Draytek Vigor 3220 SERIES Скачать руководство пользователя страница 59 | Manualshive

Страница: 59 / 708

background image

Vigor2832 Series User’s Guide

47

I

I

-

-

8

8

R

R

e

e

g

g

i

i

s

s

t

t

e

e

r

r

i

i

n

n

g

g

V

V

i

i

g

g

o

o

r

r

R

R

o

o

u

u

t

t

e

e

r

r

You have finished the configuration of Quick Start Wizard and you can surf the Internet at any
time. Now it is the time to register your Vigor router to MyVigor website for getting more
service. Please follow the steps below to finish the router registration.

1

Please login the web configuration interface of Vigor router by typing “admin/admin” as
User Name / Password.

2

Click Support Area>>Production Registration from the home page.

3

A Login page will be shown on the screen. Please type the account and password that

you created previously. And click Login.

«
...
57
58
59
60
61
...
»

Содержание Vigor 3220 SERIES

Страница 1: ......

Страница 2: ...Vigor2832 Series User s Guide ii Vigor2832 Series ADSL2 2 Security Firewall User s Guide Version 1 1 Firmware Version V3 8 3 1 For future update please visit DrayTek web site Date April 19 2016...

Страница 3: ...arrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep yo...

Страница 4: ...ovide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance...

Страница 5: ...USB 42 I 7 Service Activation Wizard 44 I 8 Registering Vigor Router 47 Part II Connectivity 51 II 1 WAN 52 Web User Interface 54 II 1 1 General Setup 54 II 1 1 1 WAN1 ADSL VDSL 55 II 1 1 2 WAN2 Ether...

Страница 6: ...t TCP IP and DHCP Setup 114 II 2 1 2 Details Page for LAN1 LAN4 IPv6 Setup 116 II 2 1 3 Details Page for LAN2 LAN4 119 II 2 1 4 Details Page for IP Routed Subnet 120 II 2 2 VLAN 122 II 2 3 Bind IP to...

Страница 7: ...Balance for Packets 193 Part III Wireless LAN 195 III 1 Wireless LAN 196 Web User Interface 199 III 1 1 Wireless Wizard 199 III 1 2 General Setup 202 III 1 3 Security 204 III 1 4 Access Control 206 II...

Страница 8: ...all 288 Web User Interface 290 V 1 1 General Setup 290 V 1 2 Filter Setup 295 V 1 3 DoS Defense 304 Application Notes 308 A 1 How to Configure Certain Computers Accessing to Internet 308 V 2 CSM Centr...

Страница 9: ...4 VI 2 2 Bandwidth Limit 376 VI 2 3 Quality of Service 378 VI 2 4 APP QoS 385 Application Notes 387 A 1 How to Optimize the Bandwidth through QoS Technology 387 A 2 QoS Setting Example 392 VI 3 User M...

Страница 10: ...from USB storage device connecting to Vigor router 460 Part VIII Troubleshooting 464 VIII 1Diagnostics 465 Web User Interface 466 VIII 1 1 Dial out Triggering 466 VIII 1 2 Routing Table 467 VIII 1 3...

Страница 11: ...8 Contacting DrayTek 491 Appendix I VLAN Applications on Vigor Router 492 Part IX DrayTek Tools 500 X 1 SmartVPN Client 501 X 1 1 DrayTek Android based SmartVPN APP for the establishment of SSL VPN c...

Страница 12: ......

Страница 13: ...Vigor2832 Series User s Guide 1 P Pa ar rt t I I I In ns st ta al ll la at ti io on n This part will introduce Vigor router and guide to install the device in hardware and software...

Страница 14: ...P layer QoS NAT session bandwidth management to help users control works well with large bandwidth By adopting hardware based VPN platform and hardware encryption of AES DES 3DES the router increases...

Страница 15: ...outer is ready to access Internet through DSL link DSL Blinking Slowly The DSL connection is ready Quickly The connection is training On The VPN tunnel is active Off VPN services are disabled VPN Blin...

Страница 16: ...reless function is ready the green LED will be on WLAN Off Press the button and release it within 2 seconds to turn off the WLAN function When the wireless function is not ready the LED will be off WP...

Страница 17: ...n Ethernet cable RJ 45 to the LAN port of the router and the other end of the cable RJ 45 into the Ethernet port on your computer Or use a switch to connect Vigor router and computer s 3 Connect one e...

Страница 18: ...Cs connected this router can print documents via the router The example provided here is made based on Windows 7 For other Windows system please visit www DrayTek com Before using it please follow the...

Страница 19: ...ser s Guide 7 4 A dialog will appear Click Add a local printer and click Next 5 In this dialog choose Create a new port In the field of Type of port use the drop down list to select Standard TCP IP Po...

Страница 20: ...User s Guide 8 6 In the following dialog type 192 168 1 1 router s LAN IP in the field of Hostname or IP Address and type 192 168 1 1 as the Port name Then click Next 7 Click Standard and choose Gene...

Страница 21: ...your system will ask you to choose right name of the printer that you installed onto the router Such step can make correct driver loaded onto your PC When you finish the selection click Next 9 Type a...

Страница 22: ...Vigor2832 Series User s Guide 10 10 Choose Do not share this printer and click Next 11 Then in the following dialog click Finish...

Страница 23: ...uide 11 12 The new printer has been added and displayed under Printers and Faxes Click the new printer icon and click Printer server properties 13 Edit the property of the new printer you have added b...

Страница 24: ...Vigor2832 Series User s Guide 12 14 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and LPR name...

Страница 25: ...additional functions are not supported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support FAQ Application Notes find ou...

Страница 26: ...he same subnet as the default IP address of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and ty...

Страница 27: ...ferent slightly in accordance with the type of the router you have 5 The web page can be logged out according to the chosen condition The default setting is Auto Logout which means the web configurati...

Страница 28: ...e type admin admin as Username Password for accessing into the web user interface with admin mode 3 Go to System Maintenance page and choose Admin Setting 4 Enter the login password the default is adm...

Страница 29: ...Vigor2832 Series User s Guide 17 Info Even the password is changed the Username for logging onto the web user interface is still admin...

Страница 30: ...of the main page A web page with default selections will be displayed on the screen Refer to the following figure I I 5 5 1 1 V Vi ir rt tu ua al l P Pa an ne el l On the top of the Dashboard a virtua...

Страница 31: ...out the LED display refer to I 1 1 LED Indicators and Connectors I I 5 5 2 2 N Na am me e w wi it th h a a L Li in nk k A name with a link e g Router Name Current Time WAN1 4 and etc below means you c...

Страница 32: ...d under Quick Access The function links of System Status Dynamic DDNS TR 069 User Management IM P2P Block Schedule Syslog Mail Alert LDAP RADIUS Firewall Object Setting and Data Flow Monitor are displ...

Страница 33: ...indicates that the traffic would be transmitted through LAN port s and then the WAN port The purpose is to perform the traffic monitor of the host s I I 5 5 4 4 G GU UI I M Ma ap p All the functions t...

Страница 34: ...lnet command via DOS prompt The changes made by using web console have the same effects as modified through web user interface The functions settings modified under Web Console also can be reviewed on...

Страница 35: ...Config Backup icon It allows you to backup current settings as a file Such configuration file can be restored by using System Maintenance Configuration Backup Simply click the icon on the top of the...

Страница 36: ...e S St ta at tu us s I I 5 5 8 8 1 1 P Ph hy ys si ic ca al l C Co on nn ne ec ct ti io on n Such page displays the physical connection status such as LAN connection status WAN connection status ADSL...

Страница 37: ...ical connection VDSL ADSL Ethernet or USB of this interface Name Display the name of the router Mode Displays the type of WAN connection e g PPPoE Up Time Displays the total uptime of the interface IP...

Страница 38: ...n e g TSPC Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface Gateway IP Displays the IP address of the default gateway Info The words in green mean tha...

Страница 39: ...word After typing the password please click Next On the next page as shown below please select the WAN interface WAN 1 to WAN4 that you use If DSL interface is used please choose WAN1 if Ethernet inte...

Страница 40: ...Type the packet priority number for such VLAN The range is from 0 to 7 Please select the appropriate Internet access type according to the information from your ISP Click Next P PP PP Po oE E P PP PP...

Страница 41: ...omatically VCI Type in the value provided by ISP Fixed IP Click Yes to enable Fixed IP feature IP Address Type the IP address if Fixed IP is enabled Primary DNS Type in the primary IP address for the...

Страница 42: ...rd Type a valid password provided by the ISP Confirm Password Retype the password Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to gi...

Страница 43: ...ld is provided for ADSL only You have to choose encapsulation and type the values for VPI and VCI Or click Auto detect to find out the best values Fixed IP Click Yes to enable Fixed IP feature IP Addr...

Страница 44: ...Start Wizard Setup OK will appear Then the system status of this protocol will be shown 4 Now you can enjoy surfing on the Internet I I 6 6 2 2 F Fo or r W WA AN N2 2 E Et th he er rn ne et t WAN2 is...

Страница 45: ...E PPPoE stands for Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medi...

Страница 46: ...ser name provided by the ISP Note The maximum length of the user name you can set is 63 characters Password Assign a valid password provided by the ISP Note The maximum length of the password you can...

Страница 47: ...the Username Password provided by your ISP Click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol w...

Страница 48: ...ined as follows Item Description Username Assign a specific valid user name provided by the ISP The maximum length of the user name you can set is 63 characters Password Assign a valid password provid...

Страница 49: ...erver Type the IP address of the server Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 3 Please type...

Страница 50: ...ext to continue Available settings are explained as follows Item Description WAN IP Type the IP address Subnet Mask Type the subnet mask Gateway Type the IP address of gateway Primary DNS Type in the...

Страница 51: ...he IP address information originally provided by your ISP Then click Next for next step 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be...

Страница 52: ...ilable settings are explained as follows Item Description Host Name Type the name of the host Note The maximum length of the host name you can set is 39 characters MAC Some Cable service providers spe...

Страница 53: ...finished the settings above click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 N...

Страница 54: ...ription Internet Access Choose one of the selections as the protocol of accessing the internet 3G 4G USB Modem PPP mode SIM Pin code Type PIN code of the SIM card that will be used to access Internet...

Страница 55: ...to connect Internet with the mode specified here If you choose 4G 3G 2G as network mode the router will choose a suitable one according to the actual wireless signal automatically APN Name APN means...

Страница 56: ...tool which allows you to use trial version of WCF directly without accessing into the server MyVigor located on http myvigor draytek com For using Web Content Filter Profile please refer to later sect...

Страница 57: ...dwide There is a 30 day trial period After trial you can purchase DrayTek s prepared Commtouch GlobalView WCF package from retailing outlets BPjM is WCF for German Speaking users The fragfINN is white...

Страница 58: ...l be activated and applied as the default rule configured in Firewall General Setup 6 Now the web page will display the service that you have activated according to your selection s The valid time for...

Страница 59: ...register your Vigor router to MyVigor website for getting more service Please follow the steps below to finish the router registration 1 Please login the web configuration interface of Vigor router b...

Страница 60: ...section Creating an Account for MyVigor to create your own one Please read the articles on the Agreement regarding user rights carefully while creating a user account 4 The following page will be disp...

Страница 61: ...pup calendar it appears when you click on the box of Registration Date After adding the basic information for the router please click Submit 6 When the following page appears your router information h...

Страница 62: ...Vigor2832 Series User s Guide 50 This page is left blank...

Страница 63: ...f subnets regulated and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP When the data flow passing through the Network Address Trans...

Страница 64: ...private addresses and the packets will be delivered to the correct host PC in the local area network Thus all the host PCs can share a common Internet connection G Ge et t Y Yo ou ur r P Pu ub bl li...

Страница 65: ...still can be used and Load Balance can be done in the router Besides 3G 4G USB Modem in WAN3 WAN4 also can be used as backup device Therefore when WAN1 and WAN2 are not available the router will use 3...

Страница 66: ...s disabled If you want to enable it simply click the WAN2 link and select Yes in the field of Enable Available settings are explained as follows Item Description Load Balance Mode This option is avail...

Страница 67: ...hysical line is connected by ADSL automatically Therefore this page allows you to configure settings for ADSL at one time That is it is not necessary for you to configure different profile settings fo...

Страница 68: ...n to make the WAN1 connection being activated always Load Balance Check this box to enable auto load balance function for such WAN interface When the data traffic is large the WAN interface with the f...

Страница 69: ...de please type the line speed for downloading and uploading for such WAN interface The unit is kbps VLAN Tag insertion Enable Enable the function of VLAN with tag The router will add specific VLAN num...

Страница 70: ...ce by checking the WAN box After finished the above settings click OK to save the settings I II I 1 1 1 1 3 3 W WA AN N3 3 W WA AN N4 4 U US SB B To use 3G 4G network connection through 3G 4G USB Mode...

Страница 71: ...WAN interfaces in connection status Active When If you choose Failover as the Active Mode the option of Active When will appear Any of the selected WAN disconnect Such WAN connection will be activate...

Страница 72: ...Physical Mode for WAN interface the Access Mode for these connections also varies Refer to the following figures And And Available settings are explained as follows Item Description Index Display the...

Страница 73: ...ows you to configure DHCP client options DHCP packets can be processed by adding option number and data information when such function is enabled and configured Enable Check the box to enable the func...

Страница 74: ...by your ISP These settings configured here are specified for ADSL only Multi PVC channel The selections displayed here are determined by the page of Internet Access Multi PVCs Select M PVCs Channel m...

Страница 75: ...ugh ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection If you choose Ping Detect as the detection mode you have to type required settings for t...

Страница 76: ...c IP addresses other than the current one you are using Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address Default MAC Address You can use Default MA...

Страница 77: ...n Drop down the list to choose the type provided by ISP VPI Type in the value provided by ISP VCI Type in the value provided by ISP Modulation Default setting is Multimode Choose the one that fits the...

Страница 78: ...enabled When both Bridge Mode and Firewall check boxes are enabled the settings configured user profiles under User Management will be ignored And all of the filter rules defined and enabled in Firewa...

Страница 79: ...C Address Type in the MAC address for the router manually DNS Server IP Address Type in the primary IP address for the router If necessary type in secondary IP address for necessity in the future Afte...

Страница 80: ...ose Ping Detect as detection mode you also can enable this setting to use current WAN gateway IP address for pinging With the IP address es pinging Vigor router can check if the WAN connection is on o...

Страница 81: ...ag ge e f fo or r S St ta at ti ic c o or r D Dy yn na am mi ic c I IP P i in n E Et th he er re en ne et t W WA AN N For static IP mode you usually receive a fixed public IP address or a public subne...

Страница 82: ...terval Enter the interval for the system to execute the PING operation WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping...

Страница 83: ...he filter rules defined and enabled in Firewall menu will be activated Bridge Subnet Make a bridge between the selected LAN subnet and such WAN interface WAN IP Network Settings This group allows you...

Страница 84: ...t MAC Address Click this radio button to use default MAC address for the router Specify a MAC Address Some Cable service providers specify a specific MAC address for access authentication In such case...

Страница 85: ...ateway IP Address Specify the gateway IP address for DHCP server ISP Access Setup Username Type in the username provided by ISP in this field The maximum length of the user name you can set is 63 char...

Страница 86: ...tomatically Click this button to obtain the IP address automatically Specify an IP address Click this radio button to specify some data IP Address Type the IP address Subnet Mask Type the subnet mask...

Страница 87: ...haracters Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP The maximum length of the string you can set is...

Страница 88: ...7 D De et ta ai il ls s P Pa ag ge e f fo or r 3 3G G 4 4G G U US SB B M Mo od de em m D DH HC CP P m mo od de e i in n U US SB B W WA AN N To use 3G 4G USB Modem DHCP mode as the accessing protocol o...

Страница 89: ...u choose Ping Detect as detection mode you also can enable this setting to use current WAN gateway IP address for pinging With the IP address es pinging Vigor router can check if the WAN connection is...

