 

 

 

Vigor2910  

Dual-WAN Security Router

 

User’s Guide 

 

 

 

 

 

 

 

 

 

 

 

Version: 3.2 

Date: 2007/10/01 

 

Copyright 2007 All rights reserved.   

This publication contains information that is protected by copyright. No part may be reproduced, transmitted, 

transcribed, stored in a retrieval system, or translated into any language without written permission from the copyright 

holders. The scope of delivery and other details are subject to change without prior notice. 

Microsoft is a registered trademark of Microsoft Corp. 

Windows, Windows 95, 98, Me, NT, 2000, XP and Explorer are trademarks of Microsoft Corp. 

Apple and Mac OS are registered trademarks of Apple Computer Inc. 

Other products may be trademarks or registered trademarks of their respective manufacturers.

 

 

Summary of Contents for Vigor 2910

Page 1: ...or translated into any language without written permission from the copyright holders The scope of delivery and other details are subject to change without prior notice Microsoft is a registered trademark of Microsoft Corp Windows Windows 95 98 Me NT 2000 XP and Explorer are trademarks of Microsoft Corp Apple and Mac OS are registered trademarks of Apple Computer Inc Other products may be trademar...

Page 2: ... Basic Settings 15 2 1 Changing Password 15 2 2 Quick Start Wizard 17 2 2 1 PPPoE 18 2 2 2 PPTP 20 2 2 3 Static IP 21 2 2 4 L2TP 22 2 2 5 DHCP 23 2 3 Online Status 24 2 4 Saving Configuration 26 3 AdvancedWebConfiguration 27 3 1 WAN 27 3 1 1 Basics of Internet Protocol IP Network 27 3 1 2 Network Connection by 3G USB Modem 28 3 1 3 General Setup 28 3 1 4 Internet Access 31 3 1 5 Load Balance Polic...

Page 3: ...ake On LAN 95 3 8 VPN and Remote Access 97 3 8 1 Remote Access Control 97 3 8 2 PPP General Setup 97 3 8 3 IPSec General Setup 99 3 8 4 IPSec Peer Identity 100 3 8 5 Remote Dial in User 102 3 8 6 LAN to LAN 105 3 8 7 VPN TRUNK Management 114 3 8 8 Connection Management 117 3 9 Certificate Management 119 3 9 1 Local Certificate 119 3 9 2 Trusted CA Certificate 121 3 9 3 Certificate Backup 122 3 10 ...

Page 4: ...ARP Cache Table 181 3 15 4 DHCP Table 182 3 15 5 NAT Sessions Table 182 3 15 6 Wireless VLAN Online Station Table 183 3 15 7 Data Flow Monitor 183 3 13 8 Traffic Graph 185 3 15 9 Ping Diagnosis 186 3 15 10 Trace Route 186 4 Application and Examples 189 4 1 Create a LAN to LAN Connection Between Remote Office and Headquarter 189 4 2 Create a Remote Dial in User Connection Between the Teleworker and...

Page 5: ... 5 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 221 5 3 Pinging the Router from Your Computer 224 5 4 Checking If the ISP Settings are OK or Not 226 5 5 Problems for 3G Network Connection 227 5 6 Backing to Factory Default Setting If Necessary 228 5 7 Contacting Your Dealer 229 ...

Page 6: ......

Page 7: ...ral main buttons appeared on the web pages are defined as the following Save and apply current settings Cancel current settings and recover to the previous saved settings Discard current settings and allow users to input settings again Add new settings for specified item Edit the settings for the selected item Delete the selected item with the corresponding settings Note For the other buttons show...

Page 8: ...hrough its corresponding port Green A normal 100Mbps connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch LAN P4 P1 Connecters for local networked de...

Page 9: ...tting Orange A normal 10Mbps connection is through its corresponding port Green A normal 100Mbps connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch...

Page 10: ...rough its corresponding port Green A normal 100Mbps connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch LAN P4 P1 Connecters for local networked dev...

Page 11: ... connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch FXS2 FXS1 Connecters for telephone set and analog phone with VoIP communication LAN P4 P1 Conne...

Page 12: ... corresponding port Green A normal 100Mbps connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch FXS2 FXS1 Connecters for telephone set and the analog...

Page 13: ... corresponding port Green A normal 100Mbps connection is through its corresponding port LAN P1 P2 P3 P4 Blinking Ethernet packets are transmitting C Co on nn ne ec ct to or r E Ex xp pl la an na at ti io on n Interface Description USB Connecter for a USB printer or 3G USB modem PWR Connecter for a power adapter with 12 15VDC ON OFF Power Switch FXS2 FXS1 Connecters for telephone set and analog pho...

Page 14: ...er of the model without VoIP ports skip this step 5 Connect the ISDN NT1 1 box with ISDN cable This connection is available for Europe only 6 Connect the printer 3 5G modem e g Huawei E220 HSDPA USB Modem to the router with the USB cable and connect the power cord if requried If you do not have a printer 3 5G modem for using skip this step For detailed configuration of printer refer to section 1 4...

Page 15: ...onnected this router can print documents via the router The example provided here is made based on Windows XP 2000 For Windows 98 SE please visit www draytek com Before using it please follow the steps below to configure settings for connected computers or wireless clients 1 Connect the printer with the router through USB parallel port 2 Open Start Settings Printer and Faxes ...

Page 16: ... a New Computer A welcome dialog will appear Please click Next 4 Click Local printer attached to this computer and click Next 5 In this dialog choose Create a new port Type of port and use the drop down list to select Standard TCP IP Port Click Next ...

Page 17: ... following dialog type 192 168 1 1 router s LAN IP in the field of Printer Name or IP Address and type IP_192 168 1 1 as the port name Then click Next 7 Click Standard and choose Generic Network Card 8 Then in the following dialog click Finish ...

Page 18: ...n click Next 10 For the final stage you need to go back to Control Panel Printers and edit the property of the new printer you have added 11 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and UPR name The printer can be used for printing now Most of the printers with different manufacturers are compatible...

Page 19: ...s supported or not please visit www draytek com to find out the printer list Open Support Center FAQ Sort by product select the model of the router and click on it find out the link of Printer Server FAQ click the What types of printers are compatible with Vigor router link Note 2 Vigor router supports printing request from computers via LAN ports but not WAN port ...

Page 20: ...Vigor2910 Series User s Guide 14 ...

Page 21: ... d To change the password for this device you have to access into the web browse with default password first 1 Make sure your computer connects to the router correctly Notice You may either simply set up your computer to get IP dynamically from the router or set up the IP address of the computer to be the same subnet as the default IP address of Vigor router 192 168 1 1 For the detailed informatio...

Page 22: ...4 Go to System Maintenance page and choose Administrator Password 5 Enter the login password the default is blank on the field of Old Password Type a new one in the field of New Password and retype it on the field of Retype New Password Then click OK to continue 6 Now the password has been changed Next time use the new password to access the Web Configurator for this router ...

Page 23: ...he configuration provide here can help you to deploy and use the router quickly The first screen of Quick Start Wizard is entering login password After typing the password please click Next On the next page as shown below please select the WAN interface that you use Choose Auto negotiation as the physical type for your router Then click Next for next step ...

Page 24: ...ss 2 2 2 2 1 1 P PP PP Po oE E PPPoE stands for Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single DSL line wireless device or cable modem All the users over the Ethernet can share a common connection PPPoE is used for most of DSL modem users All loca...

Page 25: ...d by the ISP Password Assign a valid password provided by the ISP Confirm Password Retype the password for confirmation Click Next for viewing summary of such connection Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown ...

Page 26: ...lick PPTP as the protocol Type in all the information that your ISP provides for this protocol Click Next for viewing summary of such connection Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown ...

Page 27: ... IP as the protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Next to see the following page Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown ...

Page 28: ...e protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Next to see the following page Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown ...

Page 29: ...e protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Next to see the following page Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown ...

Page 30: ...ystem status WAN status ADSL Information and other status related to this router within one page If you select PPPoE as the protocol you will find out a button of Dial PPPoE or Dial PPPoE in the Online Status web page Online status for PPPoE Online status for PPTP for WAN2 Online status for Static IP for WAN1 ...

Page 31: ...n WAN1 WAN web page Mode Displays the type of WAN connection e g PPPoE Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface GW IP Displays the IP address of the default gateway TX Packets Displays the total transmitted packets at the WAN interface TX Rate Displays the speed of transmitted octets at the WAN interface RX Packets Displays the total number...

Page 32: ... at ti io on n Each time you click OK on the web page for saving the configuration you can find messages showing the system interaction with you Ready indicates the system is ready for you to input settings Settings Saved means your settings are saved once you click Finish or OK button ...

Page 33: ...255 255 From 192 168 0 0 to 192 168 255 255 W Wh ha at t a ar re e P Pu ub bl li ic c I IP P A Ad dd dr re es ss s a an nd d P Pr ri iv va at te e I IP P A Ad dd dr re es ss s As the router plays a role to manage and further protect its LAN it interconnects groups of host PCs Each of them has a private IP address assigned by the built in DHCP server of the Vigor router The router itself will also ...

