manualshive.com logo in svg

Draytek Vigor2710 Series, User Manual

The Draytek Vigor2710 Series is a versatile and reliable networking solution that ensures seamless internet connectivity. To get started, download the free Quick Start Manual from our website, ensuring a hassle-free setup and optimal performance. Discover all the features and functionalities provided by this exceptional product.

Share
Download
background image

 

Vigor2710 Series User’s Guide

 

i

Summary of Contents for Vigor2710 Series

Page 1: ...Vigor2710 Series User s Guide i ...

Page 2: ...Vigor2710 Series User s Guide ii ...

Page 3: ...Vigor2710 Series User s Guide iii Vigor2710 Series ADSL2 2 Firewall Router User s Guide Version 2 1 Firmware Version V3 3 6 Date 10 03 2011 ...

Page 4: ...ions on conservation of the environment Warranty We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the prod...

Page 5: ...ate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encou...

Page 6: ...Vigor2710 Series User s Guide vi ...

Page 7: ...2 2 Accessing Web Page 17 2 3 Changing Password 18 2 4 Quick Start Wizard 20 2 4 1 Adjusting Protocol Encapsulation 20 2 4 2 PPPoE PPPoA 21 2 4 3 1483 Bridged IP 23 2 4 4 1483 Routed IP 24 2 5 Service Activation Wizard 25 2 6 Online Status 28 2 6 1 Physical Connection 28 2 6 2 Virtual WAN 29 2 7 Saving Configuration 30 3 UserModeOperation 31 3 1 Internet Access 31 3 1 1 Basics of Internet Protocol...

Page 8: ...tatus 93 3 8 System Maintenance 94 3 8 1 System Status 94 3 8 2 User Password 96 3 8 3 Time and Date 96 3 8 4 Reboot System 97 3 9 Diagnostics 97 3 9 1 DHCP Table 97 3 9 2 Ping Diagnosis 98 3 9 3 Trace Route 99 3 10 Product Registration 99 4 AdminModeOperation 101 4 1 Internet Access 101 4 1 1 Basics of Internet Protocol IP Network 101 4 1 2 PPPoE PPPoA 102 4 1 3 Multi PVCs 111 4 2 LAN 117 4 2 1 B...

Page 9: ...4 8 Applications 183 4 8 1 Dynamic DNS 183 4 8 2 Schedule 185 4 8 3 RADIUS 187 4 8 4 UPnP 188 4 8 5 IGMP 190 4 8 6 Wake on LAN 191 4 9 VPN and Remote Access 192 4 9 1 Remote Access Control 192 4 9 2 PPP General Setup 192 4 9 3 IPSec General Setup 193 4 9 4 IPSec Peer Identity 195 4 9 5 Remote Dial in User 197 4 9 6 LAN to LAN 200 4 9 7 Connection Management 207 4 10 Certificate Management 208 4 10...

Page 10: ...8 4 15 3 ARP Cache Table 278 4 15 4 DHCP Table 279 4 15 5 NAT Sessions Table 279 4 15 6 Data Flow Monitor 280 4 15 7 Traffic Graph 281 4 15 8 Ping Diagnosis 283 4 15 9 Trace Route 284 4 16 Product Registration 284 5 Application and Examples 285 5 1 Create a LAN to LAN Connection Between Remote Office and Headquarter 285 5 2 Create a Remote Dial in User Connection Between the Teleworker and Headqua...

Page 11: ...atus Is OK or Not 317 6 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 318 6 3 Pinging the Router from Your Computer 320 6 4 Checking If the ISP Settings are OK or Not 321 6 5 Backing to Factory Default Setting If Necessary 322 6 6 Contacting Your Dealer 323 ...

Page 12: ......

Page 13: ...le can be reduced In addition Vigor2710 series supports USB interface for connecting USB printer to share printer or USB storage device for sharing files Vigor2710 series provides two level management to simplify the configuration of network connection The user operation allows user accessing into WEB interface via simple configuration However if users want to have advanced configurations they can...

Page 14: ...ccess Internet through DSL link DSL Blinking Slowly The modem is ready Quickly The connection is training On The port is connected Off The port is disconnected LAN 1 2 3 4 Blinking The data is transmitting On A USB device is connected and active USB Blinking The data is transmitting VPN On The VPN tunnel is active QoS On The QoS function is active On The DoS DDoS function is active DoS Blinking It...

Page 15: ...gs Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration PWR Connecter for a power adapter ON OFF Power Switch ...

Page 16: ...VPN On The VPN tunnel is active QoS On The QoS function is active On The DoS DDoS function is active DoS Blinking It will blink while detecting an attack On The WPS is on Off The WPS is off WPS Blinking Waiting for wireless client sending requests for connection about two minutes On Press this button for 2 seconds to wait for client device making network connection through WPS When the LED lights ...

Page 17: ...gs Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration PWR Connecter for a power adapter ON OFF Power Switch ...

Page 18: ...to this port is on hook Phone1 Phone2 Blinking A phone call comes On A PSTN phone call comes in and out However when the phone call is disconnected the LED will be off about six seconds later Line Off There is no PSTN phone call On The WPS is on Off The WPS is off WPS Blinking Waiting for wireless client sending requests for connection about two minutes On Press this button for 2 seconds to wait f...

Page 19: ...P communication Factory Reset Restore the default settings Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the factory default configuration PWR Connecter for a power adapter ON OFF Power Switch ...

Page 20: ...linking A DECT phone call comes On The phone connected to this port is off hook Off The phone connected to this port is on hook Phone Blinking A phone call comes On A PSTN phone call comes in and out However when the phone call is disconnected the LED will be off about six seconds later Line Off There is no PSTN phone call On The WPS is on Off The WPS is off WPS Blinking Waiting for wireless clien...

Page 21: ...e Pen Driver Mobile HD or printer Interface Description Line Connector for PSTN life line Phone Connector of analog phone for VoIP communication Factory Reset Restore the default settings Usage Turn on the router ACT LED is blinking Press the hole and keep for more than 5 seconds When you see the ACT LED begins to blink rapidly than usual release the button Then the router will restart with the fa...

Page 22: ... of the LAN ports of the router and the other end of the cable RJ 45 into the Ethernet port on your computer 3 Connect the telephone sets with phone lines for using VoIP function For the model without phone ports skip this step 4 Connect one end of the power adapter to the router s power port on the rear panel and the other side into a wall outlet 5 Power on the device by pressing down the power s...

Page 23: ...op through 1 1 4 4 P Pr ri in nt te er r I In ns st ta al ll la at ti io on n You can install a printer onto the router for sharing printing All the PCs connected this router can print documents via the router The example provided here is made based on Windows XP 2000 For Windows 98 SE Vista please visit www draytek com Before using it please follow the steps below to configure settings for connec...

Page 24: ... Series User s Guide 12 4 Click Local printer attached to this computer and click Next 5 In this dialog choose Create a new port Type of port and use the drop down list to select Standard TCP IP Port Click Next ...

Page 25: ... following dialog type 192 168 1 1 router s LAN IP in the field of Printer Name or IP Address and type IP_192 168 1 1 as the port name Then click Next 7 Click Standard and choose Generic Network Card 8 Then in the following dialog click Finish ...

Page 26: ...orrect driver loaded onto your PC When you finish the selection click Next 10 For the final stage you need to go back to Control Panel Printers and edit the property of the new printer you have added 11 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and LPR name ...

Page 27: ... or other additional functions are not supported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support FAQ find out the link of Printer Server and click it then click the What types of printers are compatible with Vigor router link Note 2 Vigor router supports printing request from computers via LAN ports but not WAN port...

Page 28: ...Vigor2710 Series User s Guide 16 This page is left blank ...

Page 29: ...y Notice You may either simply set up your computer to get IP dynamically from the router or set up the IP address of the computer to be the same subnet as the default IP address of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and type http 192 168 1 1 The following window will be open to ask f...

Page 30: ... PC and type http 192 168 1 1 A pop up window will open to ask for username and password 2 Please type admin admin on Username Password for administration operation Otherwise do not type any word both username and password are Null for user operation on the window and click Login on the window 3 Now the Main Screen will appear Main screen for admin mode operation full configuration Main screen for...

Page 31: ...enance page and choose Administrator Password User Password or 5 Enter the login password the default is blank on the field of Old Password Type the new password in New Password and Confirm Password fields Then click OK to continue 6 Now the password has been changed Next time use the new password to access the Web Configurator for this router ...

Page 32: ...sword After typing the password please click Next 2 2 4 4 1 1 A Ad dj ju us st ti in ng g P Pr ro ot to oc co ol l E En nc ca ap ps su ul la at ti io on n In the Quick Start Wizard you can configure the router to access the Internet with different protocol modes such as PPPoE PPPoA Bridged IP or Routed IP The router supports the ADSL WAN interface for Internet access Now you have to select an appr...

Page 33: ...IP Address Subnet Mask and Default Gateway will not be changed IP Address Assign an IP address for the protocol that you select Subnet Mask Assign a subnet mask value for the protocol of Routed IP and Bridged IP Default Gateway Assign an IP address to the gateway for the protocol of Routed IP and Bridged IP Primary DNS Assign an IP address to the primary DNS Second DNS Assign an IP address to the ...

Page 34: ...router The following page will be shown User Name Assign a specific valid user name provided by the ISP Password Assign a valid password provided by the ISP Confirm Password Retype the password Click Next for viewing summary of such connection Click Finish Then the system status of this protocol will be shown ...

Page 35: ...3 3 B Br ri id dg ge ed d I IP P Click 1483 Bridged IP as the protocol Type in all the information that your ISP provides for this protocol Click Next for viewing summary of such connection Click Finish Then the system status of this protocol will be shown ...

Page 36: ...t te ed d I IP P Click 1483 Routed IP as the protocol Type in all the information that your ISP provides for this protocol After finishing the settings in this page click Next to see the following page Click Finish Then the system status of this protocol will be shown ...

Page 37: ... for detailed information Service Activation Wizard is a tool which allows you to use trial version or update the license of WCF directly without accessing into the server MyVigor located on http myvigor draytek com For using Web Content Filter Profile please refer to section Web Content Filter Profile for detailed information Now please follow the steps listed below to activate WCF feature for yo...

Page 38: ...nt filter based on Commtouch operated in the worldwide There is a 30 day trial period After trial you can purchase DrayTek s prepared Commtouch GlobalView WCF package from DrayTek dealer 4 Setting confirmation page will be displayed as follows please click Next 5 Wait for a moment till the following page appears When such page appears you can enable or disable these services for your necessity The...

Page 39: ...page will display the service that you have activated according to your selection s The valid time for the free trial of these services is one month Later if you need to extend the license valid time you can also use the Service Activation Wizard again to reach your goal by clicking the radio button of Formal edition with license key and clicking Next ...

Page 40: ... in ne e S St ta at tu us s 2 2 6 6 1 1 P Ph hy ys si ic ca al l C Co on nn ne ec ct ti io on n Such page displays the physical connection status such as LAN connection status WAN connection status ADSL information and so on If you select PPPoE as the protocol you will find out a link of Dial PPPoE or Drop PPPoE in the Online Status web page Online status for PPPoE Online status for Static IP ...

Page 41: ...isplays the total uptime of the interface IP Displays the IP address of the WAN interface GW IP Displays the IP address of the default gateway TX Packets Displays the total transmitted packets at the WAN interface TX Rate Displays the speed of transmitted octets at the WAN interface RX Packets Displays the total number of received packets at the WAN interface RX Rate Displays the speed of received...

Page 42: ... in ng g C Co on nf fi ig gu ur ra at ti io on n Each time you click OK on the web page for saving the configuration you can find messages showing the system interaction with you Ready indicates the system is ready for you to input settings Settings Saved means your settings are saved once you click Finish or OK button ...

Page 43: ...reover if you want to adjust more settings for different WAN modes please go to WAN group and click the Internet Access link 3 3 1 1 1 1 B Ba as si ic cs s o of f I In nt te er rn ne et t P Pr ro ot to oc co ol l I IP P N Ne et tw wo or rk k IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the...

Page 44: ...Point to Point style authentication and authorization is required for bridging customer premises equipment CPE Point to Point Protocol over Ethernet PPPoE connects a network of hosts via an access device to a remote access concentrator or aggregation concentrator This implementation provides users with significant ease of use Meanwhile it provides access control billing and type of service accordi...