Страница 90: ...xecute for WAN detection Always On means no detection will be executed The network connection will be on always Ping IP Hostname If you choose Ping Detect as detection mode you have to type IP address...

Страница 91: ...ent daemon RADVD the PC behind this router can directly connect to IPv6 the Internet Available settings are explained as follows Item Description Username Type the name obtained from the broker It is...

Страница 92: ...u to apply another username and password The maximum length of the name you can set is 19 characters Password Type the password assigned with the user name The maximum length of the password you can s...

Страница 93: ...ect Mode Choose Always On or Ping Detect for the system to execute for WAN detection Ping IP Hostname If you choose Ping Detect as detection mode you have to type IP address in this field for pinging...

Страница 94: ...the system will check if network connection is established or not like IPv4 ARP Detect Always On means no detection will be executed The network connection will be on always Ping IP Hostname If you ch...

Страница 95: ...WAN interface Available settings are explained as follows Item Description Static IPv6 Address Configuration IPv6 Address Type the IPv6 Static IP Address Prefix Length Type the fixed value for prefix...

Страница 96: ...Firewall check boxes are enabled the settings configured user profiles under User Management will be ignored And all of the filter rules defined and enabled in Firewall menu will be activated Bridge S...

Страница 97: ...ection is alive or not through Ping Detect Mode Choose Always On or Ping Detect for the system to execute for WAN detection Always On means no detection will be executed The network connection will be...

Страница 98: ...a given 6rd domain It may be any value between 0 and 32 6rd Prefix Type the 6rd IPv6 address 6rd Prefix Length Type the IPv6 prefix length for the 6rd IPv6 prefix in number of bits WAN Connection Dete...

Страница 99: ...Vigor2832 Series User s Guide 87...

Страница 100: ...the Internet Access web user interface and can not be configured here Channels 5 10 are configurable Enable Display whether the settings in this channel are enabled Yes or not No WAN Type Displays the...

Страница 101: ...n the value provided by your ISP Protocol Select a proper protocol for this channel Encapsulation Choose a proper type for this channel The types will be different according to the protocol setting th...

Страница 102: ...ick it to disable the configuration of this channel WAN Type The connections and interfaces created in every channel may select a specific WAN type to be built upon In the Multi PVC application only t...

Страница 103: ...be effective for Web configuration telnet TR069 IPTV The IPTV configuration will allow the WAN interface to send IGMP packets to IPTV servers WAN Connection Detection Such function is available only w...

Страница 104: ...If MPoA is selected you have to configure the settings listed under MPoA Obtain an IP address automatically Click this button to obtain the IP address automatically Router Name Type in the router nam...

Страница 105: ...ll Rate The default setting is 0 SCR It represents Sustainable Cell Rate The value of SCR must be smaller than PCR MBS It represents Maximum Burst Size The range of the value is 10 to 50 PVC to PVC Bi...

Страница 106: ...ttings are explained as follows Item Description Enable Check the box to enable such function Quota Limit Type the data traffic quota allowed for such WAN interface There are two unit MB and GB offere...

Страница 107: ...specify which day of today is in a cycle Cycle duration Specify the days to reset the traffic record For example 7 means the whole cycle is 7 days 20 means the whole cycle is 20 days When the time is...

Страница 108: ...Vigor2832 Series User s Guide 96 Administrator is selected Or the system will send out SMS message to the administrator if Send SMS messages to Administrator is selected...

Страница 109: ...for each other via existing IPv4 network environment The IPv6 packets will be encapsulated with the header of IPv4 first Later the packets will be transformed and judged by IPv4 router Once the packet...

Страница 110: ...upporting IPv6 service 2 In the following figure use the drop down list to choose a proper connection type Different connection types will bring out different configuration page Refer to the following...

Страница 111: ...e 99 Access into the setting page for IPv6 service it is not necessary for you to configure anything Click OK and open Online Status If the connection is successful you will get the IP address for IPv...

Страница 112: ...Vigor2832 Series User s Guide 100...

Страница 113: ...formation for TSPC service Info While using such mode you have to make sure the IPv4 network connection is normal In the following figure the TSPC information is obtained from http gogo6 com after app...

Страница 114: ...nfo While using such mode you have to make sure the IPv4 network connection is normal In the following figure the AICCU information is obtained from https www sixxs net main after applied for the serv...

Страница 115: ...Guide 103 DHCPv6 Client Choose DHCPv6 Client Click one of the identity associations and type the IAID number Click OK and open Online Status If the connection is successful the physical connection wi...

Страница 116: ...s User s Guide 104 Static IPv6 Choose Static IPv6 Type IPv6 address Prefix Length and Gateway Address Click OK and open Online Status If the connection is successful the physical connection will be sh...

Страница 117: ...Static Tunnel Choose 6in4 Static Tunnel Type remote endpoint IPv4 address 6in4 IPv6 Address LAN Routed Prefix and Tunnel TTL Click OK and open Online Status If the connection is successful the physic...

Страница 118: ...User s Guide 106 6rd Choose 6rd Type IPv4 Border Relay IPv4 Mask Length 6rd Prefix and 6rd Prefix Length Click OK and open Online Status If the connection is successful the physical connection will be...

Страница 119: ...outer s client get the IPv6 address 1 Access into the web user interface of Vigor2832 Open LAN General Setup Click the IPv6 button 2 In the field of DHCPv6 Server Configuration when DHCPv6 service is...

Страница 120: ...command of ipconfig Refer to the following figure From the above figure we can see IPv6 IP address has been captured by the system 2 Use the Ping command to ping any IPv6 address indicating an IPv6 w...

Страница 121: ...pe an URL of IPv6 e g www kame net If your computer accesses into the website by using IPv6 address you may see a turtle dancing on the screen If not only a steady turtle will be seen If you can see a...

Страница 122: ...the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address t...

Страница 123: ...St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simp...

Страница 124: ...e settings are explained as follows Item Description General Setup Allow to configure settings for each subnet respectively Index Display all of the LAN items Status Basically LAN1 status is enabled i...

Страница 125: ...can redirect clients to a secondary server specified in such field Option Number Type a number for such function DataType Choose the type ASCII or Hex or address list for the data to be stored Data Ty...

Страница 126: ...routers Default Enable activate the RIP protocol DHCP Server Configuration DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it...

Страница 127: ...ny IPs from this server anymore Therefore this feature is used to get the IP back from inactive clients i e doesn t use the IP but the server still reserves the IP for him DNS Server IP Address DNS st...

Страница 128: ...the following explanations for detailed information Below shows the settings page for IPv6 It provides 2 daemons for LAN side IPv6 address configuration One is SLAAC stateless and the other is DHCPv6...

Страница 129: ...assigned IP address from Vigor router via the following method SLAAC stateless The IP address with Prefix of the host shall be formed according to RA transmitted by Vigor router DHCPv6 stateful The I...

Страница 130: ...use Min Max Interval Time sec It defines the interval between minimum time and maximum time for sending RA Router Advertisement packets Default Lifetime sec Within such period of time Vigor2832 can b...

Страница 131: ...tically dispatch related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your...

Страница 132: ...ay 5 minutes the server still reserves 1 day for that client Because a DHCP server only has a limited number of IPs to lease to its DHCP clients soon enough all the IPs will be used out and then no on...

Страница 133: ...92 168 1 2 or greater but smaller than 192 168 1 254 IP Pool Counts Enter the maximum number of PCs that you want the DHCP server to assign IP addresses to The default is 50 and the maximum is 253 Lea...

Страница 134: ...can assign each of VLANs to each of the different IP subnets that the router may also be operating to provide even more isolation The said functionality is tag based multi subnet P Po or rt t B Ba as...

Страница 135: ...tagged device in P1 to access router It can help users to communicate with the router still even though configuring wrong VLAN tag setting It is recommended to enable the management port LAN 1 to ensu...

Страница 136: ...or departmental or multi occupancy applications Info As for the VLAN applications refer to Appendix I VLAN Application on Vigor Router for more detailed information I II I 2 2 3 3 B Bi in nd d I IP P...

Страница 137: ...IP and MAC will be displayed in this field Each pair of IP and MAC address listed in ARP table can be selected and added to IP Bind List by clicking Add below Select All Click this link to select all...

Страница 138: ...nd List Simply click and select the one and click Delete The selected item will be removed from the IP Bind List Backup Store the configuration for Bind IP to MAC as a file Restore Restore the previou...

Страница 139: ...ion Port Mirror Check Enable to activate this function Or check Disable to close this function Mirror Port Select a port to view traffic sent from mirrored ports Mirrored Tx Port Select which ports ar...

Страница 140: ...802 1x function Authentication Type Use the drop down list to choose which server External RADIUS or Local 802 1x will be used for authenticating LAN user 802 1x ports After enabling the function sim...

Страница 141: ...d web page through this router That is a company which wants to have an advertisement for its products to users can specify the URL in this page to reach its goal Each item is explained as follows Ite...

Страница 142: ...setup URL Redirect Any user who wants to access into Internet through this router will be redirected to the URL specified here first It is a useful method for the purpose of advertisement For example...

Страница 143: ...TP or HTTPS that corresponding web pages based on that protocol will be redirected Priority If User Management refer to VII 3 User Management mode and such web portal profile are configured and enable...

Страница 144: ...ic IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes Save cost on applying publ...

Страница 145: ...ss domain name are recognized by all users Since the server is actually located inside the LAN the network well protected by NAT of the router and identified by its private IP address port the goal of...

Страница 146: ...layer protocol TCP or UDP Public Port Display the port number which will be redirected to the specified Private IP and Port of the internal host Private IP Display the IP address of the internal host...

Страница 147: ...nd the second box as the ending port Private IP Specify the private IP address of the internal host providing the service If you choose Range as the port redirection mode you will see two boxes on thi...

Страница 148: ...b surfing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet w...

Страница 149: ...of all hosts in your LAN network Select one private IP address in the list to be the DMZ host When you have selected one private IP from the above dialog the IP address will be shown on the screen Cl...

Страница 150: ...then a window will automatically pop up as depicted below The window consists of a list of private IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ...

Страница 151: ...icular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network serv...

Страница 152: ...en WAN IP Alias is configured Private IP Enter the private IP address of the local host or click Choose PC to select one Choose IP Click this button and subsequently a window having a list of private...

Страница 153: ...tton is clicked and the configuration has taken effect open port keeps the ports opened forever Once the OK button is clicked and the configuration has taken effect port triggering will only attempt t...

Страница 154: ...he incoming data of such triggering profile Status Display if the rule is active or de active Click the index number link to open the configuration page Available settings are explained as follows Ite...

Страница 155: ...e the selected protocol Select the protocol TCP UDP or TCP UDP for the incoming data of such triggering profile Incoming Port Type the port or port range for the incoming packets After finishing all t...

Страница 156: ...ecified private IP address S Sc ch he ed du ul le e The Vigor router has a built in clock which can update itself manually or automatically by means of Network Time Protocols NTP As a result you can n...

Страница 157: ...uter is NAT Traversal This enables applications inside the firewall to automatically open the ports that they need to pass through a router W Wa ak ke e o on n L LA AN N A PC client on LAN can be woke...

Страница 158: ...function Set to Factory Default Clear all profiles and recover to factory settings View Log Display DDNS log status Force Update Force the router updates its information to DDNS server Auto Update int...

Страница 159: ...service type Dynamic Custom or Static If you choose Custom you can modify the domain that is chosen in the Domain Name field Domain Name Type in one domain name that you applied previously Use the dro...

Страница 160: ...Click OK button to activate the settings You will see your setting has been saved D Di is sa ab bl le e t th he e F Fu un nc ct ti io on n a an nd d C Cl le ea ar r a al ll l D Dy yn na am mi ic c D D...

Страница 161: ...side LAN you can specify specific private IP address es to correspondent servers Thus even the remote PC is adopting public DNS as the DNS server the LAN DNS resolution on Vigor2832 Series will respon...

Страница 162: ...ws Item Description Enable Check this box to enable such profile Profile Type a name for such profile Note If you type a name here for LAN DNS and click OK to save the configuration the name also will...

Страница 163: ...re LAN DNS settings click index 1 to edit the LAN DNS profile just created Or you can click index 2 to use this profile as conditional DNS forwarding Available settings are explained as follows Item D...

Страница 164: ...are explained as follows Item Description Enable Check the box to enable the DNS security management Interface There are four WAN interfaces allowed to be set with DNS security enabled Primary DNS Dis...

Страница 165: ...ngs are explained as follows Item Description Domain Type the domain name or IP address IPv4 IPv6 that you want to query Interface Specify the interface required for executing diagnose DNS Server Type...

Страница 166: ...lock to current time of your PC The clock will reset once if you power down or reset the router There is another way to set up time You can inquiry an NTP server a time server on the Internet to synch...

Страница 167: ...on demand and the value of idle timeout should be specified in Idle Timeout field Disable Dial On Demand Specify the connection to be up when it has traffic on the line Once there is no traffic over...

Страница 168: ...widely used by Internet service providers It is the most common method of authenticating and authorizing dial up and tunneled network users I II I 4 4 5 5 1 1 E Ex xt te er rn na al l R RA AD DI IU US...

Страница 169: ...e er rn na al l R RA AD DI IU US S Except for being a built in RADIUS client Vigor router also can be operated as a RADIUS server which performs security authentication by itself This page is used to...

Страница 170: ...ocess of security authentication user account and user password will be required for identity authentication Before configuring such page create at least one user profile in User Management User Profi...

Страница 171: ...er Destination Port The UDP port number that the TACACS server is using Shared Secret The TACACS server and client share a secret that is used to authenticate the messages sent between them Both sides...

Страница 172: ...blished by the work team of Internet Engineering Task Force IETF As the name described LDAP is designed as an effect way to access directory service without the complexity of other directory service p...

Страница 173: ...y For the regular mode you ll need to type in the Regular DN and Regular Password Server Address Enter the IP address of LDAP server Destination Port Type a port number as the destination port for LDA...

Страница 174: ...most LDAP server is cn Base Distinguished Name Group Distinguished Name Type or edit the distinguished name used to look up entries on the LDAP server Sometimes you may forget the Distinguished Name...

Страница 175: ...Control Service or Connection Status Service Default WAN It is used to specify the WAN interface for applying such function The reminder as regards concern about Firewall and UPnP Can t work with Fire...

Страница 176: ...In addition such function is available in NAT mode IGMP Snooping Check this box to enable this function Multicast traffic will be forwarded to ports that have members of that group Disabling IGMP sno...

Страница 177: ...able settings are explained as follows Item Description Wake by Two types provide for you to wake up the binded IP If you choose Wake by MAC Address you have to type the correct MAC address of the hos...

Страница 178: ...Item Description Index Check the box to enable such profile SMS Provider Use the drop down list to choose SMS service provider You can click SMS Provider link to define the SMS server Recipient Type t...

Страница 179: ...ew one with specified service provider Recipient Type the e mail address of the one who will receive the notification message Notify Profile Use the drop down list to choose a message profile The reci...

Страница 180: ...n e g IP setting If the host and user s computer have the plug in bonjour driver install they can utilize the service offered by the router by clicking the router name icon In short what the Clients u...

Страница 181: ...tem Maintenance Management Type a name as the Router Name and click OK 4 Next open Applications Bonjour Check the service that you want to use via Bonjour 5 Open the DNSSD page again The available ite...

Страница 182: ...Vigor2832 Series User s Guide 170 6 Now any page or document can be printed out through Vigor router installed with a printer...

Страница 183: ...into the web user interface of the Vigor router 2 Open Applications Active Directory LDAP to get the following page for configuring LDAP related settings There are three types of bind type supported...

Страница 184: ...Vigor2832 Series User s Guide 172 and 4 Click OK to save the settings above 5 Open User Management General Setup Select User Based as the Mode option...

Страница 185: ...VPN and Remote Access PPP General Setup to check the profile s that will be authenticated with LDAP server After above configurations users belong to either rd1 or shrd group can access Internet afte...