Page 34: ...in the router Besides 3G USB Modem in WAN2 also can be used as backup device Therefore when WAN1 is not available the router will use 3 5G for supporting automatically The supported 3G USB Modem will be listed on Draytek web site Please visit www draytek com for more detailed information Below shows the menu items for Internet Access 3 3 1 1 3 3 G Ge en ne er ra al l S Se et tu up p This section w...

Page 35: ...ugh Ethernet port yet the physical connection for WAN2 is done through an Ethernet port P1 or USB port You cannot change it To use 3G network connection through 3G USB Modem choose 3G USB Modem as the physical mode in WAN2 Next go to WAN Internet Access 3G USB Modem is available for WAN2 You can choose PPP as the access mode and click Details Page for further configuration Physical Type You can ch...

Page 36: ...nternet Access In addition there are three selections for you to choose for different purposes WAN2 Fail It means the connection for WAN1 will be activated when WAN2 is failed WAN2 Upload speed exceed XX kbps It means the connection for WAN1 will be activated when WAN2 Upload speed exceed certain value that you set in this box for 15 seconds WAN2 Download speed exceed XX kbps It means the connecti...

Page 37: ...e for accessing into the Internet when WAN 1 is inactive for some reason Display Name It shows the name of the WAN1 WAN2 that entered in general setup Physical Mode It shows the physical connection for WAN1 Ethernet WAN2 Ethernet or 3G USB Modem according to the real network connection Access Mode Use the drop down list to choose a proper access mode The details page of that mode will be popped up...

Page 38: ...sername provided by ISP in this field Password Type in the password provided by ISP in this field Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Application Schedule web page and you can use the number that you have set in that web page ISDN Dial Backup Setup This setting is available for the routers supporting IS...

Page 39: ...g is active only when the Active on demand option for Active Mode is selected in WAN General Setup page IP Address Assignment Method IPCP Usually ISP dynamically assigns IP address to you each time you connect to it and request In some case your ISP provides service to always assign you the same IP address whenever you request In this case you can fill in this IP address in the Fixed IP field Plea...

Page 40: ... use Static or Dynamic IP as the accessing protocol of the internet please choose Internet Access from WAN menu Then select Static or Dynamic IP mode for WAN2 The following web page will be shown Static or Dynamic IP DHCP Client Click Enable for activating this function If you click Disable this function will be closed and all the settings that you adjusted in this page will be invalid ISDN Dial B...

Page 41: ...nterval for the system to execute the PING operation WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displ...

Page 42: ...ress Type the IP address Subnet Mask Type the subnet mask Gateway IP Address Type the gateway IP address Default MAC Address Click this radio button to use default MAC address for the router Specify a MAC Address Some Cable service providers specify a specific MAC address for access authentication In such cases you need to click the Specify a MAC Address and enter the MAC address in the MAC Addres...

Page 43: ...Access Setup Username Type in the username provided by ISP in this field Password Type in the password provided by ISP in this field Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Application Schedule web page and you can use the number that you have set in that web page ISDN Dial Backup Setup This setting is avai...

Page 44: ...his function and type in a fixed IP address in the box Fixed IP Address Type a fixed IP address WAN IP Alias If you have multiple public IP addresses and would like to utilize them on the WAN interface please use WAN IP Alias You can set up to 8 public IP addresses other than the current one you are using Notice that this setting is available for WAN1 only Default MAC Address Click this radio butt...

Page 45: ...contact to your ISP PPP Username Type the PPP username optional PPP Password Type the PPP password optional Index 1 15 Set the PCs on LAN to work at certain time interval only You may choose up to 4 schedules out of the 15 schedules pre defined in Applications Schedule setup The default setting of this filed is blank and the function will always work 3 3 1 1 5 5 L Lo oa ad d B Ba al la an nc ce e ...

Page 46: ... IP Start Displays the IP address for the start of the source IP Src IP End Displays the IP address for the end of the source IP Dest IP Start Displays the IP address for the start of the destination IP Dest IP End Displays the IP address for the end of the destination IP Dest Port Start Displays the IP address for the start of the destination port Dest Port End Displays the IP address for the end...

Page 47: ...blank it means that all the source IPs inside the LAN will be passed through the WAN interface Dest IP Start Type the destination IP start for the specified WAN interface Dest IP End Type the destination IP end for the specified WAN interface If this field is blank it means that all the destination IPs will be passed through the WAN interface Dest Port Start Type the destination port start for the...

Page 48: ...T does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means th...

Page 49: ...St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified subnet to another specified subnet without the presence of RIP W Wh ha at t a ar re e V Vi ir rt tu ua al l L LA AN Ns s a an nd d R Ra at te e C Co on ...

Page 50: ...ult 192 168 1 1 1st Subnet Mask Type in an address code that determines the size of the network Default 255 255 255 0 24 For IP Routing Usage Click Enable to invoke this function The default setting is Disable 2nd IPAddress Type in secondary IP address for connecting to a subnet Default 192 168 2 1 24 2nd Subnet Mask An address code that determines the size of the network Default 255 255 255 0 24 ...

Page 51: ... RIP information of the 2nd subnet with neighboring routers DHCP Server Configuration DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatch related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP...

Page 52: ...cally apply default DNS Server IP address 194 109 6 66 to this field Secondary IPAddress You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provide it the router will automatically apply default secondary DNS Server IP address 194 98 0 1 to this field The default DNS Server IP address can be found via Online Status...

Page 53: ...o that user A and B locating in different subnet can talk to each other via the router Assuming the Internet access has been configured and the router works properly z use the Main Router to surf the Internet z create a private subnet 192 168 10 0 using an internal Router A 192 168 1 2 z create a public subnet 211 100 88 0 via an internal Router B 192 168 1 3 z have set Main Router 192 168 1 1 as ...

Page 54: ...and continuously exchange of IP routing information with different subnets 2 Click the LAN Static Route and click on the Index Number 1 Check the Enable box Please add a static route as shown below which regulates all packets destined to 192 168 10 0 will be forwarded to 192 168 1 2 Click OK 3 Return to Static Route Setup page Click on another Index Number to add another static route as show below...

Page 55: ...disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List ARP Table This table is the LAN ARP table of this router The information for IP and MAC will be displayed in this field Each pair of IP and MAC address listed in ARP table can be selected and added to IP Bind List by click...

Page 56: ...apping relationship When the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes z Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP ad...

Page 57: ...the mapping private IP address port of the server The port redirection can only apply to incoming traffic To use this function please go to NAT page and choose Port Redirection web page The Port Redirection Table provides 10 port mapping entries for the internal hosts Mode Two options are provided here for you to choose To set a range for the specific service select Range Service Name Enter the de...

Page 58: ...nce the common port numbers of these services servers are all the same you may need to reset the router in order to avoid confliction For example the built in web configurator in the router is with default port 80 which may conflict with the web server in the local network http 192 168 1 13 80 Therefore you need to change the router s http port to any one other than the default port 80 to avoid co...

Page 59: ...g or Internet Games etc The inherent security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional filter rules or a secondary firewall Click DMZ Host to open the following page WAN1 This page allows you to set Private IP or Active True IP as the DMZ host Private IP If you choose Private IP as the selection for DMZ host please type in private IP or select...

Page 60: ...ux WAN IP list for your selection Enable Check to enable the DMZ Host function Private IP Enter the private IP address of the DMZ host or click Choose PC to select one Choose PC Click this button and then a window will automatically pop up as depicted below The window consists of a list of private IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ...

Page 61: ... to any security exploits Click Open Ports to open the following page Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network service WAN Interface Display the WAN interface for the entry Local IP Address Display ...

Page 62: ...wn list This selection is available and can be seen only if you have set WAN IP Alias previously Local Computer Enter the private IP address of the local host or click Choose PC to select one Choose PC Click this button and subsequently a window having a list of private IP addresses of local hosts will automatically pop up Select the appropriate IP address of the local host in the list Protocol Sp...

Page 63: ...th groups for using conveniently Later we can select that object group that can apply it For example all the IPs in the same department can be defined with an IP object a range of IP address 3 3 4 4 1 1 I IP P O Ob bj je ec ct t You can set up to 192 sets of IP Objects with different conditions Set to Factory Default Clear all profiles Click the number under Index column for settings in detail Nam...

Page 64: ... the IP address Select Single Address if this object contains one IP address only Select Range Address if this object contains several IPs within a range Select Subnet Address if this object contains one subnet for IP address Select Any Address if this object contains any IP address Start IP Address Type the start IP address for Single Address type End IP Address Type the end IP address if the Ran...

Page 65: ... Index column for settings in detail Name Type a name for this profile Maximum 15 characters are allowed Interface Choose WAN LAN or Any to display all the available IP objects with the specified interface Available IP Objects All the available IP objects with the specified interface chosen above will be shown in this box Selected IP Objects Click button to add the selected IP objects in this box ...