Page 45: ... The selections displayed here are determined by the page of Internet Access Multi PVCs Select M PVCs Channel means no selection will be chosen VPI Type in the value provided by ISP VCI Type in the value provided by ISP Encapsulating Type Drop down the list to choose the type provided by ISP Protocol Drop down the list to choose the one provided by ISP If you have already used Quick Start Wizard t...

Page 46: ...d specific VLAN number to all packets while sending them out Please type the tag value and specify the priority for the packets sending by the router VID Type the value as the VLAN ID number The range is form 0 to 4095 Priority Type the packet priority number for such VLAN The range is from 0 to 7 WAN Connection Detection Such function allows you to verify whether network connection is alive or no...

Page 47: ...ou may choose up to 4 schedules out of the 15 schedules pre defined in Applications Schedule setup The default setting of this filed is blank and the function will always work WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping ...

Page 48: ...the dialog Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address Default MAC Address You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC Address for the router Specify a MAC Address Type the MAC address for the router manually Index 1 15 in Schedule Setup You can type in four sets of time schedule for your req...

Page 49: ...channel The selections displayed here are determined by the page of Internet Access Multi PVCs Select M PVCs Channel means no selection will be chosen Encapsulating Type Drop down the list to choose the type provided by ISP VPI Type in the value provided by ISP VCI Type in the value provided by ISP Modulation Drop down the list to choose a proper modulation for the router VLAN Enable Enable the fu...

Page 50: ...cifying how routers exchange routing tables information Click Enable RIP for activating this function Bridge Mode If you choose Bridged IP as the protocol you can check this box to invoke the function The router will work as a bridge modem WAN Backup Setup 3G USB Modem If you have installed a 3G USB modem on the router please enable Dial Backup Mode to perform file backup via USB device After choo...

Page 51: ...Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displays value for your reference TTL value is set by telnet command Default Click this button to reset to factory setting WAN IP Network Settings This group allows you to o...

Page 52: ...e in MAC address for the router You can use Default MAC Address or specify another MAC address for your necessity MAC Address Type in the MAC address for the router manually DNS Server IP Address Type in the primary IP address for the router If necessary type in secondary IP address for necessity in the future After finishing all the settings here please click OK to activate them ...

Page 53: ...T does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means th...

Page 54: ...address and the routers will automatically inform for each other 3 3 2 2 2 2 G Ge en ne er ra al l S Se et tu up p This page provides you the general settings for LAN Click LAN to open the LAN settings page and choose General Setup LAN IP Network Configuration 1st IPAddress Type in private IP address for connecting to a local private network Default 192 168 1 1 1st Subnet Mask Type in an address c...

Page 55: ...maximum is 10 For example if you type 3 and the 2nd IP address of your router is 220 135 240 1 the range of IP address by the DHCP server will be from 220 135 240 2 to 220 135 240 11 MAC Address Enter the MAC Address of the host one by one and click Add to create a list of hosts to be assigned deleted or edited IP address from above pool Set a list of MAC Address for 2nd DHCP server will help rout...

Page 56: ...at you want the DHCP server to assign IP addresses to The default is 50 and the maximum is 253 Gateway IPAddress Enter a value of the gateway IP address for the DHCP server The value is usually as same as the 1st IP address of the router which means the router is the default gateway DHCP Server IPAddress for Relay Agent Set the IP address of the DHCP server you are going to use so the Relay Agent ...

Page 57: ...ge its source address into the public IP address of the router select the available public port and then forward it At the same time the router shall list an entry in a table to memorize this address port mapping relationship When the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore...

Page 58: ...y located inside the LAN the network well protected by NAT of the router and identified by its private IP address port the goal of Port Redirection function is to forward all access request with public IP address from external users to the mapping private IP address port of the server The port redirection can only apply to incoming traffic To use this function please go to NAT page and choose Port...

Page 59: ...cted to specified range of IP address and port Public Port Specify which port can be redirected to the specified Private IP and Port of the internal host If you choose Range as the port redirection mode you will see two boxes on this field Simply type the required number on the first box The second one will be assigned automatically later Private IP Specify the private IP address of the internal h...

Page 60: ...host in the LAN Regular web surfing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc The inherent security properties of NAT are somewhat bypassed if you set up DMZ host We ...

Page 61: ...e PC Click this button and then a window will automatically pop up as depicted below The window consists of a list of private IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ host When you have selected one private IP from the above dialog the IP address will be shown on the following screen Click OK to save the setting ...

Page 62: ...ing page Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network service Local IP Address Display the private IP address of the local host offering the service Status Display the state for the corresponding entry ...

Page 63: ...ayer protocol It could be TCP UDP or none for selection Start Port Specify the starting port number of the service offered by the local host End Port Specify the ending port number of the service offered by the local host 3 3 4 4 A Ap pp pl li ic ca at ti io on ns s Below shows the menu items for Applications 3 3 4 4 1 1 D Dy yn na am mi ic c D DN NS S The ISP often provides you with a dynamic IP ...

Page 64: ...say hostname dyndns org and an account with username test and password test 2 In the DDNS setup menu check Enable Dynamic DNS Setup Enable Dynamic DNS Setup Check this box to enable DDNS function Set to Factory Default Clear all profiles and recover to factory settings Auto Update interval Set the time for the router to perform auto update for DDNS service Index Click the number below Index to acc...

Page 65: ...ved The Wildcard and Backup MX features are not supported for all Dynamic DNS providers You could get more detailed information from their websites Disable the Function and Clear all Dynamic DNS Accounts In the DDNS setup menu uncheck Enable Dynamic DNS Setup and push Clear All button to disable the function and clear all accounts from the router Delete a Dynamic DNS Account In the DDNS setup menu...

Page 66: ...The connection status and control status will be able to be activated The NAT Traversal of UPnP enables the multimedia features of your applications to operate This has to manually set up port mappings or use other similar methods The screenshots below show examples of this facility The UPnP facility on the router enables UPnP aware applications such as MSN Messenger to discover what are behind a ...

Page 67: ... these mappings may not be removed 3 3 5 5 V Vo oI IP P Note This function is used for V models Voice over IP network VoIP enables you to use your broadband Internet connection to make toll quality voice calls over the Internet There are many different call signaling protocols methods by which VoIP devices can talk to each other The most popular protocols are SIP MGCP Megaco and H 323 These protoc...

Page 68: ...ses the better the voice quality however the codec used must be appropriate for your Internet bandwidth Usually there will be two types of calling scenario as illustrated below z Calling via SIP Servers First the Vigor V models of yours will have to register to a SIP Registrar by sending registration messages to validate Then both parties SIP proxies will forward the sequence of messages to caller...

Page 69: ...s tolerable for data traffic 3 3 5 5 1 1 D Di ia al lP Pl la an n This page allows you to set phone book and digit map for the VoIP function Click the Phone Book and Digit Map links on the page to access into next pages for dialplan settings P Ph ho on ne e B Bo oo ok k In this section you can set your VoIP contacts in the phonebook It can help you to make calls quickly and easily by using speed d...

Page 70: ...0 9 and Display Name The Caller ID that you want to be displayed on your friend s screen This let your friend can easily know who s calling without memorizing lots of SIP URL Address SIP URL Enter your friend s SIP Address Dial Out Account Choose one of the SIP accounts for this profile to dial out It is useful for both sides caller and callee that registered to different SIP Registrar servers If ...

Page 71: ...ding to the loop through direction chosen Note that during the phone switch the blare of phone will appear for a short time And when the VoIP phone is switched into the PSTN phone the telecom co might charge you for the connection fee Please type in backup phone number PSTN for this VoIP phone setting D Di ig gi it t M Ma ap p For the convenience of user this page allows users to edit prefix numbe...

Page 72: ... Setup web page as an example the prefix number of 03 will replace 8863 For example dial number of 88631111111 will be changed to 031111111 and sent to SIP server OP Number The front number you type here is the first part of the account number that you want to execute special function according to the chosen mode by using the prefix number Min Len Set the minimal length of the dial number for appl...

Page 73: ...one that is not welcomed Click any index number to display the dial plan setup page Enable Click this to enable this entry Call Direction Determine the direction for the phone call IN incoming call OUT outgoing call IN OUT both incoming and outgoing calls Barring Type Determine the type of the VoIP phone call URI URL or number ...

Page 74: ...h as Block Anonymous Block Unknown Domain or Block IP Address Simply click the relational links to open the web page For Block Anonymous this function can block the incoming calls without caller ID on the route Phone port specified in the following window Web Page for Vigor2710 Vn Web Page for Vigor2710 VDn For Block Unknown Domain this function can block incoming calls through Phone port from unr...

Page 75: ...710 Series User s Guide 63 Web Page for Vigor2710 VDn For Block IP Address this function can block incoming calls through Phone port coming from IP address Web Page for Vigor2710 Vn Web Page for Vigor2710 VDn ...

Page 76: ...n Out Dial the number typed in this field to call the previous outgoing phone call again Call Forward All Act Dial the number typed in this field to forward all the incoming calls to the specified place Call Forward Deact Dial the number typed in this field to release the call forward function Call Forward Busy Act Dial the number typed in this field to forward all the incoming calls to the specif...

Page 77: ...ction Block IP Calls Act Dial the number typed in this field to block all the incoming calls from IP address Block IP Calls Deact Dial the number typed in this field to release this function Block Last Calls Act Dial the number typed in this field to block the last incoming phone call P PS ST TN N S Se et tu up p Some emergency phone e g 911 or special phone cannot be dialed out by using VoIP and ...

Page 78: ...roxy and Domain name The last three might be the same in some case Then you can tell your folks your SIP Address as in Account Name Domain name As Vigor VoIP Router is turned on it will first register with Registrar using AuthorizationUser Domain Realm After that your call will be bypassed by SIP Proxy to the destination using AccountName Domain Realm as identity SIP Accounts Web Page for Vigor271...

Page 79: ...the selected Codec of this account Ring Port Specify which port will ring when receiving a phone call Status Show the status for the corresponding SIP account R means such account is registered on SIP server successfully means the account is failed to register on SIP server STUN Server Type in the IP address or domain of the STUN server External IP Type in the gateway IP address SIP PING interval ...

Page 80: ...unction without registering For such server please check the box of Call without registration Choosing Auto is recommended SIP Port Set the port number for sending receiving SIP message for building a session The default value is 5060 Your peer must set the same value in his her Registrar Domain Realm Set the domain name or IP address of the SIP Registrar server Proxy Set domain name or IP address...

Page 81: ...t by other device you have to set this function for your necessity None Disable this function Stun Choose this option if there is Stun server provided for your router Manual Choose this option if you want to specify an external IP address as the NAT transversal support Nortel If the soft switch that you use supports Nortel solution you can choose this option Ring Port Set Phone or DECT as the defa...

Page 82: ...ined in a single packet The default value is 20 ms which means the data packet will contain 20 ms voice information Voice Active Detector This function can detect if the voice on both sides is active or not If not the router will do something to save the bandwidth for other using Click On to invoke this function click Off to close the function ...

Page 83: ...pectively However it changes slightly according to different model you have Phone Settings Web Page for Vigor2710 Vn Phone Settings Web Page for Vigor2710 VDn Phone List Port Phone Phone1 Phone2 allow you to set general settings for PSTN phones DECT1 6 allow you to set general settings for DECT phone Call Feature A brief description for call feature will be ...

Page 84: ... disabled Phone could not be used anymore However its DSP resource could be used by DECT and DECT could dial 4 VoIP calls at the same time Otherwise DECT could only dial 3 VoIP calls at the same time DECT phone access code When registering with DECT phone you will be asked to type access code The default setting in Vigor2710VDn is 1234 RTP Symmetric RTP Check this box to invoke the function To mak...

Page 85: ...or2710 VDn Hotline Check the box to enable it Type in the SIP URL in the field for dialing automatically when you pick up the phone set Session Timer Check the box to enable the function In the limited time that you set in this field if there is no response the connecting call will be closed automatically T 38 Fax Function Check the box to enable the function Call Forwarding There are four options...

Page 86: ...nvoke this function A notice sound will appear to tell the user new phone call is waiting for your response Click hook flash to pick up the waiting phone call Call Transfer Check this box to invoke this function Click hook flash to initiate another phone call When the phone call connection succeeds hang up the phone The other two sides can communicate then Default SIP Account You can set SIP accou...

Page 87: ...le one please choose User Defined and fill out the corresponding values for dial tone ringing tone busy tone and congestion tone by yourself for VoIP phone Also you can specify each field for your necessity It is recommended for you to use the default settings for VoIP communication Volume Gain Mic Gain 1 10 Speaker Gain 1 10 Adjust the volume of microphone and speaker by entering number from 1 10...