Страница 186: ...nterface Specify Interface Through dedicated interface WAN LAN VPN the data can be sent from the source IP to the destination IP Address Mapping Allows you specify the outgoing WAN IP address es for a...

Страница 187: ...II I 5 5 1 1 1 1 S St ta at ti ic c R Ro ou ut te e f fo or r I IP Pv v4 4 Available settings are explained as follows Item Description Index The number 1 to 30 under Index allows you to open next pa...

Страница 188: ...rnal Router B 192 168 1 3 have set Main Router 192 168 1 1 as the default gateway for the Router A 192 168 1 2 Before setting Static Route user A cannot talk to user B for Router A can only forward re...

Страница 189: ...to enable this profile Destination IP Address Type an IP address as the destination of such static route Subnet Mask Type the subnet mask for such static route Network Interface Use the drop down lis...

Страница 190: ...f the static route Set to Factory Default Clear all of the settings and return to factory default settings Viewing IPv6 Routing Table Displays the routing table for your reference Click any underline...

Страница 191: ...IP Start Displays the IP address for the start of the source IP Src IP End Displays the IP address for the end of the source IP Dest IP Start Displays the IP address for the start of the destination I...

Страница 192: ...P can be treated as the destination IP Dest IP Start Type the destination IP start for the specified WAN interface Dest IP End Type the destination IP end for the specified WAN interface If this field...

Страница 193: ...lable settings are explained as follows Item Description Force NAT Force Routing It determines which mechanism that the router will use to forward the packet to WAN 5 After choosing the mechanism clic...

Страница 194: ...Enable Check this box to enable this policy Protocol Use the drop down menu to choose a proper protocol for the WAN interface Source IP Any Any IP can be treated as the source IP Src IP Start Type the...

Страница 195: ...ne which rule will be adopted for transmitting the packet according to the priority of Static Route and Route Policy The greater the value is the lower the priority is Default value for route policy i...

Страница 196: ...mation Specify the nature of the packets to be analyzed by Vigor router ICMP UDP TCP ANY Specify a protocol for diagnosis Src IP Type an IP address as the source IP Dst IP Type an IP address as the de...

Страница 197: ...of analyzing The analyzed result will be shown on the page If required click export analysis to export the result as a file Note that the analysis was based on the current load balance route policy s...

Страница 198: ...vised later Example 1 In the following figure a LAN to LAN VPN tunnel is built between DrayTek VPN router e g Vigor2832 Series and the remote router Firewall Router can receive all of the traffic comi...

Страница 199: ...value is fixed as 250 And Routes in Routing Table are fixed as 150 You can adjust the value for such route policy with lower value e g 100 to ensure it will be applied to packets transmission with th...

Страница 200: ...side of Router A to break through the Internet censorship circumvention A VPN tunnel has been established between Router A and router B 1 Access into the web user interface of Router A 2 Open Load Bal...

Страница 201: ...mapped into either 202 211 100 10 or 203 98 200 10 which IP or mapping is decided by the internal load balancing algorithm With address mapping feature you can manually configure any host mapping to a...

Страница 202: ...of WAN 1 to open the following page From the above figure set main WAN IP address as 202 211 100 10 Click the WAN IP Alias button to configure the other IP address which is 202 211 100 11 Make sure Jo...

Страница 203: ...s User s Guide 191 4 After finished configuration for WAN1 open Load Balance Route Policy 5 Click Index number 1 and 2 to configure the details After finished the settings click OK to save the setting...

Страница 204: ...User s Guide 192 And 6 Upon completing the above configuration you have specified the outgoing IP address es for some specific computers Now you bind some specific computers to some WAN IP alias for...

Страница 205: ...e following figure shows a simple application of load balance WAN1 and WAN2 can be used to access into Internet The PC in LAN1 can send the data to the remote PC through the specified WAN1 1 Access in...

Страница 206: ...t IP Start and Dest IP End with 203 65 1 35 and 203 65 1 35 choose WAN1 as the Interface click default gateway 4 After finished the above settings click OK to save the configuration Now the packets se...

Страница 207: ...er s Guide 195 P Pa ar rt t I II II I W Wi ir re el le es ss s L LA AN N Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well...

Страница 208: ...ired LAN as well as Internet access Vigor2832 wireless router is a highly integrated wireless local area network WLAN for 2 4 GHz 802 11n WLAN applications Vigor2832 n series router supports 802 11n u...

Страница 209: ...ay consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which security suite you select they all will enhance the ov...

Страница 210: ...Series User s Guide 198 W WP PS S WPS Wi Fi Protected Setup provides easy procedure to make network connection between wireless station and wireless access point vigor router with the encryption of WP...

Страница 211: ...age will be used for internal users in a company or your home Available settings are explained as follows Item Description Name Type the SSID name of this router for wireless 2 4GHz The default name i...

Страница 212: ...ing allowed to share the LAN network and VPN connection Available settings are explained as follows Item Description Enable Disable Click it to enable or disable settings in this page SSID Type the SS...

Страница 213: ...setting page Cancel Exit the wireless wizard without saving any changes 4 After typing the required information click Next 5 The following page will display the configuration summary for wireless set...

Страница 214: ...11g 11n mode Channel Means the channel of frequency of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea of cho...

Страница 215: ...to make the wireless clients stations with different VPN not accessing for each other Schedule Set the wireless LAN to work at certain time interval only You may choose up to 4 schedules out of the 1...

Страница 216: ...ecurity mode is provided and stated on the label pasted on the bottom of the router For the wireless client who wants to access into Internet through such router please input the default PSK value for...

Страница 217: ...cepts WPA and WPA2 clients simultaneously and the encryption key should be entered in PSK WPA The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key enter...

Страница 218: ...o enable the MAC Address filter for wireless LAN identified with SSID 1 to 4 respectively All the clients expressed by MAC addresses listed in the box can be grouped under different wireless LAN For e...

Страница 219: ...s access point vigor router with the encryption of WPA and WPA2 Info WPS is available for the wireless station with WPS supported It is the simplest way to build connection between wireless network cl...

Страница 220: ...rt PBC button of network card If you want to use PIN code you have to know the PIN code specified in wireless client Then provide the PIN code of the wireless client you wish to connect to the vigor r...

Страница 221: ...de of the router Only WPA2 PSK and WPA PSK support WPS Configure via Push Button Click Start PBC to invoke Push Button style WPS setup procedure The router will wait for WPS requests from wireless cli...

Страница 222: ...ridge interface The application for the WDS Repeater mode is depicted as below The major difference between these two modes is that while in Repeater mode the packets received from one peer AP can be...

Страница 223: ...as follows Item Description Mode Choose the mode for WDS setting Disable mode will not invoke any WDS setting Bridge mode is designed to fulfill the first type of application Repeater mode is for the...

Страница 224: ...ase disable the unused link to get better performance If you want to invoke the peer MAC address remember to check Enable box in the front of the MAC address after typing Repeater If you choose Repeat...

Страница 225: ...0 40 the router will use 20Mhz or 40Mhz for data transmission and receiving according to the station capability Such channel can increase the performance for data transit 40 the router will use 40Mhz...

Страница 226: ...e Enable radio button APSD Capable The default setting is Disable Fragment Length 256 2346 Set the Fragment threshold of wireless radio Do not modify default value if you don t know what it is default...

Страница 227: ...is determined according to the limitation of the wireless client Total Upload Limit It is available when Auto Adjustment is selected Type a value to define the maximum data traffic uploading for all...

Страница 228: ...of the APs on the wireless LAN Yet only the AP which is in the same channel of this router can be found Please click Scan to discover all the connected APs Available settings are explained as follows...

Страница 229: ...with its status code There is a code summary below for explanation For convenient Access Control you can select a WLAN station and click Add to Access Control below Available settings are explained a...

Страница 230: ...Vigor2832 Series User s Guide 218 This page is left blank...

Страница 231: ...a manner that emulates the properties of a point to point private link It is a form of VPN that can be used with a standard Web browser A digital certificate works as an electronic ID which is issued...

Страница 232: ...he Internet In short by VPN technology you can send data between two computers across a shared or public network in a manner that emulates the properties of a point to point private link The VPN built...

Страница 233: ...or VPN dial out connection from server to client step by step 1 Open Wizards VPN Client Wizard The following page will appear Available settings are explained as follows Item Description LAN to LAN Cl...

Страница 234: ...es provided here Different type will lead to different configuration page After making the choices for the client profile please click Next You will see different configurations based on the selection...

Страница 235: ...Vigor2832 Series User s Guide 223 When you choose IPsec you will see the following graphic When you choose L2TP you will see the following graphic...

Страница 236: ...see the following graphic When you choose SSL you will see the following graphic Available settings are explained as follows Item Description Profile Name Type a name for such profile The length of th...

Страница 237: ...ared key Digital Signature X 509 Click Digital Signature to invoke this function Peer ID Choose the peer ID selection from the drop down list Local ID Choose Alternative Subject Name First or Subject...

Страница 238: ...ilable settings are explained as follows Item Description Go to the VPN Connection Management Click this radio button to access VPN and Remote Access Connection Management for viewing VPN Connection s...

Страница 239: ...Site VPN Remote Dial in User You can manage remote access by maintaining a table of remote user profile so that users can be authenticated to dial in via VPN connection Please choose a LAN to LAN Pro...

Страница 240: ...anged according to the VPN Server Mode Site to Site VPN and Remote Dial in User selected 2 After making the choices for the server profile please click Next You will see different configurations based...

Страница 241: ...IPsec policy above The length of the name is limited to 11 characters Pre Shared Key For IPsec L2TP IPsec authentication you have to type a pre shared key The length of the name is limited to 64 chara...

Страница 242: ...sted on the page and click Finish to execute the next action Available settings are explained as follows Item Description Go to the VPN Connection Management Click this radio button to access VPN and...

Страница 243: ...the necessary VPN service as you need If you intend to run a VPN server inside your LAN you should disable the VPN service of Vigor Router to allow VPN tunnel pass through as well as the appropriate N...

Страница 244: ...the remote dial in user If the remote dial in user does not support the MPPE encryption algorithm the router will transmit no MPPE encrypted packets Otherwise the MPPE encryption scheme will be used...

Страница 245: ...uld choose an IP address from the local private network For example if the local private network is 192 168 1 0 255 255 255 0 you could choose 192 168 1 200 as the Start IP Address You can configure u...

Страница 246: ...the data payload only It can just apply to local packet e g L2TP over IPsec The Tunnel mode will not only add the AH ESP payload but also use a new IP header Tunneled IP header to encapsulate the whol...

Страница 247: ...curity Payload ESP means payload data will be encrypted and authenticated You may select encryption algorithm from Data Encryption Standard DES Triple DES 3DES and AES After finishing all the settings...

Страница 248: ...nt Check it to enable such account profile Accept Any Peer ID Click to accept any peer regardless of its identity Accept Subject Alternative Name Click to check one specific field of digital signature...

Страница 249: ...t in RADIUS client function The following figure shows the summary table Available settings are explained as follows Item Description Set to Factory Default Click to clear all indexes View All Click i...

Страница 250: ...ial in user to make a PPTP VPN connection through the Internet You should set the User Name and Password of remote dial in user below IPsec Tunnel Allow the remote dial in user to make an IPsec VPN co...

Страница 251: ...authentication with mOTP function PIN Code Type the code for authentication e g 1234 Secret Use the 32 digit secret number generated by mOTP in the mobile phone e g e759bb6f0e94c7ab4fe6 Subnet Chose o...

Страница 252: ...to o L LA AN N Here you can manage LAN to LAN connections by maintaining a table of connection profiles You may set parameters including specified connection direction dial in or dial out connection p...

Страница 253: ...AN profile The symbol represents that the profile is empty Active V means the profile has been enabled X means the profile has not been enabled Status Indicate the status of individual profiles The sy...

Страница 254: ...sion between the hosts located on both sides of VPN Tunnel while connecting Block When there is conflict occurred between the hosts on both sides of VPN Tunnel in connecting such function can block da...

Страница 255: ...can be viewed as one pure L2TP connection Nice to Have Apply the IPsec policy first if it is applicable during negotiation Otherwise the dial out VPN connection becomes one pure L2TP connection Must S...

Страница 256: ...gorithm AES without Authentication Use AES encryption algorithm and not apply any authentication scheme AES with Authentication Use AES encryption algorithm and apply MD5 or SHA 1 authentication algor...

Страница 257: ...value is inactive this function Local ID In Aggressive mode Local ID is on behalf of the IP address while identity authenticating with remote VPN server The length of the ID is limited to 47 characte...

Страница 258: ...pply the authentication methods and security methods in the general settings User Name This field is applicable when you select PPTP or L2TP with or without IPsec policy above The length of the name i...

Страница 259: ...de wants to use it the peer must enable it too My GRE IP Type the virtual IP for router itself for verified by peer Peer GRE IP Type the virtual IP of peer host for verified by router TCP IP Network S...

Страница 260: ...connection established the router will change the IP address according to the settings configured here and block sessions which are not coming from the IP address defined in the Virtual IP Mapping li...

Страница 261: ...o types for you to choose Whole Subnet Specific IP Address Virtual IP Mapping A pop up dialog will appear for you to specify the local IP address and the mapping virtual IP address 2 After finishing a...

Страница 262: ...e activated when initial connection of single VPN tunnel is off line Before setting VPN TRUNK VPN Backup mechanism backup profile please configure at least two sets of LAN to LAN profiles with fully c...

Страница 263: ...PN Backup mechanism profile Member1 Display the dial out profile selected from the Member1 drop down list below Active Yes means normal condition No means the state might be disabled or that profile c...

Страница 264: ...le Member1 Display the dial out profile selected from the Member1 drop down list below Active Yes means normal condition No means the state might be disabled or that profile currently is set with Dial...

Страница 265: ...Status Enable or Disable profile name member1 or member2 Delete Click this button to delete the selected VPN TRUNK profile The corresponding members LAN to LAN profiles grouped in the deleted VPN TRU...

Страница 266: ...one of the LAN to LAN profiles from Member1 drop down list choose one of the LAN to LAN profiles from Member2 drop down list and click Add at last 4 Take a look for LAN to LAN profiles Index 1 is chos...

Страница 267: ...er 192 168 50 200 in the field of Peer GRE IP A Ad dv va an nc ce ed d L Lo oa ad d B Ba al la an nc ce e a an nd d B Ba ac ck ku up p After setting profiles for load balance you can choose any one of...

Страница 268: ...alance of packet transmission with flexible rate It can be divided into Auto Weighted and According to Speed Ratio Auto Weighted can detect the device speed 10Mbps 100Mbps and switch with fixed value...

Страница 269: ...TCP Service Port also fits the number here such binding tunnel table can be established UDP means when the source IP destination IP destination port and fragment conditions match with the settings spe...

Страница 270: ...ICMP or Other as Binding Protocol A Ad dv va an nc ce ed d B Ba ac ck ku up p Available settings are explained as follows Item Description Profile Name List the backup profile name ERD Mode ERD means...

Страница 271: ...on You may also aggressively Dial out by using Dial out Tool and clicking Dial button Available settings are explained as follows Item Description Dial out Tool General Mode This filed displays the pr...

Страница 272: ...Vigor2832 Series User s Guide 260 Refresh Seconds Choose the time for refresh the dial information among 5 10 and 30 Refresh Click this button to refresh the whole connection status...

Страница 273: ...i io on n o on n V Vi ig go or r R Ro ou ut te er r f fo or r H He ea ad d O Of ff fi ic ce e 1 Log into the web user interface of Vigor router 2 Open VPN and Remote Access LAN to LAN to create a LAN...

Страница 274: ...Server IP e g 218 242 130 19 in this case Press the IKE Pre Shared Key button to set the PSK and select Medium AH or High ESP as the security method 5 Continue to navigate to the TCP IP Network Settin...