Page 66: ... detail Name Type a name for this profile Protocol Specify the protocol s which this profile will apply to Source Destination Port Source Port and the Destination Port column are available for TCP UDP protocol It can be ignored for other protocols The filter rule will filter out any port number when the first and last value are the same it indicates one port when the first and last values are diff...

Page 67: ... are available for this service type the port number greater than this value is available the port number less than this value is available for this profile Below is an example of service type objects settings 3 3 4 4 4 4 S Se er rv vi ic ce e T Ty yp pe e G Gr ro ou up p This page allows you to bind several service types into one group Set to Factory Default Clear all profiles Click the number un...

Page 68: ...in this box Selected Service Type Objects Click button to add the selected IP objects in this box 3 3 4 4 5 5 C CS SM M P Pr ro of fi il le e You can define policy profiles for different policy of IM Instant Messenger P2P Peer to Peer application CSM profile will be applied by Firewall Set to Factory Default Clear all profiles Click the number under Index column for settings in detail ...

Page 69: ... Edit Filter Set Edit Filter Rule There are several items for IM VoIP P2P provided here for you to choose to disallow people using Simple check the box es and then click OK Later in the Firewall General Setup and Firewall Edit Filter Set Edit Filter Rule pages you can use Content Security Management drop down list to choose a proper CSM profile as the standard for all the host s or specified host ...

Page 70: ...router to build an unwanted outgoing connection The most basic security concept is to set user name and password while you install your router The administrator login will prevent unauthorized access to the router configuration from your router If you did not set password during installation you can go to System Maintenance to set up your password F Fi ir re ew wa al ll l F Fa ac ci il li it ti ie...

Page 71: ...ernet connection Data Filter is applied to incoming and outgoing traffic It will check packets according to the filter rules If legal the packet will pass the router The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic respectively S St ta at te ef fu ul l P Pa ac ck ke et t I In ns sp pe ec ct ti io on n S SP PI I Stateful inspection i...

Page 72: ...nism to mitigate in a real time manner The below shows the attack types that DoS DDoS defense function can detect 1 SYN flood attack 2 UDP flood attack 3 ICMP flood attack 4 TCP Flag scan 5 Trace route 6 IP options 7 Unknown protocol 8 Land attack 9 Smurf attack 10 SYN fragment 11 ICMP fragment 12 Tear drop attack 13 Fraggle attack 14 Ping of Death attack 15 TCP UDP port scan C Co on nt te en nt t...

Page 73: ...ided into 40 easy to understand categories This database is updated as frequent as daily by a global team of Internet researchers The server will look up the URL and return a category to your router Your Vigor router will then decide whether to allow access to this site according to the categories you have selected Please note that this action will not introduce any delay in your Web surfing becau...

Page 74: ...blocking All the hosts in LAN must follow the standard configured in the CSM profile selected here For troubleshooting needs you can specify to record CSM information by checking the Log box It will be sent to Syslog server Please refer to section 3 14 4 Syslog Mail Alert for more detailed information Some on line games for example Half Life will use lots of fragmented UDP packets to transfer game...

Page 75: ...k to move the order of the filter rules Next Filter Set Set the link to the next filter set to be executed after the current filter run Do not make a loop with many filter sets To edit Filter Rule click the Filter Rule index button to enter the Filter Rule setup page Check to enable the Filter Rule Check this box to enable the filter rule Comments Enter filter set comments description Maximum leng...

Page 76: ...e following dialog to choose the source destination IP or IP ranges To set the IP address manually please choose Any Address Single Address Range Address Subnet Address as the Address Type and type them in this dialog In addition if you want to use the IP range from defined groups or objects please choose Group and Objects as the Address Type From the IP Group drop down list choose the one that yo...

Page 77: ...service type the port number greater than this value is available the port number less than this value is available for this profile Service Group Object Use the drop down list to choose the one that you want Fragments Specify the action for fragmented packets And it is used for Data Filter only Don t care No action will be taken towards fragmented packets Unfragmented Apply the rule to unfragment...

Page 78: ...rule to all IP address enter any or leave the field blank Content Management All the hosts within the range configured with above conditions must follow the standard configured in the CSM profile configured in Objects and Groups CSM Profiles selected here Please choose one of the CSM profiles applied by this filter rule For troubleshooting needs you can specify to record CSM information by checkin...

Page 79: ...Vigor2910 Series User s Guide 73 ...

Page 80: ...seconds respectively Enable UDP flood defense Check the box to activate the UDP flood defense function Once detecting the Threshold of the UDP packets from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent UDP packets for a period defined in Timeout The default setting for threshold and timeout are 150 packets per second and 10 seconds respe...

Page 81: ...box to activate the Block fraggle Attack function Any broadcast UDP packets received from the Internet is blocked Activating the DoS DDoS defense functionality might block some legal packets For example when you activate the fraggle attack defense all broadcast UDP packets coming from the Internet are blocked Therefore the RIP packets from the Internet might be dropped Block TCP flag scan Check th...

Page 82: ...col types greater than 100 are reserved and undefined at this time Therefore the router should have ability to detect and reject this kind of packets Warning Messages We provide Syslog function for user to retrieve message from Vigor router The user as a Syslog Server shall receive the report sending from Vigor router which is a Syslog Client All the warning messages related to DoS defense will be...

Page 83: ...request that tries to retrieve the malicious code Click Firewall and click URL Content Filter to open the setup page Enable URL Access Control Check the box to activate URL Access Control Black List block those matching keyword Click this button to restrict accessing into the corresponding webpage with the keywords listed on the box below White List pass those matching keyword Click this button to...

Page 84: ...mpressed file function to prevent someone from downloading any compressed file The following list shows the types of compressed files that can be blocked by the Vigor router zip rar arj ace cab sit Executable file Check the box to reject any downloading behavior of the executable file from the Internet exe com scr pif bas bat inf reg Cookie Check the box to filter out the cookie transmission from ...

Page 85: ...ies User s Guide 79 3 3 5 5 6 6 W We eb b C Co on nt te en nt t F Fi il lt te er r Click Firewall and click Web Content Filter to open the setup page For this section please refer to Web Content Filter user s guide ...

Page 86: ...ortant accesses impacted To solve the problem you can use limit session to limit the session procession for specified Hosts In the Bandwidth Management menu click Sessions Limit to open the web page To activate the function of limit session simply click Enable and set the default session limit Enable Click this button to activate the function of limit session Disable Click this button to close the...

Page 87: ... and you can use the number that you have set in that web page 3 3 6 6 2 2 B Ba an nd dw wi id dt th h L Li im mi it t The downstream or upstream from FTP HTTP or some P2P applications will occupy large of bandwidth and affect the applications for other programs Please use Limit Bandwidth to make the bandwidth usage more efficient In the Bandwidth Management menu click Bandwidth Limit to open the ...

Page 88: ... start If other applications are not protected by QoS it will detract much from their performance in the overcrowded network This is especially essential to those are low tolerant of loss delay or jitter delay variation Another reason is due to congestions at network intersections where speeds of interconnected circuits mismatch or traffic aggregates packets will queue up and traffic can be thrott...

Page 89: ...network However each node may take different attitude toward packets with high priority marking since it may bind with the business deal of SLA among different DS domain owners It s not easy to achieve deterministic and consistent high priority QoS traffic throughout the whole network with merely Vigor router s effort In the Bandwidth Management menu click Quality of Service to open the web page T...

Page 90: ... output for WAN For example if your ADSL supports 1M of downstream and 256K upstream please set 256kbps for this box The default value is 10000kbps Reserved Bandwidth Ratio It is reserved for the group index in the form of ratio of reserved bandwidth to upstream speed and reserved bandwidth to downstream speed Enable UDP Bandwidth Control Check this and set the limited bandwidth ratio on the right...

Page 91: ...s ss s R Ru ul le e f fo or r Q Qo oS S The first three Class 1 to Class 3 class rules can be adjusted for your necessity To add edit or delete the class rule please click the Edit link of that one After you click the Edit link you will see the following page Now you can define the name for that Class In this case Test is used as the name of Class Index 1 ...

Page 92: ...r Subnet Address you have to fill in Start IP address and Subnet Mask DiffServ CodePoint All the packets of data will be divided with different levels and will be processed according to the level type by the system Please assign one of the level of the data for processing with QoS control Service Type It determines the service type of the data for processing with QoS control It can also be edited ...

Page 93: ...edit or delete an existed service type please click the Edit link under Service Type field After you click the Edit link you will see the following page For adding a new rule click Add to open the following page If you want to edit an existed service type please select the radio button of that one and click Edit to open the following page for modification ...

Page 94: ...If you select Range you have to type in the starting port number and the end porting number on the boxes below Port Number Type in the starting port number and the end porting number here if you choose Range as the type By the way you can set up to 40 service types If you want to edit delete an existed service type please select the radio button of that one and click Edit Edit for modification ...