Page 88: ...igor will send the DTMF tone as audio directly when you press the keypad on the phone OutBand Choose this one then the Vigor will capture the keypad number you pressed and transform it to digital form then send to the other side the receiver will generate the tone according to the digital form it receive This function is very useful when the network traffic congestion occurs and it still can remai...

Page 89: ...et you would see F07_CALL_RECEIVED PCM Channel This field can distinguish which PCM channel is used by the handset 255 default setting means it is idle and voice data is not transferred through any PCM channel Deregister Handset If your handset has registered to the router you could use this button to deregister it from router Wideband Voice Check this box to enable the function to avoid hearing n...

Page 90: ...itate 4 simultaneous wireless audio connections and 6 phone registration 1 Open VoIP DECT Note DECT menu will appear if DECT module is detected 2 In the web page please click Enable Registration Mode and wait for DECT handset to register 3 When the registration is finished open VoIP SIP Accounts The Registered DECT phone will be available for you to choose Choose the one you need ...

Page 91: ...IP Status Information for the active DECT phone will be shown as follows When registering with DECT phone you will be asked to type access code The default setting in Vigor2710VDn is 1234 Please open VoIP Phone Settings to modify it if required ...

Page 92: ...80 The following diagram shows the brief construction of DECT phone handset and Vigor router 3 3 5 5 5 5 S St ta at tu us s From this page you can find codec connection and other important call status for each port For Vigor2710 Vn ...

Page 93: ...s IDLE Indicates that the VoIP function is idle HANG_UP Indicates that the connection is not established busy tone CONNECTING Indicates that the user is calling out WAIT_ANS Indicates that a connection is launched and waiting for remote user s answer ALERTING Indicates that a call is coming ACTIVE Indicates that the VoIP connection is launched Codec Indicates the voice codec employed by present ch...

Page 94: ...flexibility and efficiency of a small office home Any authorized staff can bring a built in WLAN client PDA or notebook into a meeting room for conference without laying a clot of LAN cable or drilling holes everywhere Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well as Internet access The Vigor wireless routers are equi...

Page 95: ...a encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which security suite you select they all will enhance the over the air data protection and or privacy on your ...

Page 96: ...t to Mixed 11b 11g 11g Only 11b Only Mixed 11g 11n 11n Only and Mixed 11b 11g 11n stations simultaneously Simply choose Mix 11b 11g 11n mode SSID Means the identification of the wireless LAN SSID can be any text numbers or various special characters The default SSID is Draytek We suggest you to change it Channel Means the channel of frequency of the wireless LAN The default channel is 6 You may sw...

Page 97: ...reamble with 56 bit sync filed instead of long preamble with 128 bit sync field However some original 11b wireless network devices only support long preamble Check it to use Long Preamble if needed to communicate with this kind of devices Packet OVERDRIVE This feature can enhance the performance in data transmission about 40 more by checking Tx Burst It is active only when both sides of Access Poi...

Page 98: ...eck Enable and type the transmitting rate for data upload Default value is 30 000 kbps Download Type the transmitting rate for data download Default value is 30 000 kbps 3 3 6 6 3 3 S Se ec cu ur ri it ty y By clicking the Security Settings a new web page will appear so that you could configure the settings of WEP and WPA ...

Page 99: ...such as 0x321253abcde WEP 64 Bit For 64 bits WEP key either 5 ASCII characters such as 12345 or 10 hexadecimal digitals leading by 0x such as 0x4142434445 128 Bit For 128 bits WEP key either 13 ASCII characters such as ABCDEFGHIJKLM or 26 hexadecimal digits leading by 0x such as 0x4142434445464748494A4B4C4D All wireless devices must support the same WEP encryption bit size and have the same key Fo...

Page 100: ...ited before Client s MAC Address Manually enter the MAC address of wireless client Apply SSID After entering the client s MAC address check the box of the SSIDs desired to insert this MAC address into their access control list Attribute s Isolate the station from LAN select to isolate the wireless connection of the wireless client of the MAC address from LAN Add Add a new MAC address into the list...

Page 101: ...disk can be regarded as an FTP server By way of Vigor router clients on LAN can access write and read data stored in USB disk After setting the configuration in USB Application you can type the IP address of the Vigor router and username password created in USB Application USB User Management on the FTP client software Thus the client can use the FTP site USB disk through Vigor router 3 3 7 7 1 1 ...

Page 102: ...r Simplified Chinese file directory names please choose GB2312 for Traditional Chinese file directory names choose BIG5 Samba Service Settings Click Enable to invoke samba service via the router Later you can view the files inside the USB storage disk through Samba server Access Mode LAN Only Users coming from internet cannot connect to the samba server of the router LAN And WAN Both LAN and WAN u...

Page 103: ...ng settings in this page please insert a USB disk first Otherwise an error message will appear to warn you Click index number to access into configuration page FTP Samba User Enable Click this button to activate this profile account Later the user can use the username specified in this page to login into FTP server Disable Click this button to disable such profile Username Type the username for FT...

Page 104: ...uter will create the specific new folder in the USB disk In addition if the user types here he she can access into all of the disk folders and files in USB disk Note When write protect status for the USB disk is ON you cannot type any new folder name in this field Only can be used in such case You can click to open the following dialog to add any new folder which can be specified as the Home Folde...

Page 105: ...r directory Create Click this icon to add a new folder Current Path Display current folder Upload Click this button to upload the selected file to the USB storage disk The uploaded file in the USB storage disk can be shared for other user through FTP 3 3 7 7 4 4 U US SB B D Di is sk k S St ta at tu us s This page is to monitor the status for the FTP users who accessing into FTP server USB disk via...

Page 106: ...o the FTP server Username It displays the username that user uses to login to the FTP server When you insert USB disk into the Vigor router the system will start to find out such device within several seconds 3 3 8 8 S Sy ys st te em m M Ma ai in nt te en na an nc ce e For the system setup there are several items that you have to know the way of configuration Status Administrator Password Configur...

Page 107: ...gned IP address of the primary DNS WAN Link Status Display current connection status MAC Address Display the MAC address of the WAN Interface Connection Display the connection type IP Address Display the IP address of the WAN interface Default Gateway Display the assigned IP address of the default gateway Wireless LAN MAC Address Display the MAC address of the wireless LAN Frequency Domain It can ...

Page 108: ... at te e It allows you to specify where the time of the router should be inquired from Current System Time Click Inquire Time to get the current time Use Browser Time Select this option to use the browser time from the remote administrator PC host as router s system time Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Server IP Address ...

Page 109: ...b page after you configure web settings please click OK to reboot your router for ensuring normal operation and preventing unexpected errors of the router in the future 3 3 9 9 D Di ia ag gn no os st ti ic cs s Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router Below shows the menu items for Diagnostics 3 3 9 9 1 1 D DH HC CP P T Ta ab bl le e The facility pr...

Page 110: ...ied PC HOST ID It displays the host ID name of the specified PC Refresh Click it to reload the page 3 3 9 9 2 2 P Pi in ng g D Di ia ag gn no os si is s Click Diagnostics and click Ping Diagnosis to pen the web page Ping to Use the drop down list to choose the destination that you want to ping IP Address Type in the IP address of the Host IP that you want to ping Run Click this button to start the...

Page 111: ...esult of route trace will be shown on the screen Protocol Use the drop down list to choose the protocol that you want to ping through Host IP Address It indicates the IP address of the host Run Click this button to start route tracing work Clear Click this link to remove the result on the window 3 3 1 10 0 P Pr ro od du uc ct t R Re eg gi is st tr ra at ti io on n When you click it you will be gui...

Page 112: ...Vigor2710 Series User s Guide 100 This page is left blank ...

Page 113: ...t to adjust more settings for different WAN modes please go to WAN group and click the Internet Access link 4 4 1 1 1 1 B Ba as si ic cs s o of f I In nt te er rn ne et t P Pr ro ot to oc co ol l I IP P N Ne et tw wo or rk k IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid...

Page 114: ...Point to Point style authentication and authorization is required for bridging customer premises equipment CPE Point to Point Protocol over Ethernet PPPoE connects a network of hosts via an access device to a remote access concentrator or aggregation concentrator This implementation provides users with significant ease of use Meanwhile it provides access control billing and type of service accordi...

Page 115: ...l The selections displayed here are determined by the page of Internet Access Multi PVCs Select M PVCs Channel means no selection will be chosen VPI Type in the value provided by ISP VCI Type in the value provided by ISP Encapsulating Type Drop down the list to choose the type provided by ISP Protocol Drop down the list to choose the one provided by ISP If you have already used Quick Start Wizard ...

Page 116: ...dd specific VLAN number to all packets while sending them out Please type the tag value and specify the priority for the packets sending by the router VID Type the value as the VLAN ID number The range is form 0 to 4095 Priority Type the packet priority number for such VLAN The range is from 0 to 7 WAN Connection Detection Such function allows you to verify whether network connection is alive or n...

Page 117: ...ou may choose up to 4 schedules out of the 15 schedules pre defined in Applications Schedule setup The default setting of this filed is blank and the function will always work WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping ...

Page 118: ...her than the current one you are using Notice that this setting is available for WAN1 only Type the additional WAN IP address and check the Enable box Then click OK to exit the dialog Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address Default MAC Address You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC A...

Page 119: ...ll appear MPoA RFC1483 2684 Click Enable for activating this function If you click Disable this function will be closed and all the settings that you adjusted in this page will be invalid DSL Modem Settings Set up the DSL parameters required by your ISP These are vital for building DSL connection to your ISP Multi PVC channel The selections displayed here are determined by the page of Internet Acc...

Page 120: ...r WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displays value for your reference TTL value is set by telnet command RIP Protocol Routing Information Protocol is abbreviated as RIP RFC1058 specifying how routers exchange routing tables information Click Enable RIP for activating this function Bridge Mode If ...

Page 121: ... filed is blank and the function will always work WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displays...

Page 122: ... Default MAC Address Type in MAC address for the router You can use Default MAC Address or specify another MAC address for your necessity MAC Address Type in the MAC address for the router manually DNS Server IP Address Type in the primary IP address for the router If necessary type in secondary IP address for necessity in the future After finishing all the settings here please click OK to activat...

Page 123: ... the first PVC line that will be used as multi PVCs Enable Check this box to enable that channel The channels that you enabled here will be shown in the Multi PVC channel drop down list on the web page of Internet Access Though you can enable eight channels in this page yet only one channel can be chosen on the web page of Internet Access VPI Type in the value provided by your ISP VCI Type in the ...

Page 124: ...ded for router borne application such as TR069 and VoIP The settings must be applied and obtained from your ISP For your special request please contact with your ISP and then click WAN link of Channel 3 4 or 5 to configure your router WAN for Router borne Application Choose the router service for channel 3 4 or 5 Management It can be specified for general management Web configuration telnet TR069 ...

Page 125: ...live or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection Ping IP If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live Displays value for your reference TTL value is set by telnet command ISP Access Setup Enter your allocated username password and authentication param...

Page 126: ...ton to specify some data IP Address Type in the private IP address Subnet Mask Type in the subnet mask Gateway IP Address Type in gateway IP address DNS Server IP Address Type in the primary IP address for the router If necessary type in secondary IP address for necessity in the future ...

Page 127: ...cording to the information that your ISP provides PCR It represents Peak Cell Rate The default setting is 0 SCR It represents Sustainable Cell Rate The value of SCR must be smaller than PCR MBS It represents Maximum Burst Size The range of the value is 10 to 50 P Po or rt t b ba as se ed d B Br ri id dg ge e General page lets you set the first PVC As to set the second PVC line please click the Por...

Page 128: ...am into different PVC In general the protocol used by remote control is IGMP Normal It means that the PVC can accept all packets except IGMP IGMP It means that the PVC can accept packets of IGMP only Add Tag To identify the usage of PVC check this box to invoke this setting And type the number for VLAN ID number Priority To add the packet priority number for such VLAN The range is from 0 to 7 Clic...

Page 129: ...T does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means th...

Page 130: ... W Wh ha at t i is s S St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified subnet to another specified subnet without the presence of RIP W Wh ha at t a ar re e V Vi ir rt tu ua al l L LA AN Ns s You can ...