Страница 275: ...ess LAN to LAN to create a LAN to LAN profile The following settings are for a permanent VPN connection 3 Click any index number to open the configuration page Type a name which is easy for identifica...

Страница 276: ...ervice and type the remote server IP host name e g 218 242 133 91 in this case Press the IKE Pre Shared Key button to set the PSK and select Medium AH or High ESP as the security method 5 Continue to...

Страница 277: ...Vigor2832 Series User s Guide 265 7 Open VPN and Remote Access Connection Management to check the dial in connection status from head office...

Страница 278: ...network is a form of VPN that can be used with a standard Web browser There are two benefits that SSL VPN provides It is not necessary for users to preinstall VPN client software for executing SSL VPN...

Страница 279: ...l not affect the HTTPS Port configuration set in System Maintenance Management In general the default setting is 443 Server Certificate When the client does not set any certificate default certificate...

Страница 280: ...e Display current status active or inactive of such profile Click number link under Index filed to set detailed configuration Available settings are explained as follows Item Description Name Type nam...

Страница 281: ...vate port mapping to random WAN port There are two restrictions for proxy web server for such selection 1 it is only used for WAN to LAN access the web server must be configured behind vigor router 2...

Страница 282: ...ription Name Display the application name of the profile that you create Host Address Display the IP address for VNC RDP or SMB path Service Display the type of the service selected e g VNC RDP SMB Ac...

Страница 283: ...C through RDP protocol IP Address If you choose VNC or RDP you have to type the IP address for this protocol Port If you choose VNC or RDP you have to specify the port used for this protocol The defau...

Страница 284: ...guest network or web cafe The SSL technology is the same as the encryption that you use for secure web sites such as your online bank The SSL VPN can be operated in either full tunnel mode or proxy mo...

Страница 285: ...he length of the name password is limited to 19 characters Enable Mobile One Time Passwords mOTP Check this box to make the authentication with mOTP function PIN Code Type the code for authentication...

Страница 286: ...l Multicast via VPN Some programs might send multicast packets via VPN connection Pass Click this button to let multicast packets pass through the router Block This is default setting Click this butto...

Страница 287: ...yption algorithm from Data Encryption Standard DES Triple DES 3DES and AES Local ID Specify a local ID to be used for Dial in setting in the LAN to LAN Profile setup This item is optional and can be u...

Страница 288: ...profiles will be used by applications such as User Management VPN and etc Each item is explained as follows Item Description Set to Factory Default Click to clear all indexes Index Display the number...

Страница 289: ...s Remote Dial In User The enabled profiles will be listed in the Available User Account on the left box To add a profile into a group simply choose the one from the left box and click the button It wi...

Страница 290: ...ess into DrayTek SSL VPN portal interface Next users can open SSL VPN Online Status to view logging status of SSL VPN Available settings are explained as follows Item Description Active User Display c...

Страница 291: ...gor router support digital certificates conforming to standard X 509 Any entity wants to utilize digital certificates should first request a certificate issued by a CA server It should also retrieve c...

Страница 292: ...import a saved file as the certification information Refresh Click this button to refresh the information listed below View Click this button to view the detailed settings for certificate request Del...

Страница 293: ...T Vigor router allows you to generate a certificate request and submit it the CA server then import it as Local Certificate If you have already gotten a certificate from a third party you may import i...

Страница 294: ...as OK Upload PKCS12 Certificate It allows users to import the certificate whose extensions are usually pfx or p12 And these certificates usually need passwords Note PKCS12 is a standard for storing p...

Страница 295: ...tings for certificate request Info You have to copy the certificate request information from above window Next access your CA server and enter the page of certificate request copy the information into...

Страница 296: ...certificate authority Root CA will be used to authenticate the digital certificates offered by both ends However the procedure of applying digital certificate from a trusted root certificate authority...

Страница 297: ...ck GENERATE again I Im mp po or rt ti in ng g a a T Tr ru us st te ed d C CA A To import a pre saved trusted CA certificate please click IMPORT to open the following window Use Browse to find out the...

Страница 298: ...ificate for this router can be saved within one file Please click Backup on the following screen to save them If you want to set encryption password for these certificates please type characters in bo...

Страница 299: ...y has been always the most concerned The firewall of the Vigor router helps to protect your local network against attack from unauthorized outsiders It also restricts users in the local network from a...

Страница 300: ...s unsolicited incoming data Selectable Denial of Service DoS Distributed DoS DDoS attacks protection I IP P F Fi il lt te er rs s Depending on whether there is an existing Internet connection or in ot...

Страница 301: ...xhaust all your system s resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables...

Страница 302: ...here you assign the Start Filter Set only Also you can configure the Log Flag settings Apply IP filter to VPN incoming packets and Accept incoming fragmented UDP packets Click Firewall and click Gene...

Страница 303: ...ity checking for data transmission Such feature is enabled in default All the packets while transmitting through Vigor router will be filtered by firewall If the firewall system e g content filter ser...

Страница 304: ...d section later User Management Such item is available only when Rule Based is selected in User Management General Setup The general firewall rule will be applied to the user user group all users spec...

Страница 305: ...u can specify to record information for Web Content Filter by checking the Log box It will be sent to Syslog server Please refer to section Syslog Mail Alert for more detailed information DNS Filter S...

Страница 306: ...e more the value is the better the performance will be However if the network is not stable small value will be proper Session timeout Setting timeout for sessions can make the best utilization of net...

Страница 307: ...each rule Check Active to enable the filter rule Available settings are explained as follows Item Description Rule Click a button numbered 1 7 to edit the filter rule Click the button will open Edit F...

Страница 308: ...ly used settings of filter rule via three setting pages Advance Mode Allow to configure detailed settings of filter rule in one page To use Wizard Mode simple do the following steps 1 Click the Wizard...

Страница 309: ...ess as the Address Type and type them in this dialog In addition if you want to use the IP range from defined groups or objects please choose Group and Objects as the Address Type From the IP Group dr...

Страница 310: ...o use Advance Mode do the following steps 1 Click the Advance Mode radio button 2 Click one of the indexe number linke e g Index 2 to access into the following page Available settings are explained as...

Страница 311: ...setting is not available since Call Filter is only applied to outgoing traffic Note RT means routing domain for 2nd subnet or other LAN Source Destination IP Click Edit to access into the following di...

Страница 312: ...number less than this value is available for this profile Service Group Object Use the drop down list to choose the one that you want Fragments Specify the action for fragmented packets And it is used...

Страница 313: ...w Group item will appear for you to click to create a new one APP Enforcement Select an APP Enforcement profile for global IM P2P application blocking If there is no profile for you to select please c...

Страница 314: ...the DNS Filter link from the drop down list in this page to create a new profile Advance Setting Click Edit to open the following window However it is strongly recommended to use the default settings...

Страница 315: ...rough Vigor router will be filtered by firewall settings configured by Vigor router When the resource is inadequate the packets will be blocked if Strict Security Checking is enabled If Strict Securit...

Страница 316: ...igor router will start to randomly discard the subsequent TCP SYN packets for a period defined in Timeout The goal for this is prevent the TCP SYN packets attempt to exhaust the limited resource of Vi...

Страница 317: ...vulnerability of the security for the LAN because it will carry significant information such as security TCC closed user group parameters a series of Internet addresses routing messages etc An eavesd...

Страница 318: ...P Fragment Check the box to activate the Block ICMP fragment function Any ICMP packets with more fragment bit set are dropped Block Unassigned Numbers Check the box to activate the Block Unknown Proto...

Страница 319: ...Vigor2832 Series User s Guide 307...

Страница 320: ...1 10 192 168 1 20 accessing to Internet through Vigor router Others e g 192 168 1 31 and 192 168 1 32 outside the range can get the source from LAN only The way we can use is to set two rules under F...

Страница 321: ...ll check the packets starting with Set 2 Filter Rule 2 to Filter Rule 7 If Block If No Further Match for is selected for Filter the firewall of the router would check the packets with the rules starti...

Страница 322: ...lick the Edit button for Source IP 6 A dialog box will be popped up Choose Range Address as Address Type by using the drop down list Type 192 168 1 10 in the field of Start IP and type 192 168 1 20 in...

Страница 323: ...r not The action for Filter shall be set with Pass Immediately Then click OK to save the settings 8 Both filter rules have been created Click OK Now all the settings are configured well Only the compu...

Страница 324: ...cks the URL strings or some of HTTP data hiding in the payload of TCP packets while legacy firewall inspects packets based on the fields of TCP IP headers only On the other hand Vigor router can preve...

Страница 325: ...will be applied in Default Rule of Firewall General Setup for filtering Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Profile Display the numbe...

Страница 326: ...s 15 characters Select All Click it to choose all of the items in this page Clear All Uncheck all the selected boxes Enable Check the box to select the APP to be blocked by Vigor router Adv A button u...

Страница 327: ...atically Available settings are explained as follows Item Description Upgrade Setting APPE Module Version Display current version status of APPE signature New version from the Internet Download button...

Страница 328: ...n also provide a job related only environment hence to increase the employee work efficiency How can URL Content Filter work better than traditional firewall in the field of filtering Because it check...

Страница 329: ...the message manually for your necessity Default Message You can type the message manually for your necessity or click this button to get the default message which will be displayed on the field of Ad...

Страница 330: ...ch function can determine the priority for the actions executed For this one the router will process the packages with the conditions set below for web feature first then URL second Log None There is...

Страница 331: ...site whose URL string matched to any user defined keyword It should be noticed that the more simplified the blocking keyword list is the more efficiently the Vigor router performs Web Feature Enable R...

Страница 332: ...hanism developed and offered by certain service provider e g DrayTek No matter activating WCF feature or getting a new license for web content filter you have to click Activate to satisfy your request...

Страница 333: ...the message manually for your necessity or click this button to get the default message which will be displayed on the field of Administration Message Cache None the router will check the URL that the...

Страница 334: ...be changed simultaneously All of the configuration made for web content filter will be deleted automatically Therefore please backup your data before you change the web content filter license Availabl...

Страница 335: ...isted on Group Object Selections If the web pages do not match with the specified feature set here they will be processed with the categories listed on the box below Action Pass allow accessing into t...

Страница 336: ...Profile will be applied to DNS query coming from clients on LAN Info For DNS filter must use the WCF service profile to filter the packets therefore WCF license must be activated first Otherwise DNS...

Страница 337: ...l the actions Pass and Block will be recorded in Syslog WCF Set the filtering conditions UCF Set the filtering conditions Enable Block Page If such function is enabled when DNS packets are blocked by...

Страница 338: ...everal useful services such as Anti Spam Web Content Filter Anti Intrusion and etc to filtering the web pages for the sake of protecting your system To access into MyVigor for getting more information...

Страница 339: ...es User s Guide 327 2 Click the Activate link A login page for MyVigor web site will pop up automatically 3 Click the link of Create an account now 4 Check to confirm that you accept the Agreement and...

Страница 340: ...Vigor2832 Series User s Guide 328 5 Type your personal information in this page and then click Continue 6 Choose proper selection for your computer and click Continue...

Страница 341: ...ART 8 Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor draytek com 9 Click the Activate my Account link to enable the account that you created The fol...

Страница 342: ...d 11 Now click Login Your account has been activated You can access into MyVigor server to activate the service e g WCF that you want C Cr re ea at te e a an n A Ac cc co ou un nt t v vi ia a M My yV...

Страница 343: ...onfirm that you accept the Agreement and click Accept 3 Type your personal information in this page and then click Continue 4 Choose proper selection for your computer and click Continue 5 Now you hav...

Страница 344: ...ation email with the title of New Account Confirmation Letter from myvigor draytek com 7 Click the Activate my Account link to enable the account that you created The following screen will be shown to...

Страница 345: ...password that you just created in the fields of UserName and Password Then type the code in the box of Auth Code according to the value displayed on the right side of it Now click Login Your account h...

Страница 346: ...lt te er r There are two ways to block the facebook service Web Content Filter and URL Content Filter Web Content Filter Benefits Easily and quickly implement the category website that you want to blo...

Страница 347: ...Next time when someone accesses facebook via this router the web page would be blocked and the following message would be displayed instead II Via URL Content Filter A Block the web page containing t...

Страница 348: ...Guide 336 3 Open CSM URL Content Filter Profile Click an index number to open the setting page 4 Configure the settings as the following figure 5 When you finished the above steps click OK Then open...

Страница 349: ...the field of URL Content Filter Now users cannot open any web page with the word facebook inside B Disallow users to play games on Facebook 1 Open Object Settings Keyword Object Click an index number...

Страница 350: ...page 4 Configure the settings as the following figure 5 When you finished the above steps please open Firewall General Setup 6 Click the Default Rule tab Choose the profile just configured from the d...

Страница 351: ...ng Configuration Backup Syslog Mail Alert Time and Date Management Reboot System Firmware Upgrade and Activation It is used to control the bandwith of data transmission through configuration of Sessio...

Страница 352: ...e several items that you have to know the way of configuration System Status TR 069 Administrator Password User Password Login Page Greeting Configuration Backup Syslog Mail Alert Time and Date Manage...

Страница 353: ...tion Available settings are explained as follows Item Description Model Name Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display th...

Страница 354: ...s Display the IP address of the WAN interface Default Gateway Display the assigned IP address of the default gateway IPv6 Address Display the IPv6 address for LAN Scope Display the scope of IPv6 addre...

Страница 355: ...rver On Choose the interface for the router connecting to ACS server ACS Server URL Username Password Such data must be typed according to the ACS Auto Configuration Server you want to link Please ref...

Страница 356: ...Type the port number of the STUN server Minimum Keep Alive Period If STUN is enabled the CPE must send binding request to the server for the purpose of maintaining the binding in the Gateway Please ty...

Страница 357: ...n this field The length of the password is limited to 23 characters Confirm Password Type in the new password again Administrator Local User The administrator can login web user interface of Vigor rou...

Страница 358: ...ed It can ensure that any user is able to successfully accesses into web user interface of Vigor router through Internet by username password of admin admin Administrator LDAP Setting Enable LDAP AD l...

Страница 359: ...erface accessed by using the administrator password Password Type in new password in this field The length of the password is limited to 31 characters Confirm Password Type in the new password again S...

Страница 360: ...ng screen will appear Simply click OK 4 Log out Vigor router web user interface by clicking the Logout button 5 The following window will be open to ask for username and password Type the new user pas...

Страница 361: ...ith User Mode will be shown as follows Settings to be configured in User Mode will be less than settings in Admin Mode Only basic configuration settings will be available in User Mode Info Setting in...

Страница 362: ...Item Description Enable Check this box to enable the login customization function Login Page Title Type a brief description e g Welcome to DrayTek which will be shown on the heading of the login dial...

Страница 363: ...Vigor2832 Series User s Guide 351...

Страница 364: ...stem Maintenance Configuration Backup The following page will be popped up as shown below Available settings are explained as follows Item Description Restore Choose File Click it to specify a file to...

Страница 365: ...nfo Backup for Certification must be done independently The Configuration Backup does not include information of Certificate R Re es st to or re e C Co on nf fi ig gu ur ra at ti io on n 1 Go to Syste...

Страница 366: ...ement If there is no name here simply lick the link to access into System Maintenance Management to set the router name Server IP Address The IP address of the Syslog server Destination Port Assign a...

Страница 367: ...eck this box to activate this function while using e mail application User Name Type the user name for authentication Password Type the password for authentication Enable E mail Alert Check the box to...

Страница 368: ...6 3 From the Syslog screen select the router you want to monitor Be reminded that in Network Information select the network adapter used to connect to the router Otherwise you won t succeed in retriev...

Страница 369: ...e Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol Time Server Type the web site of the time server Priority Choose Auto or IPv6 First as the p...

Страница 370: ...Set the name for getting community by typing a proper character The default setting is public The maximum length of the text is limited to 23 characters Set Community Set community by typing a proper...