Page 95: ...ynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service providers Basically Vigor routers are compatible with the DDNS services supplied by most popular DDNS service providers such as www dyndns org www no ip com www dtdns com www changeip com www dynamic nameserver com You should visit thei...

Page 96: ... WAN Interface Select the WAN interface order to apply settings here Service Provider Select the service provider for the DDNS account Service Type Select a service type Dynamic Custom Static If you choose Custom you can modify the domain that is choosen in the Domain Name field Domain Name Type in a domain name that you applied previously Use the drop down list to choose the desired domain Login ...

Page 97: ... System Maintenance Time and Date menu press Inquire Time button to set the Vigor router s clock to current time of your PC The clock will reset once if you power down or reset the router There is another way to set up time You can inquiry an NTP server a time server on the Internet to synchronize the router s clock This method can only be applied when the WAN connection has been built up Set to F...

Page 98: ...Dial On Demand Specify the connection to be up when it has traffic on the line Once there is no traffic over idle timeout the connection will be down and never up again during the schedule Idle Timeout Specify the duration or period for the schedule How often Specify how often the schedule will be applied Once The schedule will be applied just once Weekdays Specify which days in one week should pe...

Page 99: ...t is the most common method of authenticating and authorizing dial up and tunneled network users The built in RADIUS client feature enables the router to assist the remote dial in user or a wireless station and the RADIUS server in performing mutual authentication It enables centralized remote access authentication for network management Enable Check to enable RADIUS client feature Server IP Addre...

Page 100: ...Messenger to allow full use of the voice video and messaging features Enable UPNP Service Accordingly you can enable either the Connection Control Service or Connection Status Service After setting Enable UPNP Service setting an icon of IP Broadband Connection on Router on Windows XP Network Connections will appear The connection status and control status will be able to be activated The NAT Trave...

Page 101: ...e you need to ensure that you have applied the latest service packs and patches Non privileged users can control some router functions including removing and adding port mappings The UPnP function dynamically adds port mappings on behalf of some UPnP aware applications When the applications terminate abnormally these mappings may not be removed 3 3 7 7 5 5 W Wa ak ke e O On n L LA AN N A PC client...

Page 102: ...by IP Address you have to choose the correct IP address IP Address The IP addresses that have been configured in Firewall Bind IP to MAC will be shown in this drop down list Choose the IP address from the drop down list that you want to wake up MAC Address Type any one of the MAC address of the binded PCs Wake Up Click this button to wake up the selected IP See the following figure The result will...

Page 103: ...PN service as you need If you intend to run a VPN server inside your LAN you should disable the VPN service of Vigor Router to allow VPN tunnel pass through as well as the appropriate NAT settings such as DMZ or open port And if you want to enable ISDN dial in function please check Enable ISDN Dial In in this page Enable PPTP VPN Service Check this box to activate the VPN service through PPTP prot...

Page 104: ...se 40 bit to perform encryption prior to using 128 bit for encryption In other words if 128 bit MPPE encryption method is not available then 40 bit encryption scheme will be applied to encrypt the data Maximum MPPE This option indicates that the router will use the MPPE encryption scheme with maximum bits 128 bit to encrypt the data Mutual Authentication PAP The Mutual Authentication function is m...

Page 105: ...al packet e g L2TP over IPSec The Tunnel mode will not only add the AH ESP payload but also use a new IP header Tunneled IP header to encapsulate the whole original IP packet Authentication Header AH provides data authentication and integrity for IP packets passed between VPN peers This is achieved by a keyed one way hash function to the packet to create a message digest This digest will be put in...

Page 106: ... In connection here you may edit a table of peer certificate for selection As shown below the router provides 32 entries of digital certificates for peer users Set to Factory Default Click it to clear all indexes Index Click the number below Index to access into the setting page of IPSec Peer Identity Name Display the profile name of that index Click each index to edit one peer digital certificate...

Page 107: ...fic field of digital signature to accept the peer with matching value The field can be IP Address Domain or E mail Address The box under the Type will appear according to the type you select and ask you to fill in corresponding setting Accept Subject Name Click to check the specific fields of digital signature to accept the peer with matching value The field includes Country C State ST Location L ...

Page 108: ...erver through the built in RADIUS client function The following figure shows the summary table Set to Factory Default Click to clear all indexes Index Click the number below Index to access into the setting page of Remote Dial in User User Display the username for the specific dial in user of the LAN to LAN profile The symbol represents that the profile is empty Status Display the access state of ...

Page 109: ...unnel Allow the remote dial in user to make an IPSec VPN connection through Internet L2TP Allow the remote dial in user to make a L2TP VPN connection through the Internet You can select to use L2TP alone or with IPSec Select from below None Do not apply the IPSec policy Accordingly the VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection Nice to Have Appl...

Page 110: ...remote node Check the Medium DES 3DES or AES box as the security method Medium Authentication Header AH means data will be authenticated but not be encrypted By default this option is invoked You can uncheck it to disable it High Encapsulating Security Payload ESP means payload data will be encrypted and authenticated You may select encryption algorithm from Data Encryption Standard DES Triple DES...

Page 111: ... which also means supporting 32 VPN tunnels simultaneously The following figure shows the summary table Set to Factory Default Click to clear all indexes Name Indicate the name of the LAN to LAN profile The symbol represents that the profile is empty Status Indicate the status of individual profiles The symbol V and X represent the profile to be active and inactive respectively LAN to LAN profiles...

Page 112: ...fill all the necessary fields When VPN TRUNK is activated several fields e g Dial in Settings Dial in selection in Call Direction and others might be locked and dimmed Please refer to VPN and Remote Access VPN TRUNK Management for more details For the web page is too long we divide the page into several sections for explanation Profile Name Specify a name for the profile of the LAN to LAN connecti...

Page 113: ... alive This function is to help the router to determine the status of IPSec VPN connection especially useful in the case of abnormal VPN IPSec tunnel disruption For details please refer to the note below Check to enable the transmission of PING packets to a specified IP address PING to the IP Enter the IP address of the remote host that located at the other end of the VPN tunnel Enable PING to Kee...

Page 114: ...N PPTP or L2TP with or without IPSec policy above PAP CHAP is the most common selection due to wild compatibility VJ compression This field is applicable when you select ISDN PPTP or L2TP with or without IPSec policy above VJ Compression is used for TCP IP protocol header compression Normally set to Yes to improve bandwidth utilization IKE Authentication Method This group of fields is applicable f...

Page 115: ...d Aggressive mode The ultimate outcome is to exchange security proposals to create a protected secure channel Main mode is more secure than Aggressive mode since more exchanges are done in a secure channel to set up the IPSec session However the Aggressive mode is faster The default value in Vigor router is Main mode IKE phase 1 proposal To propose the local available authentication schemes and en...

Page 116: ...sed to avoid the computation complexity in phase 2 The default value is inactive this function Local ID In Aggressive mode Local ID is on behalf of the IP address while identity authenticating with remote VPN server The length of the ID is limited to 47 characters Callback Function for i models only The callback function provides a callback service as a part of PPP suite only for the ISDN dial in ...

Page 117: ...nel Allow the remote dial in user to trigger an IPSec VPN connection through Internet L2TP Allow the remote dial in user to make a L2TP VPN connection through the Internet You can select to use L2TP alone or with IPSec Select from below None Do not apply the IPSec policy Accordingly the VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection Nice to Have App...

Page 118: ...o invoke this function and type in the required characters 1 63 as the pre shared key Digital Signature X 509 Check the box of Digital Signature to invoke this function and select one predefined in the X 509 Peer ID Profiles set from VPN and Remote Access IPSec Peer Identity IPSec Security Method This group of fields is a must for IPSec Tunnels and L2TP with IPSec Policy when you specify the remot...

Page 119: ...TP Remote Network IP Remote Network Mask Add a static route to direct all traffic destined to this Remote Network IP Address Remote Network Mask through the VPN connection For IPSec this is the destination clients IDs of phase 2 quick mode More Add a static route to direct all traffic destined to more Remote Network IP Addresses Remote Network Mask through the VPN connection This is usually used w...

Page 120: ...e web page is simple to understand and easy to configure Filly compliant with VPN Server LAN Sit Single Multi Network Mail Alert support please refer to System Maintenance SysLog Mail Alert for detailed configuration Syslog support please refer to System Maintenance SysLog Mail Alert for detailed configuration Specific ERD Environment Recovery Detection mechanism which can be operated by using Tel...

Page 121: ...iles in LAN to LAN will be shown on Member1 and Member2 fields Member 1 Member2 Display the selection for LAN to LAN dial out profiles configured in VPN and Remote Access LAN to LAN for you to choose for grouping under certain VPN backup profile No Index number of LAN to LAN dial out profile Name Profile name of AN to LAN dial out profile Connection Type Connection type of AN to LAN dial out profi...