Page 131: ...te network Default 192 168 1 1 1st Subnet Mask Type in an address code that determines the size of the network Default 255 255 255 0 24 For IP Routing Usage Click Enable to invoke this function The default setting is Disable 2nd IPAddress Type in secondary IP address for connecting to a subnet Default 192 168 2 1 24 2nd Subnet Mask An address code that determines the size of the network Default 25...

Page 132: ...ill help router to assign the correct IP address of the correct subnet to the correct host So those hosts in 2nd subnet won t get an IP address belonging to 1st subnet RIP Protocol Control Disable deactivates the RIP protocol It will lead to a stoppage of the exchange of routing information between routers Default 1st Subnet Select the router to change the RIP information of the 1st subnet with ne...

Page 133: ... Relay Agent Set the IP address of the DHCP server you are going to use so the Relay Agent can help to forward the DHCP request to the DHCP server DNS Server Configuration DNS stands for Domain Name System Every Internet host must have a unique IP address also they may have a human friendly easy to remember name such as www yahoo com The DNS server converts the user friendly name into its equivale...

Page 134: ...c R Ro ou ut te e Go to LAN to open setting page and choose Static Route Index The number 1 to 10 under Index allows you to open next page to set up static route Destination Address Displays the destination address of the static route Status Displays the status of the static route Set to Factory Default Clear all profiles Viewing Routing Table Displays the routing table for your reference A Ad dd ...

Page 135: ... as the RIP Protocol Control Then click the OK button Note There are two reasons that we have to apply RIP Protocol Control on 1st Subnet The first is that the LAN interface can exchange RIP packets with the neighboring routers via the 1st subnet 192 168 1 0 24 The second is that those hosts on the internal private subnets ex 192 168 10 0 24 can access the Internet via the router and continuously ...

Page 136: ...c Route Setup page Click on another Index Number to add another static route as show below which regulates all packets destined to 211 100 88 0 will be forwarded to 192 168 1 3 4 Go to Diagnostics and choose Routing Table to verify current routing table ...

Page 137: ... following page will appear Click Enable to invoke VLAN function P1 P4 Check the LAN port s to be grouped under the selected VLAN To add or remove a VLAN please refer to the following example 1 If VLAN 0 is consisted of hosts linked to P1 and P2 and VLAN 1 is consisted of hosts linked to P3 and P4 2 After checking the box to enable VLAN function you will check the table according to the needs as s...

Page 138: ...d List also can connect to Internet Disable Click this radio button to disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List ARP Table This table is the LAN ARP table of this router The information for IP and MAC will be displayed in this field Each pair of IP and MAC address...

Page 139: ...source address into the public IP address of the router select the available public port and then forward it At the same time the router shall list an entry in a table to memorize this address port mapping relationship When the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore the in...

Page 140: ...ly located inside the LAN the network well protected by NAT of the router and identified by its private IP address port the goal of Port Redirection function is to forward all access request with public IP address from external users to the mapping private IP address port of the server The port redirection can only apply to incoming traffic To use this function please go to NAT page and choose Por...

Page 141: ...e as the port redirection mode you will see two boxes on this field Simply type the required number on the first box The second one will be assigned automatically later Private IP Specify the private IP address of the internal host providing the service If you choose Range as the port redirection mode you will see two boxes on this field Type a complete IP address in the first box as the starting ...

Page 142: ...Vigor2710 Series User s Guide 130 You then will access the admin screen of by suffixing the IP address with 8080 e g http 192 168 1 1 8080 instead of port 80 ...

Page 143: ...host in the LAN Regular web surfing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc The inherent security properties of NAT are somewhat bypassed if you set up DMZ host We ...

Page 144: ...e PC Click this button and then a window will automatically pop up as depicted below The window consists of a list of private IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ host When you have selected one private IP from the above dialog the IP address will be shown on the following screen Click OK to save the setting ...

Page 145: ...wing page Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network service Local IP Address Display the private IP address of the local host offering the service Status Display the state for the corresponding entry...

Page 146: ...dress of the local host or click Choose PC to select one Choose PC Click this button and subsequently a window having a list of private IP addresses of local hosts will automatically pop up Select the appropriate IP address of the local host in the list Protocol Specify the transport layer protocol It could be TCP UDP or none for selection Start Port Specify the starting port number of the service...

Page 147: ...tion SPI tracks packets and denies unsolicited incoming data z Selectable Denial of Service DoS Distributed DoS DDoS attacks protection I IP P F Fi il lt te er rs s Depending on whether there is an existing Internet connection or in other words the WAN link status is up or down the IP filter architecture categorizes traffic into two Call Filter and Data Filter z Call Filter When there is no existi...

Page 148: ...tem s resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables the Vigor router to inspect every incoming packet based on the attack signature database Any malicious packet that might duplicate itself to paralyze the host in the secure LAN will be strictly blocked and a Syslog mess...

Page 149: ... a start filter set for the Data Filter Accept large incoming Some on line games for example Half Life will use lots of fragmented UDP packets to transfer game data Instinctively as a secure firewall Vigor router will reject these fragmented packets to prevent attack unless you enable Accept large incoming fragmented UDP or ICMP Packets By checking this box you can play these kinds of on line game...

Page 150: ...or Block for the packets that do not match with the filter rules Sessions Control The number typed here is the total sessions of the packets that do not match the filter rule configured in this page The default setting is 12000 Quality of Service Choose one of the QoS rules to be applied as firewall rule For detailed information of setting QoS please refer to the related section later Load Balance...

Page 151: ...ing the Log box It will be sent to Syslog server Please refer to section Syslog Mail Alert for more detailed information Web Content Filter Select one of the Web Content Filter profile settings created in CSM Web Content Filter for applying with this router Please set at least one profile for anti virus in CSM Web Content Filter web page first Or choose Create New from the drop down list in this p...

Page 152: ...mmended codepage listed on the dialog box Window size It determines the size of TCP protocol 0 65535 The more the value is the better the performance will be However if the network is not stable small value will be proper Session timeout Setting timeout for sessions can make the best utilization of network resources ...

Page 153: ...e Check Active to enable the rule Filter Rule Click a button numbered 1 7 to edit the filter rule Click the button will open Edit Filter Rule web page For the detailed information refer to the following page Active Enable or disable the filter rule Comment Enter filter set comments description Maximum length is 23 character long Move Up Down Use Up or Down link to move the order of the filter rule...

Page 154: ... at certain time interval only You may choose up to 4 schedules out of the 15 schedules pre defined in Applications Schedule setup The default setting of this filed is blank and the function will always work Direction Set the direction of packet flow LAN WAN WAN LAN It is for Data Filter only For the Call Filter this setting is not available since Call Filter is only applied to outgoing traffic So...

Page 155: ...s the Address Type From the IP Group drop down list choose the one that you want to apply Or use the IP Object drop down list to choose the object that you want Service Type Click Edit to access into the following dialog to choose a suitable service type To set the service type manually please choose User defined as the Service Type and type them in this dialog In addition if you want to use the s...

Page 156: ...ets Unfragmented Apply the rule to unfragmented packets Fragmented Apply the rule to fragmented packets Too Short Apply the rule only to packets that are too short to contain a complete header Filter Specifies the action to be taken when packets match the rule Block Immediately Packets matching the rule will be dropped immediately Pass Immediately Packets matching the rule will be passed immediate...

Page 157: ...ile settings created in CSM URL Content Filter for applying with this router Please set at least one profile for choosing in CSM URL Content Filter web page first Or choose Create New from the drop down list in this page to create a new profile For troubleshooting needs you can specify to record information for URL Content Filter by checking the Log box It will be sent to Syslog server Please refe...

Page 158: ...e codepage please open Syslog From Codepage Information of Setup dialog you will see the recommended codepage listed on the dialog box Window size It determines the size of TCP protocol 0 65535 The more the value is the better the performance will be However if the network is not stable small value will be proper Session timeout Setting timeout for sessions can make the best utilization of network...

Page 159: ...rver then the router s firewall will block the packets directly In addition you can restrict the strict security checking just be done by specified server and conditions such as Anti Virus Anti Spam In Sequence and APP Enforcement Thus the packets not only must be filtered by general rules by Firewall but also must be filtered by the items selected in Strict Security Checking Such work can ensure ...

Page 160: ...f two IP filters call filter or data filter You may preset 12 call filters and data filters in Filter Setup and even link them in a serial manner Each filter set is composed by 7 filter rules which can be further defined After that in General Setup you may specify one set for call filter and one set for data filter to execute first ...

Page 161: ...ceeded the defined value the Vigor router will start to randomly discard the subsequent TCP SYN packets for a period defined in Timeout The goal for this is prevent the TCP SYN packets attempt to exhaust the limited resource of Vigor router By default the threshold and timeout values are set to 50 packets per second and 10 seconds respectively Enable UDP flood defense Check the box to activate the...

Page 162: ...es the SYN attack technology with IP spoofing A Land attack occurs when an attacker sends spoofed SYN packets with the identical source and destination addresses as well as the port number to victims Block Smurf Check the box to activate the Block Smurf function The Vigor router will ignore any broadcasting ICMP echo request Block trace router Check the box to enforce the Vigor router not to forwa...

Page 163: ...Block Unknown Protocol function Individual IP packet has a protocol field in the datagram header to indicate the protocol type running over the upper layer However the protocol types greater than 100 are reserved and undefined at this time Therefore the router should have ability to detect and reject this kind of packets Warning Messages We provide Syslog function for user to retrieve message from...

Page 164: ...hem with objects and bind them with groups for using conveniently Later we can select that object group that can apply it For example all the IPs in the same department can be defined with an IP object a range of IP address 4 4 5 5 1 1 I IP P O Ob bj je ec ct t You can set up to 192 sets of IP Objects with different conditions Set to Factory Default Clear all profiles Click the number under Index ...

Page 165: ... to choose in Edit Filter Rule page Address Type Determine the address type for the IP address Select Single Address if this object contains one IP address only Select Range Address if this object contains several IPs within a range Select Subnet Address if this object contains one subnet for IP address Select Any Address if this object contains any IP address Select Mac Address if this object con...

Page 166: ...ed all the IP addresses except the ones listed above will be applied later while it is chosen Below is an example of IP objects settings 4 4 5 5 2 2 I IP P G Gr ro ou up p This page allows you to bind several IP objects into one IP group Set to Factory Default Clear all profiles Click the number under Index column for settings in detail ...

Page 167: ...owed Interface Choose WAN LAN or Any to display all the available IP objects with the specified interface Available IP Objects All the available IP objects with the specified interface chosen above will be shown in this box Selected IP Objects Click button to add the selected IP objects in this box ...

Page 168: ...o Factory Default Clear all profiles Click the number under Index column for settings in detail Name Type a name for this profile Protocol Specify the protocol s which this profile will apply to Source Destination Port Source Port and the Destination Port column are available for TCP UDP protocol It can be ignored for other protocols The filter rule will filter out any port number ...

Page 169: ... last values are different it indicates that all the ports except the range defined here are available for this service type the port number greater than this value is available the port number less than this value is available for this profile Below is an example of service type objects settings 4 4 5 5 4 4 S Se er rv vi ic ce e T Ty yp pe e G Gr ro ou up p This page allows you to bind several se...

Page 170: ...e Object will be shown in this box Selected Service Type Objects Click button to add the selected IP objects in this box 4 4 5 5 5 5 K Ke ey yw wo or rd d O Ob bj je ec ct t You can set 200 keyword object profiles for choosing as black white list in CSM URL Web Content Filter Profile Set to Factory Default Clear all profiles Click the number under Index column for setting in detail ...

Page 171: ...mation will be watched out and be passed blocked based on the configuration on Firewall settings 4 4 5 5 6 6 K Ke ey yw wo or rd d G Gr ro ou up p This page allows you to bind several keyword objects into one group The keyword groups set here will be chosen as black white list in CSM URL Web Content Filter Profile Set to Factory Default Clear all profiles Click the number under Index column for se...

Page 172: ...5 7 7 F Fi il le e E Ex xt te en ns si io on n O Ob bj je ec ct t This page allows you to set eight profiles which will be applied in CSM URL Content Filter All the files with the extension names specified in these profiles will be processed according to the chosen action Profile 1 with name of default is the default profile some files with the file extensions specified in this profile will be ign...

Page 173: ...d URL content to reach a goal of security management A AP PP P E En nf fo or rc ce em me en nt t F Fi il lt te er r As the popularity of all kinds of instant messenger application arises communication cannot become much easier Nevertheless while some industry may leverage this as a great tool to connect with their customers some industry may take reserve attitude in order to reduce employee misusa...