Страница 371: ...is function USM User USM means user based security mode Type a username which will be used for authentication The maximum length of the text is limited to 23 characters Auth Algorithm Choose one of th...

Страница 372: ...SL Encryption Setup and Device Management The management pages for IPv4 and IPv6 protocols are different V VI I 1 1 1 10 0 1 1 I IP Pv v4 4 M Ma an na ag ge em me en nt t S Se et tu up p Available set...

Страница 373: ...ally Management Port Setup User Define Ports Check to specify user defined port numbers for the Telnet HTTP HTTPS FTP TR 069 and SSH servers Default Ports Check to use standard port numbers for the Te...

Страница 374: ...w you managing the router from Internet Check the box es to specify Enable PING from the Internet Check the checkbox to enable all PING packets from the Internet For security issue this function is di...

Страница 375: ...from LAN interface There are several servers provided by the system which allow you to manage the router from LAN interface Check the box es to specify Apply To Subnet Check the LAN interface for the...

Страница 376: ...dule web page and you can use the number that you have set in that web page If you want to reboot the router using the current configuration check Using current configuration and click Reboot Now To r...

Страница 377: ...e is www DrayTek com or local DrayTek s web site and FTP site is ftp DrayTek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Choose the right firmware by clicking...

Страница 378: ...lick System Maintenance Activation to open the following page for accessing http myvigor draytek com Available settings are explained as follows Item Description Activate via Interface Choose WAN inte...

Страница 379: ...tem Description User Name Display the name of the existed user profile To modify the detailed settings simply click the user name link to access into the web page for modification Radius Check the box...

Страница 380: ...item all of the user profiles listed in this page will be enabled with Local 802 1X service enabled vice versa Info For the detailed setting such as IP address port number configuration of internal RA...

Страница 381: ...configuration of CPE device VigorACS the administrator server could use the KeepProfile Setting in the Provision page to always keep the parameter as original This document will demonstrate how to ke...

Страница 382: ...min123 in Value field Click Save button to save the setting 2 ACS server will pops up Save Success window 3 Check ACS log Go to Log page select Device Action SetParameterLog and we could see there s o...

Страница 383: ...es and keep the original setting 3 Wait a period of time for CPE inform Then from the ACS log we will find ACS has detected the parameter difference but assigned the original value again 4 Go back to...

Страница 384: ...traffic can be throttled back to a lower speed If there s no defined priority to specify which packets should be discarded or in another term dropped from an overflowing queue packets of sensitive app...

Страница 385: ...the backbone will do the same checking before executing treatments in order to ensure service level consistency throughout the whole QoS enabled network However each node may take different attitude...

Страница 386: ...im mi it t In the Bandwidth Management menu click Sessions Limit to open the web page To activate the function of limit session simply click Enable and set the default session limit Available setting...

Страница 387: ...cific limitation you set for each index Add Adds the specific session limitation onto the list above Edit Allows you to edit the settings for the selected limitation Delete Remove the selected setting...

Страница 388: ...Description Bandwidth Limit Enable Click this button to activate the function of limit bandwidth IP Routed Subnet Check this box to apply the bandwidth limit to the second subnet specified in LAN Gen...

Страница 389: ...for the specific limitation you set for each index Add Add the specific speed limitation onto the list above Edit Allow you to edit the settings for the selected limitation Delete Remove the selected...

Страница 390: ...isplay which direction that such function will influence Class 1 Class2 Class 3 Others Display the bandwidth percentage for each class UDP Bandwidth Control Display the UDP bandwidth control is enable...

Страница 391: ...general setup of WAN interface As to class rule simply click the Edit link to access into next for configuration You can configure general setup for the WAN interface edit the Class Rule and edit the...

Страница 392: ...affic Check this box and click OK then click Setup link again You will see the Online Statistics link appearing on this page WAN Inbound Bandwidth It allows you to set the connecting rate of data inpu...

Страница 393: ...und inbound must be smaller than the real bandwidth to ensure correct calculation of QoS It is suggested to set the bandwidth value for inbound outbound as 80 85 of physical network speed provided by...

Страница 394: ...ype Determine the address type for the source address For Single Address you have to fill in Start IP address For Range Address you have to fill in Start IP address and End IP address For Subnet Addre...

Страница 395: ...isted rule please select the radio button of that one and click Edit to open the rule edit page for modification E Ed di it t t th he e S Se er rv vi ic ce e T Ty yp pe e f fo or r C Cl la as ss s R R...

Страница 396: ...ter finishing all the settings here please click OK to save the configuration By the way you can set up to 10 service types If you want to edit delete an existed service type please select the radio b...

Страница 397: ...d Outbond bandwidth and bandwidth ratio Vigor router can perform the bandwidth management for the protocols streaming remote control web HD and so on Click Bandwidth Management APP QoS to open the fol...

Страница 398: ...to all Choose one of the actions from the drop down list It is prepared for applying to all protocols Apply Click it to make the selected action be applied all of the selected protocols immediately Ac...

Страница 399: ...elps you to well allocate the bandwidth upon your demand of Voice Video or Data transferring Let s see how to get the optimum bandwidth per your request by using DrayTek Vigor router as below Scenario...

Страница 400: ...ick Edit to specify the local address 5 In the pop up window choose Range Address as the Address Type and type the start IP address and end IP address in relational fields Click OK to save the setting...

Страница 401: ...r2832 Series User s Guide 389 7 The class rule for VoIP has been set Click OK to return to previous page 8 Do the same steps to add class rules for IPTV and Data Email with IP addresses as shown below...

Страница 402: ...click the Setup link of WAN1 to set up the bandwidth for different groups among VoIP IPTV and Data Email 10 In the Setup page check the box of Enable the QoS Control Type 30 50 and 15 in the boxes for...

Страница 403: ...Vigor2832 Series User s Guide 391 11 Click OK to save the settings The class rules for WAN1 are defined as shown below...

Страница 404: ...s internal database Meanwhile children may chat on Skype in the restroom 1 Go to Bandwidth Management Quality of Service 2 Click Setup link of WAN 2 3 4 Make sure the QoS Control on the left corner is...

Страница 405: ...Class 1 Click OK to save the settings 5 Click the Setup link for WAN2 The user can set reserved bandwidth e g 25 for E mail using protocol POP3 and SMTP Click OK to save the settings 6 Return to prev...

Страница 406: ...Vigor2832 Series User s Guide 394 7 Click Setup link for WAN2 8 Check Enable UDP Bandwidth Control on the bottom to prevent enormous UDP traffic influence other application Click OK...

Страница 407: ...apter 3 VPN for detail instruction he may set up an index for it Enter the Class Name of Index 3 In this index he will set reserved bandwidth for 1 VPN tunnel 10 Click Edit for Class 3 to open a new w...

Страница 408: ...Vigor2832 Series User s Guide 396 12 Then click Edit of Local Address to set a worker s subnet address Click Edit of Remote Address to set headquarter s IP address Leave other fields and click OK...

Страница 409: ...r account Network administrator can give different firewall policies or rules for different hosts with different User Management accounts This is more flexible and convenient for network management No...

Страница 410: ...nts of the filter rule s applied to every user Available settings are explained as follows Item Description Mode There are two modes offered here for you to choose Each mode will bring different filte...

Страница 411: ...lay IP Address on tracking window Check the box to display the IP address of the client on the tracking window Landing Page Type the information to be displayed on the first web page when the LAN user...

Страница 412: ...iles up to 200 which will be applied for users controlled under User Management Simply open User Management User Profile To set the user profile please click any index number link to open the followin...

Страница 413: ...n will be restricted with the conditions configured in this user profile The maximum length of the name you can set is 24 characters Password Type a password for such profile e g lug123 wug123 wug456...

Страница 414: ...ter will authenticate the dial in user by itself or by external service such as LDAP server or Radius server or TACACS server If LDAP Radius or TACACS is selected here it is not necessary to configure...

Страница 415: ...p Check this box to enable such function Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Application Schedule web pa...

Страница 416: ...When the scheduling time is up the router will use the default quota settings automatically Enable Check it to use the default setting for time quota and data quota Default Time Quota Type the value f...

Страница 417: ...ed as follows Item Description Name Type a name for this user group Available User Objects You can gather user profiles objects from User Profile page within one user group All the available user obje...

Страница 418: ...is page manually Index Display the number of the data flow User Display the users which connect to Vigor router currently You can click the link under the username to open the user profile setting pag...

Страница 419: ...th User Management authentication function before a valid username and password have been correctly supplied a particular client will not be allowed to access Internet through the router There are thr...

Страница 420: ...n some web browsers will display warning messages With Microsoft Internet Explorer you may get the following warning message Please press Continue to this website not recommended With Mozilla Firefox...

Страница 421: ...appear Input the user name and the password for your account defined in User Management and click Login If the authentication is successful the client will be redirected to the original web site that...

Страница 422: ...on you access an external web site to trigger the authentication You may also directly access the router s Web UI for authentication Both HTTP and HTTPS are supported for example http 192 168 1 1 or h...

Страница 423: ...n Successful in the Welcome Message table Also you will get a Tracking Window if you don t block the pop up window Don t setup a user profile in User Management and a VPN Remote Dial in user profile w...

Страница 424: ...via Web to do authentication If SSL Tunnel or SSL Web Proxy is disabled in the VPN profile a User Management account and a remote dial in VPN profile can use the same Username even with different pass...

Страница 425: ...e expired time is Unlimited means the Time Quota function is not enabled for this account After login this account will not be expired until it is logout 3 In the Web interface of router the configura...

Страница 426: ...which means this account has no time quota If the Time Quota is enabled and time is not 0 minute You will get the following message The expired time is shown after you login After you run out the ava...

Страница 427: ...again Authentication via VigorPro Alert Notice Tool allows user to setup the re authentication interval so that the utility will send authentication requests periodically This will keep the client hos...

Страница 428: ...le e 1 1 U Us se er rs s c ca an n s se ee e t th he e m me es ss sa ag ge e f fo or r l la an nd di in ng g p pa ag ge e a af ft te er r l lo og gg gi in ng g i in nt to o I In nt te er rn ne et t s...

Страница 429: ...ck OK to save the settings 5 Open any browser e g FireFox Internet Explorer The logging page will appear and asks for username and password Please type the correct username and password 6 Click Login...

Страница 430: ...ca al ll ly y a af ft te er r l lo og gg gi in ng g i in nt to o I In nt te er rn ne et t s su uc cc ce es ss sf fu ul ll ly y 1 In the field of Landing Page please type the words as below body stats...

Страница 431: ...he following page check the box of Landing page and click OK to save the settings 4 Open any browser e g FireFox Internet Explorer The logging page will appear and asks for username and password Pleas...

Страница 432: ...Vigor2832 Series User s Guide 420 5 Click Login If the logging is successful you will be directed into the website of www draytek com...

Страница 433: ...Item Description External Device Auto Discovery Check this box to detect the external device automatically and display on this page From this web page check the box of External Device Auto Discovery L...

Страница 434: ...rt t V VI II I O Ot th he er rs s USB device connected on Vigor router can be regarded as a server or WAN interface By way of Vigor router clients on LAN can access write and read data stored in USB...

Страница 435: ...rts in a limited range usually will be applied in configuring router s settings therefore we can define them with objects and bind them with groups for using conveniently Later we can select that obje...

Страница 436: ...ditions Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the obje...

Страница 437: ...with LAN DMZ RT VPN interface will be opened for you to choose in Edit Filter Rule page Address Type Determine the address type for the IP address Select Single Address if this object contains one IP...

Страница 438: ...et Address type is selected Invert Selection If it is checked all the IP addresses except the ones listed above will be applied later while it is chosen 4 After finishing all the settings here please...

Страница 439: ...ws Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the step...

Страница 440: ...ove will be shown in this box Selected IP Objects Click button to add the selected IP objects in this box 3 After finishing all the settings here please click OK to save the configuration V VI II I 1...

Страница 441: ...for IPv6 address Select Any Address if this object contains any IPv6 address Select Mac Address if this object contains Mac address Match Type Specify which type 128 Bits or 64 Bits of address fomat...

Страница 442: ...guration V VI II I 1 1 4 4 I IP Pv v6 6 G Gr ro ou up p This page allows you to bind several IPv6 objects into one IPv6 group Available settings are explained as follows Item Description Set to Factor...

Страница 443: ...specified interface chosen above will be shown in this box Selected IPv6 Objects Click button to add the selected IPv6 objects in this box 3 After finishing all the settings please click OK to save t...

Страница 444: ...Vigor2832 Series User s Guide 432 Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the object profile...

Страница 445: ...columns are available for TCP UDP protocol It can be ignored for other protocols The filter rule will filter out any port number when the first and last value are the same it indicates one port when t...

Страница 446: ...6 6 S Se er rv vi ic ce e T Ty yp pe e G Gr ro ou up p This page allows you to bind several service types into one group Available settings are explained as follows Item Description Set to Factory De...

Страница 447: ...ngs are explained as follows Item Description Name Type a name for this profile Maximum 15 characters are allowed Available Service Type Objects All the available service objects that you have added o...

Страница 448: ...t 200 keyword object profiles for choosing as black white list in CSM URL Web Content Filter Profile Available settings are explained as follows Item Description Set to Factory Default Clear all profi...

Страница 449: ...are explained as follows Item Description Name Type a name for this profile e g game Maximum 15 characters are allowed Contents Type the content for such profile For example type gambling as Contents...

Страница 450: ...r Profile Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the gr...

Страница 451: ...box 3 After finishing all the settings please click OK to save the configuration V VI II I 1 1 9 9 F Fi il le e E Ex xt te en ns si io on n O Ob bj je ec ct t This page allows you to set eight profil...

Страница 452: ...s 2 The configuration page will be shown as follows Available settings are explained as follows Item Description Profile Name Type a name for this profile The maximum length of the name you can set is...

Страница 453: ...turn to factory default settings Index Display the profile number that you can configure Profile Display the name for such SMS profile SMS Provider Display the service provider which offers SMS servic...

Страница 454: ...rd Type a password that the sender can use to register to selected SMS provider The maximum length of the password you can set is 31 characters Quota Type the number of the credit that you purchase fr...

Страница 455: ...re fixed You can click the number e g 9 under Index column for configuration in details Available settings are explained as follows Item Description Profile Name Display the name of this profile It ca...

Страница 456: ...r the system to send SMS After finishing all the settings here please click OK to save the configuration M Ma ai il l S Se er rv vi ic ce e O Ob bj je ec ct t This page allows you to set ten profiles...

Страница 457: ...server Sender Address Type the e mail address of the sender Use SSL Check this box to use port 465 for SMTP server for some e mail server uses https as the transmission method Authentication The mail...

Страница 458: ...g Notification Object and click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows Available settings are explained as follows Item Desc...

Страница 459: ...o set several profiles of string object Click Add to open the following dialog Type the string you want and click OK A new profile e g index 1 with the defined string will be shown on the web page In...

Страница 460: ...Log into the web user interface of Vigor router 2 Configure relational objects first Open Object Settings SMS Mail Server Object to get the following page Index 1 to Index 8 allows you to choose the b...

Страница 461: ...ofile setting 5 Open Object Settings Notification Object to configure the event conditions of the notification 6 Choose any index number e g Index 1 in this case to configure conditions for sending th...

Страница 462: ...choose SMS Provider and the Notify Profile specify the time of sending SMS Then type the phone number in the field of Recipient the one who will receive the SMS 9 Click OK to save the settings Later...

Страница 463: ...P Pr ro ov vi id de er r Choose one of the Index numbers 9 or 10 allowing you to customize the SMS Provider In the web page type the URL string of the SMS provider and type the username and password...

Страница 464: ...SB Application you can type the IP address of the Vigor router and username password created in USB Application USB User Management on the client software Then the client can use the FTP site USB stor...

Страница 465: ...USB storage disk into the Vigor router please make sure the memory format for the USB storage disk is FAT16 or FAT32 It is recommended for you to use FAT32 for viewing the filename completely FAT16 c...