Page 122: ...et t a a V VP PN N T TR RU UN NK K p pr ro of fi il le e 1 Go to VPN and Remote Access LAN to LAN Set two or more LAN to LAN profiles first 2 Access into VPN and Remote Access VPN TRUNK Management 3 Set one group of VPN TRUNK backup profile by choosing Enable radio button type a name for such profile choose one of the LAN to LAN profiles from Member1 drop down list choose one of the LAN to LAN pro...

Page 123: ...al out Tool and clicking Dial button General Mode This filed displays the profile configured in LAN to LAN with Index number and VPN Server IP address The VPN connection built by General Mode does not support VPN backup function Backup Mode This filed displays the profile name saved in VPN TRUNK Management with Index number and VPN Server IP address The VPN connection built by Backup Mode supports...

Page 124: ...e 118 Refresh Seconds Choose the time for refresh the dial information among 5 10 and 30 Refresh Click this button to refresh the whole connection status Note The status of LAN to LAN for ISDN is shown on the page of Online Status ...

Page 125: ...9 Any entity wants to utilize digital certificates should first request a certificate issued by a CA server It should also retrieve certificates of other trusted CA servers so it can authenticate the peer with certificates issued by those trusted CA servers Here you can manage generate and manage the local digital certificates and set trusted CA certificates Remember to adjust the time of Vigor ro...

Page 126: ... Import Click this button to import a saved file as the certification information Refresh Click this button to refresh the information listed below View Click this button to view the detailed settings for certificate request After clicking Generate the generated information will be displayed on the window below ...

Page 127: ...ick IMPORT to open the following window Use Browse to find out the saved text file Then click Import The one you imported will be listed on the Trusted CA Certificate window Then click Import to use the pre saved file For viewing each trusted CA certificate click View to open the certificate detail information window If you want to delete a CA certificate choose the one and click Delete to remove ...

Page 128: ...u up p Local certificate and Trusted CA certificate for this router can be saved within one file Please click Backup on the following screen to save them If you want to set encryption password for these certificates please type characters in both fields of Encrypt password and Retype password ...

Page 129: ...eer to peer direct calling and also calling via a SIP proxy server a role similar to the gatekeeper in H 323 networks while the MGCP protocol uses client server architecture the calling scenario being very similar to the current PSTN network After a call is setup the voice streams transmit via RTP Real Time Transport Protocol Different codecs methods to compress and encode the voice can be embedde...

Page 130: ... the required inbound and outbound bandwidth that is prioritized exclusively for Voice traffic over Internet but you just get your data a little slower and it is tolerable for data traffic 3 3 1 10 0 1 1 D Di ia al lP Pl la an n This page allows you to set phone book and digit map for the VoIP function Click the Phone Book and Digit Map links on the page to access into next pages for dialplan sett...

Page 131: ...s entry Phone Number The speed dial number of this index This can be any number you choose using digits 0 9 and Display Name The Caller ID that you want to be displayed on your friend s screen This let your friend can easily know who s calling without memorizing lots of SIP URL Address SIP URL Enter your friend s SIP Address ...

Page 132: ...ing lots of SIP URL Address SIP URL Enter your friend s SIP Address Loop through For the model of Vigor 2910VGi the selection should be as the following Backup Phone Number When the VoIP phone is obstructs or the Internet breaks down for some reasons the backup phone will be dialed out to replace the VoIP phone number At this time the phone call will be changed from VoIP phone into PSTN call accor...

Page 133: ... added with the prefix number for calling out through the specific VoIP interface Strip When you choose this mode the OP number will be deleted by the prefix number for calling out through the specific VoIP interface Take the above picture Prefix Table Setup web page as an example the OP number of 886 will be deleted completely for the prefix number is set with 886 Replace When you choose this mod...

Page 134: ...you want to enable the prefix number settings from the saved SIP accounts Please set up one SIP account first to make this interface available 3 3 1 10 0 2 2 S SI IP P A Ac cc co ou un nt ts s In this section you set up your own SIP settings When you apply for an account your SIP service provider will give you an Account Name or user name SIP Registrar Proxy and Domain name The last three might be...

Page 135: ... useful for a Nortel server NAT Traversal Support Status Show the status for the corresponding SIP account R means such account is registered on SIP server successfully means the account is failed to register on SIP server Profile Name Assign a name for this profile for identifying You can type similar name with the domain For example if the domain name is draytel org then you might set draytel 1 ...

Page 136: ...or number used for SIP Authorization with SIP Registrar If this setting value is the same as Account Name it is not necessary for you to check the box and set any value in this field Password The password provided to you when you registered with a SIP service Expiry Time The time duration that your SIP Registrar server keeps your registration record Before the time expires the router will send ano...

Page 137: ...10 0 3 3 P Ph ho on ne e S Se et tt ti in ng gs s This page allows user to set phone settings for VoIP 1 and VoIP 2 respectively Phone List Port There are three phone ports provided here for you to configure Call feature A brief description for call feature will be shown in this field for your reference Codec The default Codec setting for each port will be ...

Page 138: ... RTP Symmetric RTP Check this box to invoke the function To make the data transmission going through on both ends of local router and remote router not misleading due to IP lost for example sending data from the public IP of remote router to the private IP of local router you can check this box to solve this problem Dynamic RTP port start Specifies the start port for RTP stream The default value i...

Page 139: ... Busy means the incoming calls will be forwarded into SIP URL only when the local system is busy No answer means if the incoming calls do not receive any response they will be forwarded to the SIP URL by the time out SIP URL Type in the SIP URL e g aaa draytel org or abc iptel org as the site for call forwarded Time Out Set the time out for the call forwarding The default setting is 30 sec DND Do ...

Page 140: ...ream speed is only 64Kbps do not use G 711 codec It is better for you to have at least 256Kbps upstream if you would like to use G 711 Single Codec If the box is checked only the selected Codec will be applied Packet Size The amount of data contained in a single packet The default value is 20 ms which means the data packet will contain 20 ms voice information Voice Active Detector This function ca...

Page 141: ...Wrong tone settings might cause inconvenience for users To set the sound pattern of the phone set simply choose a proper region to let the system find out the preset tone settings and caller ID type automatically Or you can adjust tone settings manually if you choose User Defined TOn1 TOff1 TOn2 and TOff2 mean the cadence of the tone pattern TOn1 and TOn2 represent sound on TOff1 and TOff2 represe...

Page 142: ...ting is used to adjust the loudness of the dial tone The smaller the number is the louder the dial tone is It is recommended for you to use the default setting Ring Frequency This setting is used to drive the frequency of the ring tone It is recommended for you to use the default setting DTMF InBand Choose this one then the Vigor will send the DTMF tone as audio directly when you press the keypad ...

Page 143: ...the box to enable the function In the limited time that you set in this field if there is no response the connecting call will be closed automatically ISDN Loop Through Ring Port Click the radio button to specify which port will ring if MSN mapping ring port configured in ISDN General Setup is not set properly Broadcast call Both FXS1 and FXS2 will ring FXS 1 Such port will ring FXS 2 Such port wi...

Page 144: ...ide caller ID Check this box to hide the caller ID on the display panel of the phone set Prefer Codec Select one of five codecs as the default for your VoIP calls The codec used for each call will be negotiated with the peer party before each session and so may not be your default choice The default codec is G 729A B it occupies little bandwidth while maintaining good voice quality If your upstrea...

Page 145: ...dition you can press the Advanced button to configure tone settings volume gain MISC and DTMF mode Advanced setting is provided for fitting the telecommunication custom for the local area of the router installed Wrong tone settings might cause inconvenience for users To set the sound pattern of the phone set simply choose a proper region to let the system find out the preset tone settings and call...

Page 146: ...l The figure that you can type in this field is limited from three to eight with digits from zero to nine Check for VoIP to ISDN Calls Set a pin code for the router to authenticate which one is allowed to dial VoIP to ISDN call The figure that you can type in this field is limited from three to eight with digits from zero to nine DTMP DTMF mode There are four selections provided here InBand Choose...

Page 147: ...n this field is limited one to eleven with digits from zero to nine 3 3 1 10 0 4 4 S St ta at tu us s On VoIP call status you can find codec connection and other important call status for VoIP 1 2 ports Refresh Seconds Specify the interval of refresh time to obtain the latest VoIP calling information The information will update immediately when the Refresh button is clicked Port It shows current c...

Page 148: ... represented as seconds Tx Pkts Total number of transmitted voice packets during this connection session Rx Pkts Total number of received voice packets during this connection session Rx Losts Total number of lost packets during this connection session Rx Jitter The jitter of received voice packets In Calls The accumulating in call times Out Calls The accumulating out call times Speaker Gain The vo...

Page 149: ...the router is able to accept only number matched incoming calls In addition MSN services should be supported by local ISDN network provider The router provides three fields for MSN numbers Note that MSN services must be acquired from your local telecommunication operators By default MSN function is disabled If you leave the fields blank all incoming calls will be accepted without number matching M...