Page 174: ...these types of files from websites you may risk bringing threat to your system For example an ActiveX control object is usually used for providing interactive web feature If malicious code hides inside it may occupy user s system W We eb b C Co on nt te en nt t F Fi il lt te er r We all know that the content on the Internet just like other types of media may be inappropriate sometimes As a respons...

Page 175: ... be applied in Default Rule of Firewall General Setup for filtering Set to Factory Default Clear all profiles Profile Display the number of the profile which allows you to click to set different policy Name Display the name of the APP Enforcement Profile Click the number under Index column for settings in detail There are three tabs IM P2P and Misc displayed on this page Each tab will bring out di...

Page 176: ...L keyword blocking facility will decline the HTTP request to that web page thus can limit user s access to the website You may imagine URL Content Filter as a well trained convenience store clerk who won t sell adult magazines to teenagers At office URL Content Filter can also provide a job related only environment hence to increase the employee work efficiency How can URL Content Filter work bett...

Page 177: ...fy the full or partial URL such as www sex com or sex com Also the Vigor router will discard any request that tries to retrieve the malicious code Click CSM and click URL Content Filter Profile to open the profile setting page You can set eight profiles as URL content filter Simply click the index number under Profile to open the following web page Profile Name Type a name for the CSM profile Prio...

Page 178: ...ority for the actions executed For this one the router will process the packages with the conditions set below for web feature first then URL second Log None There is no log file will be recorded for this profile Pass Only the log about Pass will be recorded in Syslog Block Only the log about Block will be recorded in Syslog All All the actions Pass and Block will be recorded in Syslog URL Access ...

Page 179: ... maximal length of each frame is 32 character long After specifying keywords the Vigor router will decline the connection request to the website whose URL string matched to any user defined keyword It should be noticed that the more simplified the blocking keyword list is the more efficiently the Vigor router performs Web Feature Enable Restrict Web Feature Check this box to make the keyword being...

Page 180: ...rial version or update the license of WCF directly without accessing into the server MyVigor located on http myvigor draytek com However if you use the Web Content Filter Profile page to activate WCF feature it is necessary for you to access into the server MyVigor located on http myvigor draytek com Therefore you need to register an account on http myvigor draytek com for using corresponding serv...

Page 181: ...will check the URL that the user wants to access via WCF precisely however the processing rate is normal Such item can provide the most accurate URL matching L1 the router will check the URL that the user wants to access via WCF If the URL has been accessed previously it will be stored for a short time about 1 second in the router to be accessed quickly if required Such item can provide accurate U...

Page 182: ...he web content filter license Be aware if the Web Content Filter WCF powered by Commtouch is not activated the above settings will not be valid Black White List Enable Activate white black list function for such profile Group Object Selections Click Edit to choose the group or object profile as the content of white black list Pass allow accessing into the corresponding webpage with the characters ...

Page 183: ...ebpage with the categories listed on the box below If the web pages do not match with the specified feature set here it will be processed with reverse action Log None There is no log file will be recorded for this profile Pass Only the log about Pass will be recorded in Syslog Block Only the log about Block will be recorded in Syslog All All the actions Pass and Block will be recorded in Syslog ...

Page 184: ...eed many sessions for procession and also they will occupy over resources which might result in important accesses impacted To solve the problem you can use limit session to limit the session procession for specified Hosts In the Bandwidth Management menu click Sessions Limit to open the web page To activate the function of limit session simply click Enable and set the default session limit Enable...

Page 185: ...Edit Allows you to edit the settings for the selected limitation Delete Remove the selected settings existing on the limitation list Administration Message Type the words which will be displayed when reaches the maximum number of Internet sessions permitted Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Applicatio...

Page 186: ...ter in LAN Allow auto adjustment to make the best utilization of available bandwidth Router will detect if there is enough bandwidth remained for using according to the bandwidth limit set by the user If yes the router will adjust the available bandwidth for users to enhance the total utilization Limitation List Display a list of specific limitations that you set on this web page Start IP Define t...

Page 187: ...etwork intersections where speeds of interconnected circuits mismatch or traffic aggregates packets will queue up and traffic can be throttled back to a lower speed If there s no defined priority to specify which packets should be discarded or in another term dropped from an overflowing queue packets of sensitive applications mentioned above might be the ones to drop off How this will affect appli...

Page 188: ...kets with high priority marking since it may bind with the business deal of SLA among different DS domain owners It s not easy to achieve deterministic and consistent high priority QoS traffic throughout the whole network with merely Vigor router s effort In the Bandwidth Management menu click Quality of Service to open the web page This page displays the QoS settings result of the WAN interface C...

Page 189: ...ackets which are not suitable for the user defined class rules Enable the QoS Control The factory default for this setting is checked Please also define which traffic the QoS Control settings will apply to IN apply to incoming traffic only OUT apply to outgoing traffic only BOTH apply to both incoming and outgoing traffic Check this box and click OK then click Setup link again You will see the Onl...

Page 190: ...oad speed might be impacted by the uploading TCP ACK you can check this box to push ACK of upload faster to speed the network traffic Limited_bandwidth Ratio The ratio typed here is reserved for limited bandwidth of UDP application E Ed di it t t th he e C Cl la as ss s R Ru ul le e f fo or r Q Qo oS S The first three Class 1 to Class 3 class rules can be adjusted for your necessity To add edit or...

Page 191: ...bnet Address you have to fill in Start IP address and Subnet Mask DiffServ CodePoint All the packets of data will be divided with different levels and will be processed according to the level type by the system Please assign one of the levels of the data for processing with QoS control Service Type It determines the service type of the data for processing with QoS control It can also be edited You...

Page 192: ... e S Se er rv vi ic ce e T Ty yp pe e f fo or r C Cl la as ss s R Ru ul le e To add a new service type edit or delete an existed service type please click the Edit link under Service Type field After you click the Edit link you will see the following page ...

Page 193: ...ange as the type By the way you can set up to 40 service types If you want to edit delete an existed service type please select the radio button of that one and click Edit Edit for modification 4 4 7 7 4 4 A AP PP P Q Qo oS S The QoS function is used to do bandwidth management for the services with certain IP or port number However there is no effect of bandwidth management on the service such as ...

Page 194: ...QoS function Use Default Setting The packets will be transmitted with the default settings That is VoIP packets will be the first to be sent out and P2P packets will be the last to be sent out Enable for Application There are four applications VoIP Streaming IM and P2P which can be specified with different QoS Class ...

Page 195: ...er behind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service providers Basically Vigor routers are compatible with the DDNS services supplied by most popular DDNS service providers such as www dyndns org www no ip com www dtdns com www changeip com www dyn...

Page 196: ... you did check the box you will see a check mark appeared on the Active column of the previous web page in step 2 Service Provider Select the service provider for the DDNS account Service Type Select a service type Dynamic Custom or Static If you choose Custom you can modify the domain that is chosen in the Domain Name field Domain Name Type in one domain name that you applied previously Use the d...

Page 197: ...y business hours The schedule is also applicable to other functions You have to set your time before set schedule In System Maintenance Time and Date menu press Inquire Time button to set the Vigor router s clock to current time of your PC The clock will reset once if you power down or reset the router There is another way to set up time You can inquiry an NTP server a time server on the Internet ...

Page 198: ... and the value of idle timeout should be specified in Idle Timeout field Disable Dial On Demand Specify the connection to be up when it has traffic on the line Once there is no traffic over idle timeout the connection will be down and never up again during the schedule Idle Timeout Specify the duration or period for the schedule How often Specify how often the schedule will be applied Once The sch...

Page 199: ...authorization and accounting which is widely used by Internet service providers It is the most common method of authenticating and authorizing dial up and tunneled network users The built in RADIUS client feature enables the router to assist the remote dial in user or a wireless station and the RADIUS server in performing mutual authentication It enables centralized remote access authentication fo...

Page 200: ...Messenger to allow full use of the voice video and messaging features Enable UPNP Service Accordingly you can enable either the Connection Control Service or Connection Status Service After setting Enable UPNP Service setting an icon of IP Broadband Connection on Router on Windows XP Network Connections will appear The connection status and control status will be able to be activated The NAT Trave...

Page 201: ...ction on your network may incur some security threats You should consider carefully these risks before activating the UPnP function Some Microsoft operating systems have found out the UPnP weaknesses and hence you need to ensure that you have applied the latest service packs and patches Non privileged users can control some router functions including removing and adding port mappings The UPnP func...

Page 202: ...IGMP Snooping Check this box to enable this function Multicast traffic will be forwarded to ports that have members of that group Disabling IGMP snooping will make multicast traffic treated in the same manner as broadcast traffic Group ID This field displays the ID port for the multicast group The available range for IGMP starts from 224 0 0 0 to 239 255 255 254 P1 to P4 It indicates the LAN port ...

Page 203: ...le on the BIOS setting Wake by Two types provide for you to wake up the binded IP If you choose Wake by MAC Address you have to type the correct MAC address of the host in MAC Address boxes If you choose Wake by IP Address you have to choose the correct IP address IP Address The IP addresses that have been configured in Firewall Bind IP to MAC will be shown in this drop down list Choose the IP add...

Page 204: ...s the properties of a point to point private link Below shows the menu items for VPN and Remote Access 4 4 9 9 1 1 R Re em mo ot te e A Ac cc ce es ss s C Co on nt tr ro ol l Enable the necessary VPN service as you need If you intend to run a VPN server inside your LAN you should disable the VPN service of Vigor Router to allow VPN tunnel pass through as well as the appropriate NAT settings such a...

Page 205: ...hat the router will use the MPPE encryption scheme with maximum bits 128 bit to encrypt the data Mutual Authentication PAP The Mutual Authentication function is mainly used to communicate with other routers or clients who need bi directional authentication in order to provide stronger security for example Cisco routers So you should enable this function when your peer router requires mutual authen...

Page 206: ...ansmitted along with packets On the receiving side the peer will perform the same one way hash on the packet and compare the value with the one in the AH it receives Encapsulating Security Payload ESP is a security protocol that provides data confidentiality and protection with optional authentication and replay detection service IKE Authentication Method This usually applies to those are remote d...

Page 207: ...rovides 32 entries of digital certificates for peer dial in users Set to Factory Default Click it to clear all indexes Index Click the number below Index to access into the setting page of IPSec Peer Identity Name Display the profile name of that index Click each index to edit one peer digital certificate There are three security levels of digital signature authentication Fill each necessary field...

Page 208: ...e to accept the peer with matching value The field can be IP Address Domain or E mail Address The box under the Type will appear according to the type you select and ask you to fill in corresponding setting Accept Subject Name Click to check the specific fields of digital signature to accept the peer with matching value The field includes Country C State ST Location L Organization O Organization U...

Page 209: ...lt in RADIUS client function The following figure shows the summary table Set to Factory Default Click to clear all indexes Index Click the number below Index to access into the setting page of Remote Dial in User User Display the username for the specific dial in user of the LAN to LAN profile The symbol represents that the profile is empty Status Display the access state of the specific dial in ...

Page 210: ... make a L2TP VPN connection through the Internet You can select to use L2TP alone or with IPSec Select from below None Do not apply the IPSec policy Accordingly the VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection Nice to Have Apply the IPSec policy first if it is applicable during negotiation Otherwise the dial in VPN connection becomes one pure L2TP...

Page 211: ...e The only exception is Digital Signature X 509 can be set when you select IPSec tunnel either with or without specify the IP address of the remote node Pre Shared Key Check the box of Pre Shared Key to invoke this function and type in the required characters 1 63 as the pre shared key Digital Signature X 509 Check the box of Digital Signature to invoke this function and Select one predefined Prof...

Page 212: ...aneously The following figure shows the summary table Set to Factory Default Click to clear all indexes Name Indicate the name of the LAN to LAN profile The symbol represents that the profile is empty Status Indicate the status of individual profiles The symbol V and X represent the profile to be active and inactive respectively Click each index to edit each profile and you will get the following ...

Page 213: ...red between the hosts on both sides of VPN Tunnel in connecting such function can block data transmission of Netbios Naming Packet inside the tunnel Multicast via VPN Some programs might send multicast packets via VPN connection Pass Click this button to let multicast packets pass through the router Block This is default setting Click this button to let multicast packets be blocked by the router C...

Page 214: ... existence of this VPN connection and react accordingly This is independent of DPD dead peer detection Type of Server I am calling PPTP Build a PPTP VPN connection to the server through the Internet You should set the identity like User Name and Password below for the authentication of remote server IPSec Tunnel Build an IPSec VPN connection to the server through Internet L2TP with IPSec Policy Bu...