Страница 466: ...ers and the host name can have as many as 23 characters Both them cannot contain any of the following Workgroup Name Type a name for the workgroup Host Name Type the host name for the router After fin...

Страница 467: ...erved for FTP firmware upgrade usage Note FTP Passive mode is not supported by Vigor Router Please disable the mode on the FTP client Password Type the password for FTP SMB users for accessing FTP ser...

Страница 468: ...you have to insert a USB storage disk into the USB interface of the Vigor router Otherwise you cannot save the configuration V VI II I 2 2 3 3 F Fi il le e E Ex xp pl lo or re er r File Explorer offer...

Страница 469: ...t And then remove the USB device later Available settings are explained as follows Item Description Connection Status If there is no USB device connected to Vigor router No Disk Connected will be show...

Страница 470: ...es User s Guide 458 V VI II I 2 2 5 5 M Mo od de em m S Su up pp po or rt t L Li is st t Such page provides the information about the brand name and model name of the USB modems which are supported by...

Страница 471: ...Guide 459 V VI II I 2 2 6 6 S SM MB B C Cl li ie en nt t S Su up pp po or rt t L Li is st t SMB Client Support List provides the test status information for applications with file sharing operated un...

Страница 472: ...e Explorer If it is necessary for you to delete copy files on the device or write paste files to the devcie it must be done through SMB server or FTP server SMB service is based on the original USB FT...

Страница 473: ...ement Click index 1 link and click Enable to enable FTP SMB User account Here we add a new account user1 and assign authorities Read Write and List to it 4 Click OK to save the configuration 5 Make su...

Страница 474: ...SB Application USB Disk Status The information for FTP server will be shown as below Now users in LAN of Vigor2832 can access into the USB storage device by typing ftp 192 168 1 1 on any browser They...

Страница 475: ...Vigor2832 Series User s Guide 463 This page is left blank...

Страница 476: ...64 P Pa ar rt t V VI II II I T Tr ro ou ub bl le es sh ho oo ot ti in ng g This part will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and...

Страница 477: ...ow to check your basic installation status stage by stage Checking if the hardware status is OK or not Checking if the network connection settings on your computer are OK or not Pinging the router fro...

Страница 478: ...1 1 1 D Di ia al l o ou ut t T Tr ri ig gg ge er ri in ng g Click Diagnostics and click Dial out Triggering to open the web page The internet connection e g PPPoE is triggered by a package sending fr...

Страница 479: ...e 467 V VI II II I 1 1 2 2 R Ro ou ut ti in ng g T Ta ab bl le e Click Diagnostics and click Routing Table to open the web page and Available settings are explained as follows Item Description Refresh...

Страница 480: ...ware address MAC Address and an IP address Available settings are explained as follows Item Description Refresh Click it to reload the page V VI II II I 1 1 4 4 I IP Pv v6 6 N Ne ei ig gh hb bo ou ur...

Страница 481: ...D DH HC CP P T Ta ab bl le e The facility provides information on IP address assignments This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics...

Страница 482: ...o reload the page V VI II II I 1 1 6 6 N NA AT T S Se es ss si io on ns s T Ta ab bl le e Click Diagnostics and click NAT Sessions Table to open the list page Available settings are explained as follo...

Страница 483: ...nd displayed on Diagnostics DNS Cache Table Available settings are explained as follows Item Description Clear Click this link to remove the result on the window Refresh Click it to reload the page Wh...

Страница 484: ...drop down list to choose the WAN interface that you want to ping through or choose Unspecified to be determined by the router automatically Ping to Use the drop down list to choose the destination tha...

Страница 485: ...t and IP session limit before invoking Data Flow Monitor If not a notification dialog box will appear to remind you enabling it Click Diagnostics and click Data Flow Monitor to open the web page You c...

Страница 486: ...ied in Limit Session web page Action Block can prevent specified PC accessing into Internet within 5 minutes Unblock The device with the IP address will be blocked for five minutes The remaining time...

Страница 487: ...set to zero the accumulated RX TX received and transmitted data of WAN Click Refresh to renew the graph at any time The horizontal axis represents time Yet the vertical axis has different meanings For...

Страница 488: ...Simply type the IP address of the host in the box and click Run The result of route trace will be shown on the screen or Available settings are explained as follows Item Description IPv4 IPv6 Click o...

Страница 489: ...and choose the display mode you want Later the event of Syslog with specified type will be shown for your reference Available settings are explained as follows Item Description Enable Web Syslog Chec...

Страница 490: ...ay the type of the record Message Display the information for each event V VI II II I 1 1 1 13 3 T TS SP PC C S St ta at tu us s IPv6 TSPC status web page could help you to diagnose the connection sta...

Страница 491: ...o on n L Lo og g This page will display the complete authentication log information Available settings are explained as follows Item Description Enable Check the box to enable such function Refresh Cl...

Страница 492: ...vironment to find out if there is any abnormal connection Information of IP traced and destination port used for SYN Flood UDP Flood and ICMP Flood attacks will be detected and shown respectively on d...

Страница 493: ...following web page will be blocked forever Available settings are explained as follows Item Description Blocking IP Type the IP address in this field and click add It will be added to the IP List and...

Страница 494: ...the hardware status 1 Check the power line and WLAN LAN cable connections Refer to I 2 Hardware Installation for details 2 Turn on the router Make sure the ACT LED blink once per second and the corres...

Страница 495: ...he link is stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s Info The example is based on Windows 7 As to the examples...

Страница 496: ...r2832 Series User s Guide 484 4 Select Internet Protocol Version 4 TCP IP and then click Properties 5 Select Obtain an IP address automatically and Obtain DNS server address automatically Finally clic...

Страница 497: ...ide 485 F Fo or r M Ma ac c O OS S 1 Double click on the current used Mac OS on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop d...

Страница 498: ...router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista 7 8 The DOS command dialo...

Страница 499: ...Vigor2832 Series User s Guide 487...

Страница 500: ...gured in Vigor router Check if the LEDs on Vigor router are on or not If not please install an additional switch for connecting both Vigor router and the modem offered by ISP Then check if the LEDs on...

Страница 501: ...k c co on nn ne ec ct ti io on n d do oe es s n no ot t w wo or rk k Check the PIN Code of SIM card is disabled or not Please use the utility of 3G 4G USB Modem to disable PIN code and try again If i...

Страница 502: ...essing factory default setting you will loose all settings you did before Make sure you have recorded all useful settings before you pressing The password of factory default is null S So of ft tw wa a...

Страница 503: ...Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request V VI II II I 8 8...

Страница 504: ...he difficulty is how to handle the traffics between two or more Ethernet switches Thus VLAN is suitable for some circumstances for example the rental apartment SOHO office and so on These clients may...

Страница 505: ...packet as the VID of Trunk port while forwarding the packets to another switch Bridge mode of WAN P1 and P2 are doing NAT flow to access to the internet but P3 and P4 will forward the packets between...

Страница 506: ...Vigor2832 Series User s Guide 494...

Страница 507: ...Vigor2832 Series User s Guide 495 LAN V VL LA AN N a ap pp pl li ic ca at ti io on ns s o on n V Vi ig go or r r ro ou ut te er r Multi Subnet VLAN of LAN...

Страница 508: ...ver LAN1 LAN2 LAN3 LAN4 However the traffics of the LAN port or SSID that are NOT being grouped in the same VLAN are unable to forward to each other The benefit of Port based is able to extend the wir...

Страница 509: ...to be isolated from your private network due to the security considerations it can be done by above settings However a switch support VLAN function is need if VLAN Tag enabled Triple Play Multi WAN N...

Страница 510: ...Vigor2832 Series User s Guide 498...

Страница 511: ...dge mode with VLAN Set top box STB or the other kinds of media devices are able to attach with Port4 or Port5 of LAN Those devices that attached with Port4 or Port5 are able to access the services net...

Страница 512: ...Vigor2832 Series User s Guide 500 P Pa ar rt t I IX X D Dr ra ay yT Te ek k T To oo ol ls s...

Страница 513: ...ol VPN connections such as IPSec PPTP L2TP protocols for secure data exchange and communication With SSL VPN embedded on Vigor routers teleworkers can have convenient and simple access to central site...

Страница 514: ...L L V VP PN N T Tu un nn ne el l SmartVPN APP for Android is now available on Google play This document demonstrates how to use the APP to establish a SSL VPN tunnel 1 On VPN server create a SSL user...

Страница 515: ...r Routers it is 443 by default d Tap SAVE to save the profile or to cancel Info Installation of relevant Root CA is required to enable server certificate authentication If you check Use default gatewa...

Страница 516: ...Vigor2832 Series User s Guide 504 7 When the tunnel is up the profile will turn green Tap the bar again will disconnect the tunnel 8 Tap the pencil icon to edit or remove the profile...

Страница 517: ...Vigor2832 Series User s Guide 505 This page is left blank...

Страница 518: ...Vigor2832 Series User s Guide 506 P Pa ar rt t X X T Te el ln ne et t C Co om mm ma an nd ds s...

Страница 519: ...Windows Features of Telnet Client has been turned on under Control Panel Programs Type cmd and press Enter The Telnet terminal will be open later In the following window type Telnet 192 168 1 1 as be...

Страница 520: ...ide 508 For users using previous Windows system e g 2000 XP simply click Start Run and type Telnet 192 168 1 1 in the Open box as below Next type admin admin for Account Password And type to get a lis...

Страница 521: ...s command is used to display current status of ADSL setting S Sy yn nt ta ax x adsl status E Ex xa am mp pl le e adsl status ATU R Info hw annex A f w annex A Running Mode State TRAINING DS Actual Rat...

Страница 522: ...te 4 VCMUX_Bridge 5 VCMUX_Route 6 IPoE Proto It means the protocol used to connect Internet Different numbers represent different protocols 0 PPPoA 1 PPPoE 2 MPoA Modu 0 T1 413 2 G dmt 4 Multi 5 ADSL2...

Страница 523: ...number and must be between 0 Channel 1 to 7 Channel 8 status It means to shown the whole bridge status save It means to save the configuration to flash enable It means to enable the Multi VLAN functio...

Страница 524: ...re largest power of data transmission Please follow the steps below to set adsl drivermode 1 Please connect dsl line to the DSLAM 2 Waiting for dsl SHOWTIME 3 Drop the dsl line 4 Now it is on continuo...

Страница 525: ...vel 5 for F5 End to End VC level chklink Check the DSL connection Log_on log_off Enable or disable the OAM log for debug E Ex xa am mp pl le e adsl oamlb chklink on OAM checking dsl link is ON adsl oa...

Страница 526: ...L mode set Use default settings plus the new added ADSL mode default Use default settings show Display current setting adsl_mode There are three modes to be choose ANNEXL ANNEXM and ANNEXJ E Ex xa am...

Страница 527: ...s us ds bi us means upstream ds means downstream bi means bidirection value The values for different functions change slightly bitswap 0 2 sra 0 2 3 4 on off Type on for enabling such function Type of...

Страница 528: ...om mm ma an nd d a ad ds sl l a at tm m This command can set QoS parameter for ATM adsl atm pcr pvc_no PCR max status adsl atm scr pvc_no SCR status adsl atm mbs pvc_no MBS status adsl atm status S Sy...

Страница 529: ...set done bind pvc3 to pvc5 The above example means PVC3 has been bound to PVC5 adsl pvcbinding 3 1 clear pvc 1 binding The above example means the PVC3 binding group has been removed T Te el ln ne et...

Страница 530: ...e settings are 1 and 2 a enable 1 0 to enable disable this entry n UserName contact UserName max 24 characters p PassWord contact PassWord max 24 characters s select It means to specify an IP address...

Страница 531: ...sm appe set i INDEX v GROUP e AP_IDX d AP_IDX a AP_IDX ACTION S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description INDEX Specify the index number of CSM profile from 1 to 32 v Vi...

Страница 532: ...how t Type Index Name Version Advance Advanced Option M essage F ile Transfer G ame C onference and O ther Activities PROTOCOL 52 DB2 PROTOCOL 53 DNS PROTOCOL 54 FTP PROTOCOL 55 HTTP 1 1 PROTOCOL 56 I...

Страница 533: ...load interface S Sy yn nt ta ax x csm appe interface AUTO WAN S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n P Pa ar ra am me et te er r D De es sc cr ri ip pt ti io on n AUTO Vigor router speci...

Страница 534: ...n n show Display all of the profiles setdefault Return to default settings for all of the profile msg MSG Set the administration message MSG means the content less than 255 characters of the message i...

Страница 535: ...INDEX uac o KEY_WORD_Object_Index csm ucf obj INDEX uac g KEY_WORD_Group_Index S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description INDEX Specify the index number of CSM profile...

Страница 536: ...game Log none Priority Select Bundle Pass Enable URL Access Control Action pass v Prevent web access from IP address No Obj NO Object Name No Grp NO Group Name csm ucf obj 1 uac a B Profile Index 1 P...

Страница 537: ...e Enable the restriction of web feature d Disable the restriction of web feature a Set the action of web feature P or B B Block The web access meets the web feature will be blocked P Pass The web acce...

Страница 538: ...Parameter Description show Display the web content filter profiles Look Display the license information of WCF Cache Set the cache level for the profile Server WCF_SERVER Set web content filter server...

Страница 539: ...phy Sexually Explicit Weapons Violence School Cheating Sex Education Tasteless Child Abuse Imges Entertainment Games Sports Travel Leisure Recreation Fashin Beauty Business Job Search Web based Emai C...

Страница 540: ...buse Images leisure Group Entertainment Games Sports Travel Leisure Recreation Fashion Beauty T Te el ln ne et t C Co om mm ma an nd d c cs sm m d dn ns sf f It means to configure the settings regardi...

Страница 541: ...ck page for redirect port When a web page is blocked by DNS filter the router system will send a message page to describe that the page is not allowed to be visisted ON Enable the function of displayi...

Страница 542: ...o os s This command allows users to configure the settings for DoS defense system dos V D A dos s ATTACK_F THRESHOLD TIMEOUT dos a e ATTACK_F ATTACK_0 d ATTACK_F ATTACK_0 S Sy yn nt ta ax x D De es sc...

Страница 543: ...ri ip pt ti io on n Parameter Description W n W means to set WAN interface 1 WAN1 2 WAN2 Default is WAN1 M n M means to set Internet Access Mode Mandatory and n means different modes represented by 0...

Страница 544: ...de Modem Dial String max 31 characters v service name Set PPP mode Service Name max 23 characters m ppp username Set PPP mode PPP Username max 63 characters o ppp password Set PPP mode PPP Password ma...

Страница 545: ...nd d i ip p p pu ub bs su ub bn ne et t This command allows users to enable or disable the IP routing subnet for your router S Sy yn nt ta ax x ip pubsubnet Enable Disable S Sy yn nt ta ax x D De es...

Страница 546: ...ubnet IP address Specify a subnet mask The system will set the one that you specified as the public subnet mask E Ex xa am mp pl le e ip pubmask ip pubmask public subnet mask Now 255 255 255 0 ip pubm...

Страница 547: ...a am mp pl le e ip addr 192 168 50 1 Set IP address OK Info When the LAN IP address is changed the start IP address of DHCP server are still the same To make the IP assignment of the DHCP server being...

Страница 548: ...arp setCacheLife is set with 60 it means you have an ARP cache at 0 second Sixty seconds later without any ARP messages received the system will think such ARP cache is expired The system will issue a...

Страница 549: ...ptional setting for DHCP server h display usage l list all custom set DHCP options d delete custom dhcp client option by index number e enable disable option feature 1 enable 0 disable w set WAN numbe...

Страница 550: ...ply from 172 16 3 229 time 0ms Packets Sent 5 Received 5 Lost 0 0 loss T Te el ln ne et t C Co om mm ma an nd d i ip p t tr ra ac ce er rt t This command allows users to trace the routes from the rout...