Page 150: ... Use both ISDN B channels for Internet access Dialup BOD BOD stands for bandwidth on demand The router will use only one B channel in low traffic situations Once the single B channel bandwidth is fully used the other B channel will be activated automatically through the dialup For more detailed BOD parameter settings please refer to the Advanced Setup field Call Control and PPP MP Setup PPP Authen...

Page 151: ...he descriptions of the previous part 3 3 1 11 1 4 4 V Vi ir rt tu ua al l T TA A Virtual TA means the local hosts or PCs in the network that uses popular CAPI based software such as RVS COM or BVRP to access the router as a local ISDN TA for sending or receiving FAX messages over the ISDN line Basically it is a client server network model The built in Virtual TA server handles the establishment an...

Page 152: ...r of active clients is also 2 z Before you configure the Virtual TA you must set the correct country code in ISDN Setup Virtual TA Server Enable Select it to activate the server Disable Select it to deactivate the server All Virtual TA applications will be terminated Virtual TA User Profiles Username Enter the username of a specific client Password Enter the password of a specific client MSN 1 2 3...

Page 153: ...u ur re e a a V Vi ir rt tu ua al l T TA A C Cl li ie en nt t S Se er rv ve er r Since the Virtual TA application is a client server network model you must configure it on both ends to run properly your Virtual TA application By default the Virtual TA server is enabled and the Username Password fields are left blank Any Virtual TA client may login to the server Once a single Username Password fiel...

Page 154: ...an assign which client has the specified MSN number When an incoming call arrives the server will inform the appropriate client Now we set an example to describe the configuration of the MSN number Suppose that you could assign the MSN number 123 to the client alan Type the specified MSN number in the CAPI based software When the Virtual TA server sends an alert signal to the specified Virtual TA ...

Page 155: ... the dial retry counts per triggered packet A triggered packet is the packet whose destination is outside the local network The default setting is no dial retry If set to 5 for each triggered packet the router will dial 5 times until it is connected to the ISP or remote access router Dial Delay Interval It specifies the interval between dialup retries By default the interval is 0 second Remote Act...

Page 156: ...e the parameters here to decide on when you activate drop the additional B channel Note that cps characters per second measures the total link utilization These parameters specify the situation in which the second channel will be activated With the first connected channel if its utilization exceeds the High Water Mark and such a channel is being used over the High Water Time the additional channel...

Page 157: ...liant with the standard IEEE 802 11g protocol To boost its performance further the Vigor Router is also loaded with advanced wireless technology Super G TM to lift up data rate up to 108 Mbps Hence you can finally smoothly enjoy stream music and video Note The actual data throughput will vary according to the network conditions and environmental factors including volume of network traffic network ...

Page 158: ...WPA Personal a pre defined key is used for encryption during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according...

Page 159: ...other To elaborate an example for business use you may set up a wireless LAN for visitors only so they can connect to Internet without hassle of the confidential information leakage For a more flexible deployment you may add filters of MAC addresses to isolate users access from wired LAN Manage Wireless Stations Station List will display all the station in your wireless network and the status of t...

Page 160: ...th IEEE802 11b and IEEE802 11g protocols simultaneously SuperG The radio only supports SuperG 11g only The radio only supports IEEE802 11g 11b only The radio only supports IEEE802 11b Index 1 15 Set the wireless LAN to work at certain time interval only You may choose up to 4 schedules out of the 15 schedules pre defined in Applications Schedule setup The default setting of this filed is blank and...

Page 161: ...e information except SSID or just cannot see any thing about Vigor wireless router while site surveying Long Preamble This option is to define the length of the sync field in an 802 11 packet Most modern wireless network uses short preamble with 56 bit sync filed instead of long preamble with 128 bit sync field However some original 11b wireless network devices only support long preamble Check it ...

Page 162: ...ield of key setting below will be not available for input WEP or WPA PSK Accepts WEP and WPA clients with legal key accordingly Only Mixed WPA WPA2 is applicable if you select WPA PSK WEP 802 1x or WPA 802 1x Accept WEP or WPA clients with 802 1x authentication Only Mixed WPA WPA2 is applicable if you select WPA PSK Since the key will be auto negotiated during authentication the field of key setti...

Page 163: ...ey PSK Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde WEP 64 Bit For 64 bits WEP key either 5 ASCII characters such as 12345 or 10 hexadecimal digitals leading by 0x such as 0x4142434445 128 Bit For 128 bits WEP key either 13 ASCII characters such as ABCDEFGHIJKLM or 26 hexadecimal digits leading by 0x such as 0x4142434445464748494A4B4C4...

Page 164: ...he MAC Address access control feature Policy Select to enable any one of the following policy Choose Activate MAC address filter to type in the MAC addresses for other clients in the network manually Choose Isolate WLAN from LAN will separate all the WLAN stations from LAN based on the MAC Address list MAC Address Filter Display all MAC addresses that are edited before Four buttons Add Remove Clie...

Page 165: ...age range of a WLAN To meet the above requirement two WDS modes are implemented in Vigor router One is Bridge the other is Repeater Below shows the function of WDS bridge interface The application for the WDS Repeater mode is depicted as below The major difference between these two modes is that while in Repeater mode the packets received from one peer AP can be repeated to another peer AP through...

Page 166: ...nks However hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2 Click WDS from Wireless LAN menu The following page will be shown Mode Choose the mode for WDS setting Disable mode will not invoke any WDS setting Bridge mode is designed to fulfill the first type of application Repeater mode is for the second one ...

Page 167: ...rmance If you want to invoke the peer MAC address remember to check Enable box in the front of the MAC address after typing Repeater If you choose Repeater as the connecting mode please type in the peer MAC address in these fields Two peer MAC addresses are allowed to be entered in this page at one time Similarly if you want to invoke the peer MAC address remember to check Enable box in the front ...

Page 168: ... 3 3 1 12 2 7 7 S St ta at ti io on n L Li is st t Station List provides the knowledge of connecting wireless clients now along with its status code There is a code summary below for explanation For convenient Access Control you can select a WLAN station and click Add to Access Control below Refresh Click this button to refresh the status of station list Add Click this button to add current select...

Page 169: ... you a very convenient way to manage hosts by grouping them based on the physical port 3 3 1 13 3 1 1 W Wi ir re ed d V VL LA AN N PCs connected to Ethernet ports of the router can be divided into different groups and formed VLAN PCs under the same groups can share each other information through the router and will not be peeked by other groups The VLAN Wired VALN allows you to configure VLAN sett...

Page 170: ... LAN Note If WAN2 interface has been enabled the P1 boxes will serve as WAN interface and cannot be checked as shown in the following diagram 3 3 1 13 3 2 2 W Wi ir re el le es ss s V VL LA AN N PCs equipped with wireless network cards connected to the router through wireless interface can be divided into different groups and formed W_VLAN PCs under the same groups can share each other information...

Page 171: ...tention Simply type Login ID and password with City and 1234 in the boxes of W_VLAN0 And type Login ID and password with Home and 7890 in the boxes of W_VLAN1 Users can configure fifteen groups of wireless VLAN in this page Enable Check this box to invoke wireless VLAN function Login ID Type Login ID for different groups of W_VLAN with 1 to 11 characters ...

Page 172: ...x to isolate all the members in this VLAN group and not allow the information sharing among them Disable broadcast and multicast traffic Check this box to prevent broadcast and multicast traffic forwarding to all W_VLAN H Ho ow w c ca an n y yo ou u w wi ir re el le es ss s c cl li ie en nt t a ac cc ce es ss s i in nt to o I In nt te er rn ne et t After finishing the configuration of wireless VLA...

Page 173: ...ssing is successful the following screen will appear Note The floating window with connection time will be shown on the screen till you logout 5 You can go to Diagnostics Wireless VLAN Online Station for viewing the connection status whenever you want ...

Page 174: ...t computers notebooks See the following picture for an example With VLAN Cross Setup notebook A B and PCs on VLAN0 can share resources without difficulty The VLAN VALN Cross Setup allows you to set a communication bridge between computers in Wireless VLAN and wired VLAN To achieve the intention of the above illustration simply check the box under VLAN0 on the line of W_VLAN0 ...

Page 175: ...he following page will appear Click Enable to invoke VLAN function For the rate control of wireless connection please open VLAN menu and choose Wireless Rate Control The following page will be shown for you to adjust Enable Check this box to enable this function for Rate Control The rate control will limit the transmission rate for upload and download Upload Rate It decides the rate of data transm...

Page 176: ...s s The System Status provides basic network settings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation Model Name Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware...

Page 177: ...ps to provide availability of some features that are bound with some WLAN miniPCi card 3 3 1 14 4 2 2 T TR R 0 06 69 9 S Se et tt ti in ng g Vigor router with TR 069 is available for matching with VigorACS server Such page provides VigorACS and CPE settings under TR 069 protocol All the settings configured here is for CPE to be controlled and managed with VigorACS server Users need to type URL use...