Page 215: ...A 1 authentication algorithm 3DES without Authentication Use triple DES encryption algorithm and not apply any authentication scheme 3DES with Authentication Use triple DES encryption algorithm and apply MD5 or SHA 1 authentication algorithm AES without Authentication Use AES encryption algorithm and not apply any authentication scheme AES with Authentication Use AES encryption algorithm and apply...

Page 216: ... 28800 seconds You may specify a value in between 900 and 86400 seconds IKE phase 2 key lifetime For security reason the lifetime of key should be defined The default value is 3600 seconds You may specify a value in between 600 and 86400 seconds Perfect Forward Secret PFS The IKE Phase 1 key will be reused to avoid the computation complexity in phase 2 The default value is inactive this function L...

Page 217: ...in the general settings User Name This field is applicable when you select PPTP or L2TP with or without IPSec policy above Password This field is applicable when you select PPTP or L2TP with or without IPSec policy above VJ Compression VJ Compression is used for TCP IP protocol header compression This field is applicable when you select PPTP or L2TP with or without IPSec policy above IKE Authentic...

Page 218: ...not select PPTP or L2TP Remote Network IP Remote Network Mask Add a static route to direct all traffic destined to this Remote Network IP Address Remote Network Mask through the VPN connection For IPSec this is the destination clients IDs of phase 2 quick mode Local Network IP Local Network Mask Display the local network IP and mask for TCP IP configuration You can modify the settings if required ...

Page 219: ...nnections You may disconnect any VPN connection by clicking Drop button You may also aggressively Dial out by using Dial out Tool and clicking Dial button Dial Click this button to execute dial out function Refresh Seconds Choose the time for refresh the dial information among 5 10 and 30 Refresh Click this button to refresh the whole connection status ...

Page 220: ...9 Any entity wants to utilize digital certificates should first request a certificate issued by a CA server It should also retrieve certificates of other trusted CA servers so it can authenticate the peer with certificates issued by those trusted CA servers Here you can manage generate and manage the local digital certificates and set trusted CA certificates Remember to adjust the time of Vigor ro...

Page 221: ...the window requests Then click Generate again Import Click this button to import a saved file as the certification information Refresh Click this button to refresh the information listed below View Click this button to view the detailed settings for certificate request ...

Page 222: ...lick IMPORT to open the following window Use Browse to find out the saved text file Then click Import The one you imported will be listed on the Trusted CA Certificate window Then click Import to use the pre saved file For viewing each trusted CA certificate click View to open the certificate detail information window If you want to delete a CA certificate choose the one and click Delete to remove...

Page 223: ...rted SIP is an end to end signaling protocol that establishes user presence and mobility in VoIP structure Every one who wants to talk using his her SIP Uniform Resource Identifier SIP Address The standard format of SIP URI is sip user password host port Some fields may be optional in different use In general host refers to a domain The userinfo includes the user field the password field and the s...

Page 224: ...ead of that you will only have to using dial plan or directly dial your friend s account name if you are with the same SIP Registrar z Peer to Peer Before calling you have to know your friend s IP Address The Vigor VoIP Routers will build connection between each other Our Vigor V models firstly apply efficient codecs designed to make the best use of available bandwidth but Vigor V models also equi...

Page 225: ...for dialplan settings P Ph ho on ne e B Bo oo ok k In this section you can set your VoIP contacts in the phonebook It can help you to make calls quickly and easily by using speed dial Phone Number There are total 60 index entries in the phonebook for you to store all your friends and family members SIP addresses Loop through and Backup Phone Number will be displayed if you are using Vigor 2710Vn V...

Page 226: ...egistrar servers If caller and callee do not use the same SIP server sometimes the VoIP phone call connection may not succeed By using the specified dial out account the successful connection can be assured Loop through The selection should be as the following Backup Phone Number When the VoIP phone is obstructs or the Internet breaks down for some reasons the backup phone will be dialed out to re...

Page 227: ...dded with the prefix number for calling out through the specific VoIP interface Strip When you choose this mode the OP number will be deleted by the prefix number for calling out through the specific VoIP interface Take the above picture Prefix Table Setup web page as an example the OP number of 886 will be deleted completely for the prefix number is set with 886 Replace When you choose this mode ...

Page 228: ...b page as an example if the dial number is between 7 and 9 that number can apply the prefix number settings here Max Len Set the maximum length of the dial number for applying the prefix number settings Route Choose the one that you want to enable the prefix number settings from the saved SIP accounts Please set up one SIP account first to make this interface available C Ca al ll l B Ba ar rr ri i...

Page 229: ...eans all the phone calls will be blocked with such mechanism Index 1 15 in Schedule Enter the index of schedule profiles to control the call barring according to the preconfigured schedules Refer to section Application Schedule for detailed configuration Additionally you can set advanced settings for call barring such as Block Anonymous Block Unknown Domain or Block IP Address Simply click the rel...

Page 230: ...de 218 Web page for Vigor2710VDn For Block Unknown Domain this function can block incoming calls through Phone port from unrecognized domain that is not specified in SIP accounts Web page for Vigor2710Vn Web page for Vigor2710VDn ...

Page 231: ...Vigor2710 Series User s Guide 219 For Block IP Address this function can block incoming calls through Phone port coming from IP address Web page for Vigor2710Vn Web page for Vigor2710DVn ...

Page 232: ...ed in this field to call the previous outgoing phone call again Call Forward All Act Dial the number typed in this field to forward all the incoming calls to the specified place Call Forward Deact Dial the number typed in this field to release the call forward function Call Forward Busy Act Dial the number typed in this field to forward all the incoming calls to the specified place while the phone...

Page 233: ...Dial the number typed in this field to block all the incoming calls from IP address Block IP Calls Deact Dial the number typed in this field to release this function Block Last Calls Act Dial the number typed in this field to block the last incoming phone call P PS ST TN N S Se et tu up p Some emergency phone e g 911 or special phone cannot be dialed out by using VoIP and can be called out through...

Page 234: ... Proxy and Domain name The last three might be the same in some case Then you can tell your folks your SIP Address as in Account Name Domain name As Vigor VoIP Router is turned on it will first register with Registrar using AuthorizationUser Domain Realm After that your call will be bypassed by SIP Proxy to the destination using AccountName Domain Realm as identity SIP Accounts Web Page for Vigor2...

Page 235: ... the selected Codec of this account Ring Port Specify which port will ring when receiving a phone call Status Show the status for the corresponding SIP account R means such account is registered on SIP server successfully means the account is failed to register on SIP server STUN Server Type in the IP address or domain of the STUN server External IP Type in the gateway IP address SIP PING interval...

Page 236: ...unction without registering For such server please check the box of Call without registration Choosing Auto is recommended SIP Port Set the port number for sending receiving SIP message for building a session The default value is 5060 Your peer must set the same value in his her Registrar Domain Realm Set the domain name or IP address of the SIP Registrar server Proxy Set domain name or IP address...

Page 237: ...t by other device you have to set this function for your necessity None Disable this function Stun Choose this option if there is Stun server provided for your router Manual Choose this option if you want to specify an external IP address as the NAT transversal support Nortel If the soft switch that you use supports Nortel solution you can choose this option Ring Port Set Phone or DECT as the defa...

Page 238: ...ained in a single packet The default value is 20 ms which means the data packet will contain 20 ms voice information Voice Active Detector This function can detect if the voice on both sides is active or not If not the router will do something to save the bandwidth for other using Click On to invoke this function click Off to close the function ...

Page 239: ...it changes slightly according to different model you have Phone Settings Web Page for Vigor2710 Vn Phone Settings Web Page for Vigor2710 VDn Phone List Port Phone Phone1 Phone2 allow you to set general settings for PSTN phones DECT1 6 allow you to set general settings for DECT phone Call Feature A brief description for call feature will be shown in this field for your reference ...

Page 240: ...of Phone Index Disable Port Phone If Phone port is disabled Phone could not be used anymore However its DSP resource could be used by DECT and DECT could dial 4 VoIP calls at the same time Otherwise DECT could only dial 3 VoIP calls at the same time RTP Symmetric RTP Check this box to invoke the function To make the data transmission going through on both ends of local router and remote router not...

Page 241: ... DECT port you can access into the following page for configuring Phone settings Phone Port Web Page for Vigor2710 Vn DECT Port Web Page for Vigor2710 VDn Hotline Check the box to enable it Type in the SIP URL in the field for dialing automatically when you pick up the phone set Session Timer Check the box to enable the function In the limited time that ...

Page 242: ...g the period the one who dial in will listen busy tone yet the local user will not listen any ring tone Index 1 15 in Schedule Enter the index of schedule profiles to control the call barring according to the preconfigured schedules Refer to section Application Schedule for detailed configuration Index 1 60 in Phone Book Enter the index of phone book profiles Refer to section VoIP DialPlan Phone B...

Page 243: ...ne settings and caller ID type automatically Or you can adjust tone settings manually if you choose User Defined TOn1 TOff1 TOn2 and TOff2 mean the cadence of the tone pattern TOn1 and TOn2 represent sound on TOff1 and TOff2 represent the sound off Region Select the proper region which you are located The common settings of Caller ID Type Dial tone Ringing tone Busy tone and Congestion tone will b...

Page 244: ...g tone It is recommended for you to use the default setting Notice that such setting is not available for DECT phone port DTMF DTMF Mode There are four DTMF modes for you to choose InBand Choose this one then the Vigor will send the DTMF tone as audio directly when you press the keypad on the phone OutBand Choose this one then the Vigor will capture the keypad number you pressed and transform it t...

Page 245: ...Vigor2710 Series User s Guide 233 Payload Type rfc2833 Choose a number from 96 to 127 the default value was 101 This setting is available for the OutBand RFC2833 mode ...

Page 246: ...dset you would see F07_CALL_RECEIVED PCM Channel This field can distinguish which PCM channel is used by the handset 255 default setting means it is idle and voice data is not transferred through any PCM channel Deregister Handset If your handset has registered to the router you could use this button to deregister it from router Wideband Voice Check this box to enable the function to avoid hearing...

Page 247: ...itate 4 simultaneous wireless audio connections and 6 phone registeration 1 Open VoIP DECT Note DECT menu will appear if DECT module is detected 2 In the web page please click Enable Registration Mode and wait for DECT handset to register 3 When the registration is finished open VoIP SIP Accounts The Registered DECT phone will be available for you to choose Choose the one you need ...

Page 248: ...P Status Information for the active DECT phone will be shown as follows 5 When registering with DECT phone you will be asked to type access code The default setting in Vigor2710VDn is 1234 Please open VoIP Phone Settings to modify it if required ...

Page 249: ...Vigor2710 Series User s Guide 237 The following diagram shows the brief construction of DECT phone handset and Vigor router ...

Page 250: ... s From this page you can find codec connection and other important call status for each port For Vigor2710 Vn For Vigor2710 VDn Refresh Seconds Specify the interval of refresh time to obtain the latest VoIP calling information The information will update immediately ...

Page 251: ...x Losts Total number of lost packets during this connection session Rx Jitter The jitter of received voice packets In Calls Accumulation for the times of in call Out Calls Accumulation for the times of out call Miss Calls Accumulation for the times of missing call Speaker Gain The volume of present call Log Display logs of VoIP calls 4 4 1 12 2 W Wi ir re el le es ss s L LA AN N This function is u...

Page 252: ...network including its SSID as identification located channel etc S Se ec cu ur ri it ty y O Ov ve er rv vi ie ew w Real time Hardware Encryption Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest protection to your data without influencing user experience Complete Security Standard Selection To ensure the security and privacy of your wireless communication w...

Page 253: ...eparate the Wireless and the Wired LAN WLAN Isolation enables you to isolate your wireless LAN from wired LAN for either quarantine or limit access reasons To isolate means neither of the parties can access each other To elaborate an example for business use you may set up a wireless LAN for visitors only so they can connect to Internet without hassle of the confidential information leakage For a ...

Page 254: ...at you could configure the SSID and the wireless channel Please refer to the following figure for more information Enable Wireless LAN Check the box to enable wireless function Mode At present the router can connect to Mixed 11b 11g 11g Only 11b Only Mixed 11g 11n 11n Only and Mixed 11b 11g 11n stations simultaneously Simply choose Mix 11b 11g 11n mode ...