Страница 551: ...D De es sc cr ri ip pt ti io on n Parameter Description 0 1 2 0 means disable 1 means LAN1 and 2 means IP Routed E Ex xa am mp pl le e ip rip 1 Set RIP LAN1 T Te el ln ne et t C Co om mm ma an nd d i...

Страница 552: ...otocol enable T Te el ln ne et t C Co om mm ma an nd d i ip p r ro ou ut te e This command allows users to set static route S Sy yn nt ta ax x ip route add dst netmask gateway ifno rtype ip route del...

Страница 553: ...efault route clean Clean all of the route settings 1 Enable the function 0 Disable the function E Ex xa am mp pl le e ip route add 172 16 2 0 255 255 255 0 172 16 2 4 3 static ip route status Codes C...

Страница 554: ...ans to disable proxy server wan It means to specify WAN interface for IGMP service query It means to set IGMP general query interval The default value is 125000 ms ppp 0 No need to set IGMP with PPP h...

Страница 555: ...onfiguration txquery on off v2 v3 IGMP query will be sent out to LAN periodically mode hw sw Make IGMP snooping work on software or hardware chkleave on off Off Vigor router will drop LEAVE if clients...

Страница 556: ...t C Co om mm ma an nd d i ip p d dm mz zs sw wi it tc ch h This command is to enable disable private IP DMZ or Active True IP DMZ for DMZ host S Sy yn nt ta ax x ip dmzswitch off ip dmzswitch private...

Страница 557: ...um Set the default number of session num limit for p2p status Display the current settings show Display all session limit settings in the IP range timer num Set when the IP session block works The uni...

Страница 558: ...e current settings show Display all the bandwidth limits settings within the IP range add Add the bandwidth within the IP range del Delete the bandwidth within the IP range IP1 IP2 It means the range...

Страница 559: ...P bindmac policy table can access into network show Display the IP address and MAC address of the pair of binded one add Add one IP bindmac del Delete one IP bindmac IP Type the IP address for binding...

Страница 560: ...in several commands in one line General Setup for Policy Route i value Specify an index number for setting policy route profile Value 1 to 60 1 means to get a free policy index automatically e 0 1 0 D...

Страница 561: ...olicy route profile Value Type a number 0 250 The default value is 150 I value Indicate the interface specified for the policy route profile Value Available interfaces include LAN1 LAN8 IP_Routed_Subn...

Страница 562: ...pl le e ip policy_rt diagnose s 192 168 1 100 d any p any t ICMP Matched Route Priority No_Match Matched Policy Priority Policy_1 200 Conclusion The packet was dropped because the send to interface o...

Страница 563: ...ng T Te el ln ne et t C Co om mm ma an nd d i ip p d dn ns sf fo or rw wa ar rd d This command is used to set LAN DNS profile for conditional DNS forwarding ip dnsforward command parameter S Sy yn nt...

Страница 564: ...It means to add a static ipv6 address d It means to delete an ipv6 address a It means to show current address es status u It means to show only unicast addresses prefix It means to type the prefix nu...

Страница 565: ..._opt WAN2 S 1 ip6 dhcp req_opt WAN2 r 1 ip6 dhcp req_opt WAN2 a Interface WAN2 is set to request following DHCPv6 options sip name T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 d dh hc cp p c cl...

Страница 566: ...p server settings command parameter The available commands with parameters are listed below means that you can type in several commands in one line a It means to show current DHCPv6 status i pool_min_...

Страница 567: ...3 AICCU n 4 DHCPv6 n 5 Static n 6 6in4 Static n 7 6rd command parameter The available commands with parameters are listed below means that you can type in several commands in one line For 6rd C n Set...

Страница 568: ...IPv6 address For others d server Set 1st DNS Server IP server IPv6 Address D server Set 2nd DNS Server IP server IPv6 Address t dhcp ra none Set ipv6 PPP WAN test mode for DHCP or RA V View IPv6 Inter...

Страница 569: ...1 WAN2 USB1 USB2 S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description s It means to add a neighbour d It means to delete a neighbour a It means to show neighbour status inet6_add...

Страница 570: ...E80 250 7FFF FE12 300 successfully added T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 r ro ou ut te e This command allows you to S Sy yn nt ta ax x ip6 route s prefix prefix length gateway LAN W...

Страница 571: ...Pv6 address or a host S Sy yn nt ta ax x ip6 ping IPV6 address Host LAN1 LAN2 LAN4 WAN1 WAN2 USB1 USB2 send count data_size 1 1452 S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Descri...

Страница 572: ...01 4DE0 A 1 330 ms 4 2001 4DE0 1000 34 1 340 ms 5 2001 7F8 1 A501 5169 1 330 ms 6 2001 4860 1 0 4B3 350 ms 7 2001 4860 8 0 2DAF 330 ms 8 2001 4860 2 0 66E 340 ms 9 Request timed out 10 2001 4860 4860...

Страница 573: ...etime It means to set the lifetime The lifetime associated with the default router in units of seconds It s used to control the lifetime of the prefix The maximum value corresponds to 18 2 hours A lif...

Страница 574: ...ess list status It means to show the status of IPv6 management add It means to add an IPv6 address which can be used to execute management through Internet index It means the number 1 2 and 3 allowed...

Страница 575: ...e ip6 online WAN1 WAN1 online status IPv6 WAN1 Disabled Default Gateway Interface DOWN UpTime 0 00 00 IPv6 DNS Server Static IPv6 DNS Server Static IPv6 DNS Server Static Tx packets 0 Tx bytes 0 Rx p...

Страница 576: ...ty IPv6 First T Te el ln ne et t C Co om mm ma an nd d i ip p6 6 l la an n This command allows you to configure settings for IPv6 LAN S Sy yn nt ta ax x ip6 lan l n l w d D m o s parameter S Sy yn nt...

Страница 577: ...rimary WAN1 T Te el ln ne et t C Co om mm ma an nd d i ip pf f v vi ie ew w IPF users to view the version of the IP filter to view set the log flag to view the running IP filter rules ipf view Vcdhrtz...

Страница 578: ...ket Type 2 to display the log of blocked packet Type 3 to display the log of non matching packet p VALUE It means to setup actions for packet not matching any rule e g p 1 Type 0 to let all the packet...

Страница 579: ...saved ipf set v Call Filter Enable Start Filter Set 1 Data Filter Enable Start Filter Set 2 Log Flag None Actions for packet not matching any rule Pass or Block Pass CodePage ANSI 1252 Latin I Max Se...

Страница 580: ...1 Single Address 2 Any Address 3 Range Address Example Set Subnet Address s u 0 192 168 1 10 255 255 255 0 Set Single Address s u 1 192 168 1 10 Set Any Address s u 2 Set Range Address s u 3 192 168...

Страница 581: ...he classification for QoS index Available settings contain 1 Class 1 2 Class 2 3 Class 3 4 Other log flag 0 means disable to save and display in Syslog 1 means enable to save and display in Syslog l w...

Страница 582: ...8 ANSI 1257 Baltic 9 ANSI 1258 Viet Nam 10 OEM 437 United States 11 OEM 850 Multilingual Latin I 12 OEM 860 Portuguese 13 OEM 861 Icelandic 14 OEM 863 Canadian French 15 OEM 865 Nordic 16 ANSI OEM 874...

Страница 583: ...d i ip pf f f fl lo ow wt tr ra ac ck k This command is used to set and view flowtrack sessions ipf flowtrack set re ipf flowtrack view fb ipf flowtrack i p t S Sy yn nt ta ax x D De es sc cr ri ip pt...

Страница 584: ...tate T Te el ln ne et t C Co om mm ma an nd d L Lo og g This command allows users to view log for WAN interface such as call log IP filter log flush log buffer etc log cfhiptwx F a c f w S Sy yn nt ta...

Страница 585: ...x ldap user INDEX OPTION S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description INDEX Specify the index number 1 to 8 of the LDAP profile OPTION n VALUE Setup Profile Name b VALUE...

Страница 586: ...ap set Options Value S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description enable 0 1 Enable or disable LDAP function 0 Disable the function 1 Enable the function type 0 2 Set the...

Страница 587: ...ttings for RADIUS server S Sy yn nt ta ax x radius enable 0 1 radius authport port number radius client add idx i address m mask p prefix l length s secret radius client del idx radius show radius set...

Страница 588: ...fy which method will be used Dot1x_phase2 can only support MS CHAPv2 now So only 1 can be used for it e Set method for dot1x_phase1 or dot1x_phase2 d Delete method for dot1x_phase1 or dot1x_phase2 E E...

Страница 589: ...Te el ln ne et t C Co om mm ma an nd d m mn ng gt t f ft tp pp po or rt t This command allows users to set FTP port for management mngt ftpport FTP port S Sy yn nt ta ax x D De es sc cr ri ip pt ti i...

Страница 590: ...n nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description Telnet port It means to type the number for telnet port The default setting is 23 E Ex xa am mp pl le e mngt telnetport 23 Set Teln...

Страница 591: ...PING packets will be forwarded from LAN PC to Internet off All PING packets will be blocked from LAN PC to Internet viewlog It means to display a log of ping action including source MAC and source IP...

Страница 592: ...s to remove the log of defense worm packet E Ex xa am mp pl le e mngt defenseworm add 21 Add TCP port 21 Block TCP port list 135 137 138 139 445 21 mngt defenseworm del 21 Delete TCP port 21 Block TCP...

Страница 593: ...yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description e 0 1 It means to enable disable the function 0 disable the function 1 enable the function s value It means to specify service off...

Страница 594: ...packet disable It means to drop the echo ICMP packet E Ex xa am mp pl le e mngt echoicmp enable Echo ICMP packet enabled T Te el ln ne et t C Co om mm ma an nd d m mn ng gt t a ac cc ce es ss sl li i...

Страница 595: ...etting community by typing a proper character max 23 characters s Community name It means to set community by typing a proper name max 23 characters m IP address It means to set one host as the manage...

Страница 596: ...ddress for the specified LAN interface msubnet addr 2 3 4 IP address S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description 2 3 4 5 6 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 IP...

Страница 597: ...e msubnet status 2 LAN2 Off 0 0 0 0 0 0 0 0 PPP Start IP 0 0 0 60 DHCP server Off Dhcp Gateway 0 0 0 0 Start IP 0 0 0 10 Pool Count 50 T Te el ln ne et t C Co om mm ma an nd d m ms su ub bn ne et t d...

Страница 598: ...Please use sys reboot command to reboot the router T Te el ln ne et t C Co om mm ma an nd d m ms su ub bn ne et t g ga at te ew wa ay y This command is used to configure an IP address as the gateway u...

Страница 599: ...i ip pt ti io on n Parameter Description 1 2 3 4 It means LAN interface 1 LAN1 2 LAN2 3 LAN3 4 LAN4 On Off On It means to establish a link for the selected LAN with others Off It means to terminate th...

Страница 600: ...subnet pppip 2 3 4 Start IP S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description 2 3 4 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 Start IP Type an IP address as the starting IP...

Страница 601: ...t 1 B node 2 P node 4 M node 8 H node T Te el ln ne et t C Co om mm ma an nd d m ms su ub bn ne et t p pr ri im mW WI IN NS S This command is used to configure primary WINS server msubnet primWINS 2 3...

Страница 602: ...bnet secWINS 2 3 4 WINS IP S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description 2 3 4 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 WINS IP Type the IP address as the WINS IP E Ex...

Страница 603: ...N3 LAN4 msubnet tftp 2 publish Set LAN2 TFTP Server Name done msubnet tftp msubnet tftp 2 3 4 TFTP server name Now LAN2 publish LAN3 LAN4 T Te el ln ne et t C Co om mm ma an nd d m ms su ub bn ne et t...

Страница 604: ...s INDEX It means the index number of the specified object profile v It means to view the information of the specified object profile Example object ip obj 1 v n NAME It means to define a name for the...

Страница 605: ...object ip grp INDEX a IP_OBJ_INDEX S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description setdefault It means to return to default settings for all profiles INDEX It means the inde...

Страница 606: ...Guide 594 Interface Any Included ip object index 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 object ip grp 2 i 1 object ip grp 2 a 1 2 IP Group Profile 2 Name First Interface Lan Included ip object index 0 1 1 2...

Страница 607: ...15 characters Example object ip obj 9 n bruce i INTERFACE It means to define an interface for the IP object INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 3 means WAN Example object ip obj 8 i...

Страница 608: ...the specified group profile v It means to view the information of the specified group profile Example object ip grp 1 v n NAME It means to define a name for the IP group NAME Type a name with less tha...

Страница 609: ...ect profile Example object service obj 1 v n NAME It means to define a name for the IP object NAME Type a name with less than 15 characters Example object service obj 9 n bruce i PROTOCOL It means to...

Страница 610: ...range 120 240 Destination port check action Destination port range 200 220 T Te el ln ne et t C Co om mm ma an nd d o ob bj je ec ct t s se er rv vi ic ce e g gr rp p This command is used to integrat...

Страница 611: ...INDEX v object kw obj INDEX n NAME object kw obj INDEX a CONTENTS S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description setdefault It means to return to default settings for all p...

Страница 612: ...l of the profiles setdefault It means to return to default settings for all profiles INDEX It means the index number from 1 to 8 of the specified file extension object profile v It means to view the i...

Страница 613: ...usic Image category bmp dib gif jpeg jpg jpg2 jp2 pct pcx pic pict png tif tiff Video category asf avi mov mpe mpeg mpg v mp4 qt rm v wmv 3gp 3gpp 3gpp2 3g2 Audio category v aac v aiff v au v mp3 v m4...

Страница 614: ...xrx restart sta tus Set the LAN Port Mirror function On Enable the function Off Disable the function Port Set the mirror port E g port sniff p1 TXRX Set the port number to be mirrored for transmitting...

Страница 615: ...ion timeout w sec It means TCP WWW protocol sec Type a number to set the TCP WWW session timeout s sec It means TCP SYN protocol sec Type a number to set the TCP SYN session timeout f It means to flus...

Страница 616: ...tart port Specify a starting port number for Specific Host mode e end port Specify an ending port number for Specific Host mode E Ex xa am mp pl le e ppa m 1 p 1 b 0 Set ok The PPA mode is Auto You ne...

Страница 617: ...coming traffic only 2 out apply to outgoing traffic only 3 both apply to both incoming and outgoing traffic Default is enable for outgoing traffic i bandwidth It means to set inbound bandwidth in kbps...

Страница 618: ...inbound bandwidth set to 9500 outbound bandwidth set to 8500 WAN2 class 3 ratio set to 20 WAN2 udp bandwidth control set to enable WAN2 udp bandwidth limit ratio set to 50 WAN2 Outbound TCP ACK Prior...

Страница 619: ...y for example l 172 16 3 9 addr1 addr2 It means Range address Please specify the IP addresses for example l 172 16 3 9 172 16 3 50 addr1 subnet It means the subnet address with start IP address Please...

Страница 620: ...t t C Co om mm ma an nd d q qo os s t ty yp pe e This command allows user to configure protocol type and port number for QoS S Sy yn nt ta ax x qos type a service name e no d no S Sy yn nt ta ax x D D...

Страница 621: ...E Ex xa am mp pl le e qos voip off QoS for VoIP Disable SIP Port 5060 T Te el ln ne et t C Co om mm ma an nd d q qu ui it t This command can exit the telnet command screen T Te el ln ne et t C Co om m...

Страница 622: ...pping status Index Status WAN4 aux IP Private IP 1 Disable 0 0 0 0 T Te el ln ne et t C Co om mm ma an nd d s sh ho ow w d dn ns s This command displays current status of DNS setting E Ex xa am mp pl...

Страница 623: ...0 0 0 0 0 12 0 0 0 0 0 0 0 13 0 0 0 0 0 0 0 14 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 16 0 0 0 0 0 0 0 17 0 0 0 0 0 0 0 18 0 0 0 0 0 0 0 19 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 MORE q Quit Enter New Lines Space Ba...