Page 178: ...odically with the time set in the box of interval time 3 3 1 14 4 3 3 A Ad dm mi in ni is st tr ra at to or r P Pa as ss sw wo or rd d This page allows you to set new password Old Password Type in the old password The factory default setting for password is blank New Password Type in new password in this filed Confirm New Password Type in the new password again When you click OK the login window w...

Page 179: ...e it another name by yourself 4 Click Save button the configuration will download automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating examples The Mac or Linux platform will appear different windows but the backup function is still available Note Backup for Certification must be done independently The Configuration Backup does not...

Page 180: ...and wait for few seconds the following picture will tell you that the restoration procedure is successful 3 3 1 14 4 5 5 S Sy ys sl lo og g M Ma ai il l A Al le er rt t SysLog function is provided for users to monitor router There is no bother to directly get into the Web Configurator of the router or borrow debug equipments Enable Click Enable to activate this function Router Name Assign a name f...

Page 181: ... e mail application User Name Type the user name for authentication Password Type the password for authentication Click OK to save these settings For viewing the Syslog please do the following 1 Just set your monitor PC s IP address in the field of Server IP Address 2 Install the Router Tools in the Utility within provided CD After installation click on the Router Tools Syslog from program menu 3 ...

Page 182: ... remote administrator PC host as router s system time Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Time Protocol Select a time protocol Server IP Address Type the IP address of the time server Time Zone Select the time zone where the router is located Enable Daylight Saving Such function is useful for some area Automatically Update I...

Page 183: ... the box es to specify Disable PING from the Internet Check the checkbox to reject all PING packets from the Internet For security issue this function is enabled by default Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed List IP Indicate an IP address allowed to login to th...

Page 184: ... IP address of the host that will receive the trap community Trap Timeout The default setting is 10 seconds 3 3 1 14 4 8 8 R Re eb bo oo ot t S Sy ys st te em m The Web Configurator may be used to restart your router Click Reboot System from System Maintenance to open the following page If you want to reboot the router using the current configuration check Using current configuration and click OK ...

Page 185: ...g an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Click OK The following screen will appear Please execute the firmware upgr...

Page 186: ...iagnostics 3 3 1 15 5 1 1 D Di ia al l o ou ut t T Tr ri ig gg ge er r Click Diagnostics and click Dial out Trigger to open the web page The internet connection e g ISDN PPPoE PPPoA etc is triggered by a package sending from the source IP address Decoded Format It shows the source IP address local destination IP remote address the protocol and length of the package Refresh Click it to reload the p...

Page 187: ... reload the page 3 3 1 15 5 3 3 A AR RP P C Ca ac ch he e T Ta ab bl le e Click Diagnostics and click ARP Cache Table to view the content of the ARP Address Resolution Protocol cache held in the router The table shows a mapping between an Ethernet hardware address MAC Address and an IP address Refresh Click it to reload the page Clear Click it to clear the whole table ...

Page 188: ...s assigned by this router for specified PC MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it Leased Time It displays the leased time of the specified PC HOST ID It displays the host ID name of the specified PC Refresh Click it to reload the page 3 3 1 15 5 5 5 N NA AT T S Se es ss si io on ns s T Ta ab bl le e Click Diagnostics and click NAT Sessions...

Page 189: ...address of the wireless station MAC Address Display the MAC address of the wireless station Login ID Display the login ID that the wireless station belongs to 3 3 1 15 5 7 7 D Da at ta a F Fl lo ow w M Mo on ni it to or r This page displays the running procedure for the IP address monitored and refreshes the data in an interval of several seconds The IP address listed here is configured in Bandwid...

Page 190: ...his page manually Index Display the number of the data flow IP Address Display the IP address of the monitored device TX rate kbps Display the transmission speed of the monitored device RX rate kbps Display the receiving speed of the monitored device Sessions Display the session number that you specified in Limit Session web page Action Block can prevent specified PC accessing into Internet within...

Page 191: ...andwidth or Sessions for viewing different traffic graph Click Refresh to renew the graph at any time The horizontal axis represents time Yet the vertical axis has different meanings For WAN1 WAN2 Bandwidth chart the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past For Sessions chart the numbers displayed on vertical axis represent the nu...

Page 192: ...e the destination that you would like to ping IP Address Type in the IP address of the Host IP that you want to ping Run Click this button to start the ping work The result will be displayed on the screen Clear Click this link to remove the result on the window 3 3 1 15 5 1 10 0 T Tr ra ac ce e R Ro ou ut te e Click Diagnostics and click Trace Route to open the web page This page allows you to tra...

Page 193: ...e the WAN interface that you want to ping through or choose Unspecified to be determined by the router automatically Host IP Address It indicates the IP address of the host Run Click this button to start route tracing work Clear Click this link to remove the result on the window ...

Page 194: ...Vigor2910 Series User s Guide 188 This page is left blank ...

Page 195: ...ch as the remote branch office and headquarter According to the network structure as shown in the below illustration you may follow the steps to create a LAN to LAN profile These two networks LANs should NOT have the same network address Settings in Router A in headquarter 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then For usi...

Page 196: ...ttings as shown below You should enable both of VPN connections because any one of the parties may start the VPN connection 5 Set Dial Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial O...

Page 197: ...w to allow Router B dial in to build VPN connection If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above If a PPP based service is selected you should further specify the remote peer IP Address Username Passwor...

Page 198: ...gs in Router B in the remote office 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then for using PPP based services such as PPTP L2TP you have to set general settings in PPP General Setup For using IPSec based service such as IPSec or L2TP with IPSec Policy you have to set general settings in IPSec General Setup such as the pre sh...

Page 199: ...f the parties may start the VPN connection 5 Set Dial Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial Out connection If a PPP based service is selected you should further specify the r...

Page 200: ... connection If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above If a PPP based service is selected you should further specify the remote peer IP Address Username Password and VJ Compression for this Dial In co...

Page 201: ...r2910 Series User s Guide 195 7 At last set the remote network IP subnet in TCP IP Network Settings so that Router B can direct the packets destined to the remote network to Router A via the VPN connection ...

Page 202: ...e as shown in the below illustration you may follow the steps to create a Remote User Profile and install Smart VPN Client on the remote host Settings in VPN Router in the enterprise office 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then for using PPP based services such as PPTP L2TP you have to set general settings in PPP Gene...

Page 203: ...tion If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above If a PPP based service is selected you should further specify the remote peer IP Address Username Password and VJ Compression for this Dial In connectio...

Page 204: ... complimentary software to help you create PPTP L2TP and L2TP over IPSec tunnel You can find it in CD ROM in the package or go to www draytek com download center Install as instructed 2 After successful installation for the first time user you should click on the Step 0 Configure button Reboot the host 3 In Step 2 Connect to VPN Server click Insert button to add a new entry If an IPSec based servi...

Page 205: ...P based service is selected you should further specify the remote VPN server IP address Username Password and encryption method The User Name and Password should be consistent with the one set up in the VPN router To use default gateway on remote network means that all the packets of remote host will be directed to VPN server then forwarded to Internet This will make the remote host seem to be wor...

Page 206: ...e of children When working time he would use Vigor router at home to connect to the server in the headquater office downtown via either HTTPS or VPN to check email and access internal database Meanwhile children may chat on VoIP or Skype in the restroom 1 Make sure the QoS Control on the left corner is checked And select BOTH in Direction 2 Enter the Name of Index Class 1 by clicking Edit link In ...

Page 207: ...traffic of VoIP influent other application 5 If the worker has connected to the headquater using host to host VPN tunnel Please refer to Chapter 3 VPN for detail instruction he may set up an index for it Enter the Class Name of Index 3 In this index he will set reserve bandwidth for 1 VPN tunnel 6 Click edit to open a new window First check the ACT box Then click SrcEdit to set a worker s subnet a...

Page 208: ...ivate IP address Subnet Mask is 192 168 1 1 255 255 255 0 The built in DHCP server is enabled so it assigns every local NATed host an IP address of 192 168 1 x starting from 192 168 1 10 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage To use another DHCP server in the network rather than the built in one of Vigor Router you have to change the setting...

Page 209: ...Vigor2910 Series User s Guide 203 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage ...

Page 210: ...org Proxy draytel org Act as outbound proxy unhecked Display Name John Account Number Name 1234 Authentication ID unchecked Password Expiry Time use default value CODEC RTP DTMF Use default value John calls David He picks up the phone and dials 1111 DialPlan Phone Number for David Settings for David DialPlan index 1 Phone Number 2222 Display Name John SIP URL 1234 draytel org SIP Accounts Settings...

Page 211: ...use default value CODEC RTP DTMF Use default value John calls David He picks up the phone and dials 1111 DialPlan Phone Number for David Or He picks up the phone and dials 4321 David s Account Name Settings for David DialPlan index 1 Phone Number 2222 Display Name John SIP URL 1234 draytel org SIP Accounts Settings Profile Name John Register via Auto SIP Port 5060 default Domain Realm draytel org ...