Page 255: ... change it Isolate LAN Check this box to make the wireless clients stations with the same SSID cannot access wired PCs on LAN Member Check this box to make the wireless clients stations with the same SSID not accessing for each other VPN Check this box to isolate the wireless clients with remote dial in and LAN to LAN VPN Channel Means the channel of frequency of the wireless LAN The default chann...

Page 256: ...unction Therefore you can use and install it into your PC for matching with Packet OVERDRIVE refer to the following picture of Vigor N61 wireless utility window choose Enable for TxBURST on the tab of Option Rate Control It controls the data transmission rate through wireless connection Upload Check Enable and type the transmitting rate for data upload Default value is 30 000 kbps Download Type th...

Page 257: ...ode There are several modes provided for you to choose Disable Turn off the encryption mechanism WEP Accepts only WEP clients and the encryption key should be entered in WEP Key WPA PSK Accepts only WPA clients and the encryption key should be entered in PSK WPA2 PSK Accepts only WPA2 clients and the encryption key should be entered in PSK Mixed WPA WPA2 PSK Accepts WPA and WPA2 clients simultaneo...

Page 258: ...D All wireless devices must support the same WEP encryption bit size and have the same key Four keys can be entered here but only one key can be selected at a time The keys can be entered in ASCII or Hexadecimal Check the key you wish to use 4 4 1 12 2 4 4 A Ac cc ce es ss s C Co on nt tr ro ol l In the Access Control the router may restrict wireless access to certain wireless clients only by lock...

Page 259: ...before Client s MAC Address Manually enter the MAC address of wireless client Apply SSID After entering the client s MAC address check the box of the SSIDs desired to insert this MAC address into their access control list Attribute s Isolate the station from LAN select to isolate the wireless connection of the wireless client of the MAC address from LAN Add Add a new MAC address into the list Dele...

Page 260: ... setup a wireless client every time He she only needs to press a button on wireless client and WPS will connect for client and router automatically There are two methods to do network connection through WPS between AP and Stations pressing the Start PBC button or using PIN Code z On the side of Vigor 2710 series which served as an AP press WPS button once on the front panel of the router or click ...

Page 261: ... go back Wireless LAN Security to choose WPA PSK or WPA2 PSK mode and access WPS again Below shows Wireless LAN WPS web page Enable WPS Check this box to enable WPS setting WPS Status Display related system information for WPS If the wireless security encryption function of the router is properly configured you can see Configured message here SSID Display the SSID1 of the router WPS is supported b...

Page 262: ... Please input the PIN code specified in wireless client you wish to connect and click Start PIN button The WPS LED on the router will blink fast when WPS is in progress It will return to normal condition after two minutes You need to setup WPS within two minutes 4 4 1 12 2 6 6 W WD DS S WDS means Wireless Distribution System It is a protocol for connecting two access points AP wirelessly Usually i...

Page 263: ...er peer AP through WDS links Yet in Bridge mode packets received from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the following examples hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links However hosts connected to Bridge 1 CANNOT communicate with hosts c...

Page 264: ...WDS from Wireless LAN menu The following page will be shown Mode Choose the mode for WDS setting Disable mode will not invoke any WDS setting Bridge mode is designed to fulfill the first type of application Repeater mode is for the second one ...

Page 265: ...peer MAC address in these fields Four peer MAC addresses are allowed to be entered in this page at one time Yet please disable the unused link to get better performance If you want to invoke the peer MAC address remember to check Enable box in the front of the MAC address after typing Repeater If you choose Repeater as the connecting mode please type in the peer MAC address in these fields Four pe...

Page 266: ...ive digital data If you choose auto as guard interval the AP router will choose short guard interval increasing the wireless performance or long guard interval for data transmit based on the station capability Aggregation MSDU Aggregation MSDU can combine frames with different sizes It is used for improving MAC layer s performance for some brand s clients The default setting is Enable 4 4 1 12 2 8...

Page 267: ...ecify the value ranging from 1 to 15 Be aware that CWMax value must be greater than CWMin or equals to CWMin value Both values will influence the time delay for WMM accessing categories The difference between AC_VI and AC_VO categories must be smaller however the difference between AC_BE and AC_BK categories must be greater Txop It means transmission opportunity For WMM categories of AC_VI and AC_...

Page 268: ... all regulatory channels and find working APs in the neighborhood Based on the scanning result users will know which channel is clean for usage Also it can be used to facilitate finding an AP for a WDS link Notice that during the scanning process about 5 seconds no client is allowed to connect to Vigor This page is used to scan the existence of the APs on the wireless LAN Yet only the AP which is ...

Page 269: ...ater field of WDS settings page 4 4 1 12 2 1 10 0 S St ta at ti io on n L Li is st t Station List provides the knowledge of connecting wireless clients now along with its status code There is a code summary below for explanation For convenient Access Control you can select a WLAN station and click Add to Access Control below Refresh Click this button to refresh the status of station list Add Click...

Page 270: ...t ti in ng gs s This page will determine the number of concurrent FTP connection and default charset for FTP server At present the Vigor router can support USB disk with versions of FAT16 and FAT32 only Therefore before connecting the USB disk into the Vigor router please make sure the memory format for the USB disk is FAT16 or FAT32 It is recommended for you to use FAT32 for viewing the filename ...

Page 271: ...B storage disk you have to specify a workgroup name and a host name A workgroup name must not be the same as the host name The workgroup name can have as many as 15 characters and the host name can have as many as 23 characters Both them cannot contain any of the following Workgroup Name Type a name for the workgroup Host Name Type the host name for the router 4 4 1 13 3 2 2 U US SB B U Us se er r...

Page 272: ...s reserved for FTP firmware upgrade usage Password Type the password for FTP users for accessing FTP server Later you can open FTP client software and type the password specified here for accessing into USB storage disk Confirm Password Type the password again to make confirmation Home Folder It determines the range for the client to access into The user can enter a directory name in this field Th...

Page 273: ...or accessing into USB disk must follow the rule specified here File Check the items Read Write and Delete for such profile Directory Check the items List Create and Remove for such profile Before you click OK you have to insert a USB disk into the USB interface of the Vigor router Otherwise you cannot save the configuration ...

Page 274: ...age disk connected on Vigor router Refresh Click this icon to refresh files list Back Click this icon to return to the upper directory Create Click this icon to add a new folder Current Path Display current folder Upload Click this button to upload the selected file to the USB storage disk The uploaded file in the USB storage disk can be shared for other user through FTP ...

Page 275: ...he USB disk with the router Write Protect Status If the USB cannot be written with any files this field will display YES Disk Capacity It displays the total capacity of the USB disk Free Capacity It displays the free space of the USB disk Click Refresh at any time to get new status for free capacity Service It displays the service that such USB disk will serve IP Address It displays the IP address...

Page 276: ...router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation Model Name Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build ADSL Firmware Version Display the ADSL firmware version ...

Page 277: ...Gateway Display the assigned IP address of the default gateway Wireless LAN MAC Address Display the MAC address of the wireless LAN Frequency Domain It can be Europe 13 usable channels USA 11 usable channels etc The available channels supported by the wireless products in different countries are various Firmware Version It indicates information about equipped WLAN miniPCi card This also helps to p...

Page 278: ...Auto Configuration Server you want to link Please refer to Auto Configuration Server user s manual for detailed information CPE Client Such information is useful for Auto Configuration Server Enable Disable Allow Deny the CPE Client to connect with Auto Configuration Server Port Sometimes port conflict might be occurred To solve such problem you might change port number for CPE Periodic Inform Set...

Page 279: ...ximum Keep Alive Period If STUN is enabled the CPE must send binding request to the server for the purpose of maintaining the binding in the Gateway Please type a number as the maximum period A value of 1 indicates that no maximum period is specified 4 4 1 14 4 3 3 A Ad dm mi in ni is st tr ra at to or r P Pa as ss sw wo or rd d This page allows you to set new password Old Password Type in the old...

Page 280: ...llow the steps below to backup your configuration 1 Go to System Maintenance Configuration Backup The following windows will be popped up as shown below 2 Click Backup button to get into the following dialog Click Save button to open another dialog for saving configuration as a file 3 In Save As dialog the default filename is config cfg You could give it another name by yourself ...

Page 281: ...on of Certificate R Re es st to or re e C Co on nf fi ig gu ur ra at ti io on n 1 Go to System Maintenance Configuration Backup The following windows will be popped up as shown below 2 Click Browse button to choose the correct configuration file for uploading to the router 3 Click Restore button and wait for few seconds the following picture will tell you that the restoration procedure is successf...

Page 282: ... for verify the mail address is available or not SMTP Server The IP address of the SMTP server SMTP Port Assign a port for the SMTP server Mail To Assign a mail address for sending mails out Return Path Assign a path for receiving the mail from outside Authentication Check this box to activate this function while using e mail application User Name Type the user name for authentication Password Typ...

Page 283: ...r time from the remote administrator PC host as router s system time Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Server IP Address Type the IP address of the time server Time Zone Select the time zone where the router is located Enable Daylight Saving Check the box to enable the daylight saving Such feature is available for certain ...

Page 284: ...e checkbox to reject all PING packets from the Internet For security issue this function is enabled by default Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed List IP Indicate an IP address allowed to login to the router Subnet Mask Represent a subnet mask allowed to login ...

Page 285: ...om System Maintenance to open the following page If you want to reboot the router using the current configuration check Using current configuration and click OK To reset the router settings to default values check Using factory default configuration and click OK The router will take 5 seconds to reboot the system In addition you can enter the index of schedule profiles to reboot your system accord...

Page 286: ...g an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Click OK The following screen will appear Please execute the firmware upgr...

Page 287: ...he mechanism for your computer Click System Maintenance Activation to open the following page for accessing http myvigor draytek com Activate via Interface Choose WAN interface used by such device for activating Web Content Filter Activate The Activate link brings you accessing into www vigorpro com to finish the activation of the account and the router Authentication Message As for authentication...

Page 288: ...cessing the server Status Display the mechanism adopted by such router Start Date Display the starting date of WCF license activated successfully Expire Date Display the ending date of WCF license activated successfully Activate Click this link to access into http myvigor draytek com for activating WCF function ...

Page 289: ... Diagnostics 4 4 1 15 5 1 1 D Di ia al l o ou ut t T Tr ri ig gg ge er r Click Diagnostics and click Dial out Trigger to open the web page The internet connection e g PPPoE PPPoA etc is triggered by a package sending from the source IP address Decoded Format It shows the source IP address local destination IP remote address the protocol and length of the package Refresh Click it to reload the page...

Page 290: ... reload the page 4 4 1 15 5 3 3 A AR RP P C Ca ac ch he e T Ta ab bl le e Click Diagnostics and click ARP Cache Table to view the content of the ARP Address Resolution Protocol cache held in the router The table shows a mapping between an Ethernet hardware address MAC Address and an IP address Refresh Click it to reload the page Clear Click it to clear the whole table ...

Page 291: ...IP Address It displays the IP address assigned by this router for specified PC MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it Leased Time It displays the leased time of the specified PC HOST ID It displays the host ID name of the specified PC Refresh Click it to reload the page 4 4 1 15 5 5 5 N NA AT T S Se es ss si io on ns s T Ta ab bl le e Clic...

Page 292: ...al of several seconds The IP address listed here is configured in Bandwidth Management You have to enable IP bandwidth limit and IP session limit before invoke Data Flow Monitor If not a notification dialog box will appear to remind you enabling it Click Diagnostics and click Data Flow Monitor to open the web page You can click IP Address TX rate RX rate or Session link for arranging the data disp...

Page 293: ... the IP address will be blocked in five minutes The remaining time will be shown on the session column Current Peak Speed Current means current transmission rate and receiving rate for WAN interface Peak means the highest peak value detected by the router in data transmission Speed means line speed specified in WAN General Setup If you do not specify any rate at that page here will display Auto fo...

Page 294: ...cal axis has different meanings For WAN1 Bandwidth chart the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past For Sessions chart the numbers displayed on vertical axis represent the numbers of the NAT sessions during the past ...

Page 295: ...Diagnosis to pen the web page Ping to Use the drop down list to choose the destination that you want to ping IP Address Type in the IP address of the Host IP that you want to ping Run Click this button to start the ping work The result will be displayed on the screen Clear Click this link to remove the result on the window ...

Page 296: ... result of route trace will be shown on the screen Protocol Use the drop down list to choose the protocol that you want to ping through Host IP Address It indicates the IP address of the host Run Click this button to start route tracing work Clear Click this link to remove the result on the window 4 4 1 16 6 P Pr ro od du uc ct t R Re eg gi is st tr ra at ti io on n When you click it you will be g...

Page 297: ...ording to the network structure as shown in the below illustration you may follow the steps to create a LAN to LAN profile These two networks LANs should NOT have the same network address Settings in Router A in headquarter 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then For using PPP based services such as PPTP L2TP you have t...

Page 298: ...ties may start the VPN connection 5 Set Dial Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial Out connection If a PPP based service is selected you should further specify the remote pee...

Page 299: ... connection If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above If a PPP based service is selected you should further specify the remote peer IP Address Username Password and VJ Compression for this Dial In co...

Page 300: ...er B in the remote office 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then for using PPP based services such as PPTP L2TP you have to set general settings in PPP General Setup For using IPSec based service such as IPSec or L2TP with IPSec Policy you have to set general settings in IPSec General Setup such as the pre shared key t...

Page 301: ...N connections because any one of the parties may start the VPN connection 5 Set Dial Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial Out method If an IPSec based service is selected you should further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial Out connection ...

Page 302: ...pression for this Dial Out connection 6 Set Dial In settings to as shown below to allow Router A dial in to build VPN connection If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above ...

Page 303: ...urther specify the remote peer IP Address Username Password and VJ Compression for this Dial In connection 7 At last set the remote network IP subnet in TCP IP Network Settings so that Router B can direct the packets destined to the remote network to Router A via the VPN connection ...

Page 304: ...e as shown in the below illustration you may follow the steps to create a Remote User Profile and install Smart VPN Client on the remote host Settings in VPN Router in the enterprise office 1 Go to VPN and Remote Access and select Remote Access Control to enable the necessary VPN service and click OK 2 Then for using PPP based services such as PPTP L2TP you have to set general settings in PPP Gene...

Page 305: ...tion If an IPSec based service is selected you may further specify the remote peer IP Address IKE Authentication Method and IPSec Security Method for this Dial In connection Otherwise it will apply the settings defined in IPSec General Setup above If a PPP based service is selected you should further specify the remote peer IP Address Username Password and VJ Compression for this Dial In connectio...

Page 306: ... complimentary software to help you create PPTP L2TP and L2TP over IPSec tunnel You can find it in CD ROM in the package or go to www draytek com download center Install as instructed 2 After successful installation for the first time user you should click on the Step 0 Configure button Reboot the host 3 In Step 2 Connect to VPN Server click Insert button to add a new entry If an IPSec based servi...

Page 307: ...P based service is selected you should further specify the remote VPN server IP address Username Password and encryption method The User Name and Password should be consistent with the one set up in the VPN router To use default gateway on remote network means that all the packets of remote host will be directed to VPN server then forwarded to Internet This will make the remote host seem to be wor...

Page 308: ...er sometimes works at home and takes care of children When working time he would use Vigor router at home to connect to the server in the headquarter office downtown via either HTTPS or VPN to check email and access internal database Meanwhile children may chat on Skype in the restroom 1 Go to Bandwidth Management Quality of Service 2 Click Setup link of WAN Make sure the QoS Control on the left c...

Page 309: ... Guide 297 3 Return to previous page Enter the Name of Index Class 1 by clicking Edit link Type the name E mail for Class 1 4 For this index the user will set reserved bandwidth e g 25 for E mail using protocol POP3 and SMTP ...

Page 310: ...etting reserved bandwidth ratio 7 Check Enable UDP Bandwidth Control on the bottom to prevent enormous UDP traffic of VoIP influent other application Click OK 8 If the worker has connected to the headquarter using host to host VPN tunnel Please refer to Chapter 3 VPN for detail instruction he may set up an index for it Enter the Class Name of Index 3 In this index he will set reserved bandwidth fo...

Page 311: ...299 9 Click Edit to open the following window Check the ACT box first 10 Then click Edit of Local Address to set a worker s subnet address Click Edit of Remote Address to set headquarter s IP address Leave other fields and click OK ...

Page 312: ...ivate IP address Subnet Mask is 192 168 1 1 255 255 255 0 The built in DHCP server is enabled so it assigns every local NATed host an IP address of 192 168 1 x starting from 192 168 1 10 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage To use another DHCP server in the network rather than the built in one of Vigor Router you have to change the setting...

Page 313: ...Vigor2710 Series User s Guide 301 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage ...

Page 314: ...gister via Auto SIP Port 5060 default Domain Realm draytel org Proxy draytel org Act as outbound proxy unhecked Display Name John Account Number Name 1234 Authentication ID unchecked Password Expiry Time use default value CODEC RTP DTMF Use default value John calls David He picks up the phone and dials 1111 DialPlan Phone Number for David Settings for David DialPlan index 1 Phone Number 2222 Displ...

Page 315: ...an index 1 Phone Number 1111 Display Name David SIP URL 4321 draytel org SIP Accounts Settings Profile Name draytel 1 Register via Auto SIP Port 5060 default Domain Realm draytel org Proxy draytel org Act as outbound proxy unchecked Display Name John Account Number Name 1234 Authentication ID unchecked Password Expiry Time use default value CODEC RTP DTMF Use default value John calls David He pick...

Page 316: ...t Name 5 5 5 5 2 2 P Pe ee er r t to o P Pe ee er r C Ca al ll li in ng g Example 3 Arnor and Paulin have Vigor routers respectively they can call each other without SIP Registrar First they must have each other s IP address and assign an Account Name for the port used for calling Arnor s SIP URL 1234 214 61 172 53 Paulin s SIP URL 4321 203 69 175 24 Settings for Arnor DialPlan index 1 Phone Numbe...

Page 317: ...n ID unchecked Password blank Expiry Time use default value CODEC RTP DTMF Use default value Paulin calls Arnor He picks up the phone and dials 2222 DialPlan Phone Number for John 5 5 6 6 U Up pg gr ra ad de e F Fi ir rm mw wa ar re e f fo or r Y Yo ou ur r R Ro ou ut te er r Before upgrading your router firmware you need to install the Router Tools The Firmware Upgrade Utility is included in the ...

Page 318: ... will appear 6 Follow the onscreen instructions to install the tool Finally click Finish to end the installation 7 From the Start menu open Programs and choose Router Tools XXX Firmware Upgrade Utility 8 Type in your router IP usually 192 168 1 1 9 Click the button to the right side of Firmware file typing box Locate the files that you download from the company web sites You will find out two file...

Page 319: ...Vigor2710 Series User s Guide 307 custom settings to default settings Choose any one of them that you need 10 Click Send 11 Now the firmware update is finished ...

Page 320: ... 308 5 5 7 7 R Re eq qu ue es st t a a c ce er rt ti if fi ic ca at te e f fr ro om m a a C CA A s se er rv ve er r o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r 1 Go to Certificate Management and choose Local Certificate ...

Page 321: ...t Enter the information in the certificate request 3 Copy and save the X509 Local Certificate Requet as a text file and save it for later use 4 Connect to CA server via web browser Follow the instruction to submit the request Below we take a Windows 2000 CA server for example Select Request a Certificate ...

Page 322: ... file Select Router Offline request or IPSec Offline request below Then you have done the request and the server now issues you a certificate Select Base 64 encoded certificate and Download CA certificate Now you should get a certificate cer file and save it 5 Back to Vigor router go to Local Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router W...

Page 323: ...Vigor2710 Series User s Guide 311 and you will find the below window showing BEGINE CERTIFICATE 6 You may review the detail information of the certificate by clicking View button ...

Page 324: ... ti if fi ic ca at te e a an nd d S Se et t a as s T Tr ru us st te ed d o on n W Wi in nd do ow ws s C CA A S Se er rv ve er r 1 Use web browser connecting to the CA server that you would like to retrieve its CA certificate Click Retrive the CA certificate or certificate recoring list ...

Page 325: ...ed CA Certificate Click IMPORT button and browse the file to import the certificate cer file into Vigor router When finished click refresh and you will find the below illustration 4 You may review the detail information of the certificate by clicking View button Note Before setting certificate configuration please go to System Maintenance Time and Date to reset current time of the router first ...

Page 326: ...rer If it is necessary for you to delete copy files on the device or write paste files to the devcie it must be done through SAMBA server or FTP server Samba service is based on the original USB FTP service You will need to setup USB FTP first We would like to give brief instructions on USB FTP setup here 1 Plug the USB device to the USB port on the router Make sure Disk Connected appears on the C...

Page 327: ...B User Management Click Enable to enable FTP Samba User account Here we add a new account user1 and assign authorities Read Write and List to it Click OK to save the configuration 4 Make sure the FTP service is running properly Please open a browser and type ftp 192 168 1 1 Use the account user1 to login ...

Page 328: ...SB Application USB Disk Status The information for FTP server will be shown as below 7 Now users in LAN of Vigor2710 can access into the USB storage device by typing ftp 192 168 1 1 on any browser They can add or remove files directories depending on the Access Rule for FTP account settings in USB Application USB User Management ...

Page 329: ...cking to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer for advanced help 6 6 1 1 C Ch he ec ck ki in ng g I If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable ...

Page 330: ...ter trying the above section if the link is stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s The example is based on Windows XP As to the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Go to Control Panel and then double click on Network Connections 2...

Page 331: ...matically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 332: ...outer correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address set...

Page 333: ...gs s a ar re e O OK K o or r N No ot t Click Internet Access group and then check whether the ISP settings are set correctly F Fo or r P PP PP Po oE E P PP PP Po oA A U Us se er rs s 1 Check if the Enable option is selected 2 Check if Username and Password are entered with correct values that you got from your ISP ...

Page 334: ...th the values from your ISP if you choose Specify an IP address 6 6 5 5 B Ba ac ck ki in ng g t to o F Fa ac ct to or ry y D De ef fa au ul lt t S Se et tt ti in ng g I If f N Ne ec ce es ss sa ar ry y Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by software or hardware Warning After pressing factory default setting you will loose all se...

Page 335: ...Factory Reset button and hold for more than 5 seconds When you see the ACT LED blinks rapidly please release the button Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request 6 6 6 6 C Co on nt ta ac ct ti in ng g Y Yo ou ur r D De ea al le er r If the router still cannot...

Reviews:

No comments

Related manuals for Vigor2710 Series

D-Link DSL-2740B Installation Manual preview
DSL-2740B
Brand: D-Link Pages: 10
G-Technology G-DRIVE ev ATC Product Manual preview
G-DRIVE ev ATC
Brand: G-Technology Pages: 35
Patton electronics 2888 Getting Started Manual preview
2888
Brand: Patton electronics Pages: 51
Direct IP IDIS DR-1304P Operation Manual preview
IDIS DR-1304P
Brand: Direct IP Pages: 76
Allied Telesis AT-8000C Declaration Of Conformity preview
AT-8000C
Brand: Allied Telesis Pages: 1
Kontron 50099 067 User Manual preview
50099 067
Brand: Kontron Pages: 42
Paradyne Hotwire 8343 Installation Instructions Manual preview
Hotwire 8343
Brand: Paradyne Pages: 6
Delta Electronics LonWorks Communication Module LN-01 Instruction Sheet preview
LonWorks Communication Module LN-01
Brand: Delta Electronics Pages: 1
T-COM Sinus 154 data II Quick Start Manual preview
Sinus 154 data II
Brand: T-COM Pages: 12
Federal Signal Corporation AR2000-M Installation And Maintenance Manual preview
AR2000-M
Brand: Federal Signal Corporation Pages: 49
Dataprobe iBoot Instruction Manual preview
iBoot
Brand: Dataprobe Pages: 16
Airlinkplus ASW224 User Manual preview
ASW224
Brand: Airlinkplus Pages: 20
Rosco ND100 User Manual preview
ND100
Brand: Rosco Pages: 20
GSA Bolide BN-NVR/NX User Manual preview
Bolide BN-NVR/NX
Brand: GSA Pages: 101
RadioSPECTRAL ICOM IC-7300 Installation Manual preview
ICOM IC-7300
Brand: RadioSPECTRAL Pages: 2
Patton ipRocketLink 3101 Series Getting Started Manual preview
ipRocketLink 3101 Series
Brand: Patton Pages: 119
Xtatix XCA-PDSI User Manual preview
XCA-PDSI
Brand: Xtatix Pages: 12
Paradyne JetFusion 2004 User Manual preview
JetFusion 2004
Brand: Paradyne Pages: 216

Brands by name

Popular brands

Load more brands