Page 212: ...main Realm blank Proxy blank Act as outbound proxy unchecked Display Name Arnor Account Name 1234 Authentication ID unchecked Password blank Expiry Time use default value CODEC RTP DTMF Use default value Arnor calls Paulin He picks up the phone and dials 1111 DialPlan Phone Number for Arnor Settings for Paulin DialPlan index 1 Phone Number 2222 Display Name Arnor SIP URL 1234 214 61 172 53 SIP Acc...

Page 213: ...y click Install Now under Syslog description to install the corresponding program 4 The file RTSxxx exe will be asked to copy onto your computer Remember the place of storing the execution file 5 Go to www draytek com to find out the newly update firmware for your router 6 Access into Support Center Downloads Find out the model name of the router and click the firmware link The Tools of Vigor rout...

Page 214: ...n Programs and choose Router Tools XXX Firmware Upgrade Utility 12 Type in your router IP usually 192 168 1 1 13 Click the button to the right side of Firmware file typing box Locate the files that you download from the company web sites You will find out two files with different extension names xxxx all keep the old custom settings and xxxx rst reset all the custom settings to default settings Ch...

Page 215: ...uide 209 14 Click Send 15 Now the firmware update is finished 4 4 7 7 R Re eq qu ue es st t a a c ce er rt ti if fi ic ca at te e f fr ro om m a a C CA A s se er rv ve er r o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r ...

Page 216: ...te Management and choose Local Certificate 2 You can click GENERATE button to start to edit a certificate request Enter the information in the certificate request 3 Copy and save the X509 Local Certificate Requet as a text file and save it for later use ...

Page 217: ...take a Windows 2000 CA server for example Select Request a Certificate Select Advanced request Select Submit a certificate request a base64 encoded PKCS 10 file or a renewal request using a base64 encoded PKCS 7 file Import the X509 Local Certificate Requet text file Select Router Offline request or IPSec Offline request below ...

Page 218: ...ate Now you should get a certificate cer file and save it 5 Back to Vigor router go to Local Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router When finished click refresh and you will find the below window showing BEGINE CERTIFICATE 6 You may review the detail information of the certificate by clicking View button ...

Page 219: ... ti if fi ic ca at te e a an nd d S Se et t a as s T Tr ru us st te ed d o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r 1 Use web browser connecting to the CA server that you would like to retrieve its CA certificate Click Retrive the CA certificate or certificate recoring list ...

Page 220: ...ed CA Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router When finished click refresh and you will find the below illustration 4 You may review the detail information of the certificate by clicking View button Note Before setting certificate configuration please go to System Maintenance Time and Date to reset current time of the router first ...

Page 221: ...in the field of Profile Name 3 Click Edit Disable VPN TRUNK profile s 1 Click any one of the items from Backup profile list 2 Click Disable as current status 3 Click Edit 4 The selected profile will be disabled 5 To check if the profile has been disabled or not open LAN to LAN The name with red color means it has joined VPN TRUNK profile the name with black color means it does not join VPN TRUNK p...

Page 222: ...ures Dial in call direction and Idle Timeout will be dimmish and cannot be used All the items in Allowed Dial in Type will be dimmish and cannot be used My WAN IP and Remote Gateway IP will be dimmish and cannot be used In addition after configuring VPN TRUNK profile s the Connection Management in VPN and Remote Access will be changed Before adding a new VPN TRUNK profile the webpage will be shown...

Page 223: ...les for VPN TRUNK Backup Profile Here provides two situations that you can take advantages of VPN TRUNK backup profile mechanism Example 1 A VPN TRUNK profile with member 1 IPSec type and Member 2 L2TP over IPSec has been created for Router A for connecting with Router B In general Router A connects to Router B through Member 1 VPN tunnel with IPSec type ...

Page 224: ...rmation to headquarter in Europe The Vigor router can build another backup VPN tunnel to subsidiary in America through LAN to LAN and the VPN server in the subsidiary in American can build Routing RIP When the VPN tunnel is off line the subsidiary in Asia can send the data that should be transmit to headerquarter in Europe to the subsidiary in America then the subsidiary in America transmit the da...

Page 225: ...k backup The available commands will be shown as the following figure 1 To inquire current ERD setting vpn Trunk backup ERD VpnBackup name of Trunk profile 2 None Mode Default Setting Such mode makes all of the dial out VPN TRUNK backup profiles being activated alternately Request Background Some of users think if VPN tunnel connected again it is Environment Recovery Detection For such users use N...

Page 226: ...oDrop might cause unstable condition for data transmitting To solve the problem you can set value for second to specify valid time for sending data out When set value for second with 0 VPN tunnel that does not join Member1 will try to connect with VPN server of Member1 for every six seconds Once the connection is successful current transmitting data mail video conference or other will be dropped i...

Page 227: ...I If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable connections Refer to 2 1 Hardware Installation for details 2 Turn on the router Make sure the ACT LED blink once per second and the correspondent LAN LED is bright 3 If not it means that there is something wrong w...

Page 228: ...o the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Go to Control Panel and then double click on Network Connections 2 Right click on Local Area Connection and click on Properties 3 Select Internet Protocol TCP IP and then click Properties ...

Page 229: ...matically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 230: ...e router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter It the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address settin...

Page 231: ...Vigor2910 Series User s Guide 225 ...

Page 232: ...ngs are set correctly F Fo or r P PP PP Po oE E U Us se er rs s 1 Check if the Enable option is selected 2 Check if Username and Password are entered with correct values that you got from your ISP F Fo or r S St ta at ti ic c D Dy yn na am mi ic c I IP P U Us se er rs s 1 Check if the Enable option is selected 2 Check if IP address Subnet Mask and Gateway are entered with correct values that you g...

Page 233: ...tion of USB Modem is successful If the USB LED does not light on please remove and reinsert the modem again If it still fails restart Vigor2910 U US SB B L LE ED D l li ig gh ht ts s o on n b bu ut t t th he e n ne et tw wo or rk k c co on nn ne ec ct ti io on n d do oe es s n no ot t w wo or rk k Check the PIN Code of SIM card is disabled or not Please use the utility of 3G USB Modem to disable P...

Page 234: ...to or ry y D De ef fa au ul lt t S Se et tt ti in ng g I If f N Ne ec ce es ss sa ar ry y Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by software or hardware Warning After pressing factory default setting you will loose all settings you did before Make sure you have recorded all useful settings before you pressing The password of factor...

Page 235: ... Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request 5 5 7 7 C Co on nt ta ac ct ti in ng g Y Yo ou ur r D De ea al le er r If the router still cannot work correctly after trying many efforts please contact your dealer for further help right away For any questions plea...

Reviews:

No comments

Related manuals for Vigor 2910

Fresh 'N Rebel 3AHP200 v1 003 Manual preview
3AHP200 v1 003
Brand: Fresh 'N Rebel Pages: 10
KoamTac KBD401 User Manual preview
KBD401
Brand: KoamTac Pages: 11
Westfalia 86 13 14 Instruction Manual preview
86 13 14
Brand: Westfalia Pages: 10
APM ALINE-5801A+G Specification Sheet preview
ALINE-5801A+G
Brand: APM Pages: 2
Cambium Networks XV3-8 Hardware Installation Manual preview
XV3-8
Brand: Cambium Networks Pages: 24
SMC Networks Barricade SMCWBR14T-G User Manual preview
Barricade SMCWBR14T-G
Brand: SMC Networks Pages: 132
Ruijie RG-AP740-I Series Hardware Installation And Reference Manual preview
RG-AP740-I Series
Brand: Ruijie Pages: 31
Caimore CM520-8AE User Manual preview
CM520-8AE
Brand: Caimore Pages: 83
Linksys ATLAS MAX User Manual preview
ATLAS MAX
Brand: Linksys Pages: 34
Magnum M9-AP3 Quick Start Manual preview
M9-AP3
Brand: Magnum Pages: 2
Siemens SpeedStream 2624 Quick Start Manual preview
SpeedStream 2624
Brand: Siemens Pages: 2
Siemens MC35T Installation & Maintenance preview
MC35T
Brand: Siemens Pages: 6
Siemens SLI-5300-I Quick Start Manual preview
SLI-5300-I
Brand: Siemens Pages: 28
Siemens GIGASET SE681 WIMAX User Manual preview
GIGASET SE681 WIMAX
Brand: Siemens Pages: 72
Siemens Gigaset SX682 WiMAX User Manual preview
Gigaset SX682 WiMAX
Brand: Siemens Pages: 74
Siemens SCALANCE W748-1 Operating Instructions Manual preview
SCALANCE W748-1
Brand: Siemens Pages: 68
Siemens SCALANCE W786-x Operating Instructions Manual preview
SCALANCE W786-x
Brand: Siemens Pages: 68
Siemens SpeedStream SS2524 Owner'S Manual preview
SpeedStream SS2524
Brand: Siemens Pages: 90

Brands by name

Popular brands

Load more brands