Страница 624: ...0 WAN2 Current Session Usage 0 WAN3 Current Session Usage 0 WAN4 Current Session Usage 0 T Te el ln ne et t C Co om mm ma an nd d s sh ho ow w s st ta at tu us s This command displays current status...

Страница 625: ...rsion 1 544e0000 ADSL Firmware Version 06 06 01 07 00 01 Power Management Mode DSL_G997_PMS_NA Test Mode DISABLE ATU C Info Far Current Attenuation 0 dB Far SNR Margin 0 dB CO ITU Version 0 00000000 C...

Страница 626: ...Vigor2832 Series User s Guide 614 show statistic reset wan1 Reset WAN1 tx rx Bytes to zero...

Страница 627: ...me Set a name of the host for SMB service set access LAN or LANWAN Allow to access into SMB server by LAN or borth LA N and WAN E Ex xa am mp pl le e smb setting enable SMB service is enabled smb sett...

Страница 628: ...c status Index MAC Address T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p d dn ns s1 1 This command allows users to set Primary IP Address for DNS Server in LAN srv dhcp dns1 srv dhcp...

Страница 629: ...or the DHCP server DNS IP address It means the IP address that you want to use as DNS2 Note The IP Routed Subnet DNS must be the same as NAT Subnet DNS E Ex xa am mp pl le e srv dhcp dns2 10 1 1 1 srv...

Страница 630: ...dhcp frcdnsmanl on Domain name server now is using manual settings srv dhcp frcdnsmanl off Domain name server now is using auto settings T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp...

Страница 631: ...c cp p o on n This function allows users to turn on DHCP server It needs rebooting router please type sys reboot command to reboot router T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp...

Страница 632: ...ke effect after rebooting Please use sys reboot command to reboot the router T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p s st ta at tu us s This command can display general informa...

Страница 633: ...ns the lease time that DHCP server can use The unit is second E Ex xa am mp pl le e srv dhcp leasetime srv dhcp leasetime Lease Time sec Now 86400 T Te el ln ne et t C Co om mm ma an nd d s sr rv v d...

Страница 634: ...hcp primWINS 192 168 1 88 srv dhcp primWINS srv dhcp primWINS WINS IP address srv dhcp primWINS clear Now 192 168 1 88 T Te el ln ne et t C Co om mm ma an nd d s sr rv v d dh hc cp p s se ec cW WI IN...

Страница 635: ...x D De es sc cr ri ip pt ti io on n Parameter Description TFTP server name It means to type the name of TFTP server E Ex xa am mp pl le e srv dhcp tftp TF123 srv dhcp tftp srv dhcp tftp TFTP server n...

Страница 636: ...by typing string a It means to set the option value by specifying the IP address x It means to set option number with the format of Hexadecimal characters u It means to update the option value of the...

Страница 637: ...enable disable such feature 1 enable 0 disable i It means to specify the private IP address of the DMZ host r It means to remove DMZ host setting v It means to display current status E Ex xa am mp pl...

Страница 638: ...n less than 23 characters for the defined network service i local ip It means to set the IP address for local computer Local ip Type an IP address in this field w idx It means to specify the public IP...

Страница 639: ...index number is from 1 to 10 serv name It means to type one name as service name proto It means to specify TCP or UDP as the protocol pub port It means to specify which port can be redirected to the s...

Страница 640: ...ri ig gg ge er r This command allows users to configure port triggering settings for NAT S Sy yn nt ta ax x srv nat trigger setdefault srv nat trigger view srv nat trigger n command parameter S Sy yn...

Страница 641: ...00 srv nat trigger 1 v Port Trigger Rule Index 1 Status Enable Comment after_dinner2000 Triggering Protocol TCP Triggering Port 2000 Incoming Protocol UDP Incoming Port 3000 T Te el ln ne et t C Co om...

Страница 642: ...Redirection O Open Ports D DMZ T Te el ln ne et t C Co om mm ma an nd d s sw wi it tc ch h i i This command is used to obtain the TX transmitted or RX received data for each connected switch S Sy yn n...

Страница 643: ...on n Parameter Description 0 Disable the option of No Respond to External Device packets 1 Enable the option of No Respond to External Device packets E Ex xa am mp pl le e switch not_respond 1 slave n...

Страница 644: ...sw wi it tc ch h q qu ue er ry y This command is used to enable or disable the switch query E Ex xa am mp pl le e switch query on Extern Device status query is Enable switch query off Extern Device s...

Страница 645: ...ew 1 Index 1 User Name carrie User Password test123 T Te el ln ne et t C Co om mm ma an nd d s sy ys s b bo on nj jo ou ur r This command is used to disable enable and configure the Bonjour service sy...

Страница 646: ...ma an nd d s sy ys s c cm md dl lo og g This command displays the history of the commands that you have typed E Ex xa am mp pl le e sys cmdlog Commands Log The lowest index is the newest 1 sys cmdlog...

Страница 647: ...2 clear Now wan1 clever wan2 intelligent T Te el ln ne et t C Co om mm ma an nd d s sy ys s i if fa ac ce e This command displays the current interface connection status UP or Down with IP address MAC...

Страница 648: ...User s Guide 636 IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 06 Interface 9 Ethernet Status DOWN IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 07 MORE q Quit Enter New Lines Sp...

Страница 649: ...e sys name wan1 wan2 ASCII string max 20 characters sys name wan1 wan2 clear Now wan1 drayrouter wan2 Note Such name can be used to recognize router s identification in SysLog dialog T Te el ln ne et...

Страница 650: ...autoreboot is ON autoreboot time is 2 hour s T Te el ln ne et t C Co om mm ma an nd d s sy ys s c co om mm mi it t This command allows users to save current settings to FLASH Usually current settings...

Страница 651: ...4088 4088B used 0 cached 8 Buf KMC2552 2552B used 1641 cached 42 Buf KMC1016 1016B used 7 cached 1 Buf KMC504 504B used 8 cached 8 Buf KMC248 248B used 26 cached 22 Buf KMC120 120B used 67 cached 61 B...

Страница 652: ...ettings for applying in VigorACS sys tr069 get parm option sys tr069 set parm value sys tr069 getnoti parm sys tr069 setnoti parm value sys tr069 log sys tr069 debug on off sys tr069 save sys tr069 in...

Страница 653: ...rOfEntries InternetGatewayDevice DeviceInfo InternetGatewayDevice ManagementServer InternetGatewayDevice Time InternetGatewayDevice Layer3Forwarding InternetGatewayDevice LANDevice InternetGatewayDevi...

Страница 654: ...ic_wiz set reg qry sys license dev_chg sys license dev_key S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description licmsg It means to display license message licauth It means the li...

Страница 655: ...the function of the log Supported features include SYS and DSL Case Insensitive Default setting is on for DSL voip_feature on off vf_name It means VoIP feature Type on to enable the feature or type of...

Страница 656: ...Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description command parameter The available commands with parameters are listed below means that you can type in several commands in one l...

Страница 657: ...er Description command parameter The available commands with parameters are listed below means that you can type in several commands in one line l Display DNS IPv4 entry in the DNS cache table s Displ...

Страница 658: ...port number Define the port number 1 65535 for AlertLog E Ex xa am mp pl le e sys syslog a 1 s 1 i 192 168 1 25 d 514 T Te el ln ne et t C Co om mm ma an nd d s sy ys s t ti im me e This command is u...

Страница 659: ...GMT 03 00 Baghdad Kuwait Riyadh 42 GMT 03 00 Nairobi 43 GMT 03 00 Moscow St Petersburg 44 GMT 03 30 Tehran 45 GMT 04 00 Abu Dhabi Muscat 46 GMT 04 00 Baku Tbilisi 47 GMT 04 30 Kabul 48 GMT 05 00 Ekate...

Страница 660: ...x D De es sc cr ri ip pt ti io on n Parameter Description 0 Disable EAP TLS compatibility 1 Enable EAP TLS compatibility E Ex xa am mp pl le e sys eap_tls set 1 Enable EAP_TLS compatibility T Te el ln...

Страница 661: ...0 PortMapProtocol NULL The tmpvirtual server index 0 PortMapLeaseDuration 0 PortMapEnabled 0 0 MORE q Quit Enter New Lines Space Bar Next Page T Te el ln ne et t C Co om mm ma an nd d u up pn np p s s...

Страница 662: ...ervice OSInfo 1 Subscribtion1 sid 7a2bbdd0 0047 4fc8 b870 4597b34da7fb eventKey 1 ToSendEventKey 1 expireTime 6926 active 1 DeliveryURLs http 192 168 1 113 2869 upnp eventing twtnpnsiun 2 serviceType...

Страница 663: ...to apply UPnP n 0 it means to auto select WAN interface n 1 WAN1 n 2 WAN2 E Ex xa am mp pl le e upnp wan 1 use wan1 now T Te el ln ne et t C Co om mm ma an nd d u us sb b l li is st t This command is...

Страница 664: ...ist S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description add Add a new user profile Rm Delete an existed user profile enable Enable a user profile disable Disable a user profile...

Страница 665: ...IPv6 w WAN_idx WAN_idx Indicate the WAN interface 1 WAN1 2 WAN2 3 WAN3 4 WAN4 l LAN_idx LAN_idx Indicate the LAN interface 1 LAN1 2 LAN2 3 LAN3 4 LAN4 e 0 1 Enable 1 or disable 0 the Vigor Bridge for...

Страница 666: ...dge modem including index number MAC address Stamp Time PVC VLAN port for Vigor Bridge Function E Ex xa am mp pl le e vigbrg wanstatus Vigor Bridge Running WAN mac table Index MAC Address Stamp Time P...

Страница 667: ...llows you to disable VLAN function S Sy yn nt ta ax x vlan off E Ex xa am mp pl le e vlan off VLAN is Disable Force subnet LAN2 3 4 to be disabled T Te el ln ne et t C Co om mm ma an nd d v vl la an n...

Страница 668: ...an status E Ex xa am mp pl le e vlan status VLAN is Enable VLAN Enable VID Pri p1 p2 p3 p4 s1 s2 s3 s4 subnet 0 OFF 0 0 1 LAN1 1 OFF 0 2 1 LAN1 2 OFF 0 0 1 LAN1 3 OFF 0 0 V V V 1 LAN1 4 OFF 0 0 1 LAN1...

Страница 669: ...mode status It means to display if submode is normal mode or promiscuous mode E Ex xa am mp pl le e vlan submode status vlan subnet mode normal mode vlan submode on vlan subnet mode modified to promi...

Страница 670: ...m 0 to 7 vid_no It means the value of VLAN ID Type the value as the VLAN ID number The range is form 0 to 4095 E Ex xa am mp pl le e vlan vid 1 4095 VLAN1 vid 4095 T Te el ln ne et t C Co om mm ma an...

Страница 671: ...essive mode main It means to choose proposal for main mode auto index It means to choose default proposals proposal index It means to choose specified proposal aggressive It means the chosen DH group...

Страница 672: ...vpn dinset 1 Dial in profile index 1 Profile Name Status Deactive Mobile OTP Disabled Password Idle Timeout 300 sec vpn dinset 1 on set profile active vpn dinset 1 motp on Enable Mobile OTP mode vpn d...

Страница 673: ...e l2tp_out ip usr pwd nip nmask Command of Dial In vpn setup index name dialin ip usr pwd key nip nmask S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description For PPTP Dial Out ind...

Страница 674: ...key It means the value of IPsec Pre Shared Key nip nmask It means the remote network IP and the mask e g vpn setup 1 name1 dialin 1 2 3 4 vigor 1234 abc 192 168 1 0 255 255 255 0 E Ex xa am mp pl le e...

Страница 675: ...ans always on for dial out 0 it means always on for dial in Other numbers e g idle 200 idle 300 idle 500 mean the router will be idle after the interval seconds configured here palive It means to enab...

Страница 676: ...or Dial In Settings itype It means Allowed Dial In Type Available settings include itype t means PPTP itype s means IPSec itype L1 means L2TP None itype L1 means L2TP Nice to Have itype l2 means L2TP...

Страница 677: ...t NAT mode droute It means to Change default route to this VPN tunnel Only single WAN supports this droute on off means to enable disable the function E Ex xa am mp pl le e vpn option 1 idle 250 Chang...

Страница 678: ...out It means to list dial out settings of the specified profile in It means to list dial in settings of the specified profile net It means to list Network Settings of the specified profile index It m...

Страница 679: ...De es sc cr ri ip pt ti io on n Parameter Description PPTP IPSec L2TP There are four types to be selected on off on enable VPN remote setting off disable VPN remote setting E Ex xa am mp pl le e vpn r...

Страница 680: ...tive In active Dialout_Index GRE_MyIP GRE_PeerIP Logical_Traffic vpn trunk An_Gre GreIPsecAnalyze ON OFF S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description show_usable Display...

Страница 681: ...lgorithm with fastest mode of Load Balance Most of traffics will be led to the channel with the fastest connection name Specify the name of the VPN trunk bind usage BindIndex Display detailed informat...

Страница 682: ...P UDP Frag ON means to bind the fragmented packet OFF means not to care It is the default setting SetGre show Dialout_Index Display the GRE over IPSec settings in specified LAN to LAN profile Dialout_...

Страница 683: ...254 Binding Dest Port 1 65535 Binding Fragmented NO Binding Protocol ANY Protocol T Te el ln ne et t C Co om mm ma an nd d v vp pn n N Ne et tB Bi io os s This command allows users to enable or disabl...

Страница 684: ...to specify the connection type and value of MSS connection type 1 4 represent various type 1 PPTP 2 L2TP 3 IPSec 4 L2TP over IPSec TCP maximum segment size range Each type has different segment size...

Страница 685: ...Block E Ex xa am mp pl le e vpn Multicast set L2l 1 Pass Lan to Lan Profile Index 1 Status Block Pass PASS T Te el ln ne et t C Co om mm ma an nd d v vp pn n p pa as ss s2 2n nd d This command allows...

Страница 686: ...p pt ti io on n Parameter Description i value Specify the index number of VPN profile E 0 1 Enable or disable the IPsec with the same subnet 1 enable 0 disable e value Translate specified LAN to virtu...

Страница 687: ...value S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description value It means the number of MTU for PPP The available range is from 1000 to 1500 For Static IP DHCP the maximum numbe...

Страница 688: ...r disable the function of WAN forwarding The packets are allowed to be transmitted between different WANs wan forward on wan forward off S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter...

Страница 689: ...ddr wan detect wan1 ttl 1 255 wan detect status S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description on It means to enable ping detection The IP address of the target shall be se...

Страница 690: ...AN1 on WAN2 on WAN3 on WAN4 on WAN5 on WAN6 on WAN7 on T Te el ln ne et t C Co om mm ma an nd d w wa an n m mv vl la an n This command allows you to configure multi VLAN for WAN and LAN It supports pu...

Страница 691: ...an mvlan 7 on p2 p3 p4 PVC Bridge p1 p2 p3 p4 p5 p6 Service Type Tag Priority Keep Tag 7 ON 0 0 1 1 0 0 Normal 0 OFF 0 OFF T Te el ln ne et t C Co om mm ma an nd d w wa an n m mu ul lt ti if fn no o T...

Страница 692: ...d on packets The range of the value is between 32 4095 enable disable It means to enable or disable the WAN interface for VLAN pri value It means to set priority of data transmission via 802 1q The ra...

Страница 693: ...none for WAN budget psday th day in periodic It is used only when mode is set with periodic Specify the order of today in the cycle E g wan budget wan 5 psday It means today is the 5th day in the bill...

Страница 694: ...the suitable MTU size of the WAN interface S Sy yn nt ta ax x wan detect_mtu6 w number i IPv6 address s base_size S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description w number Sp...

Страница 695: ...mm ma an nd d w wl l a ac cl l This command allows the user to configure wireless access control settings S Sy yn nt ta ax x wl acl enable ssid1 ssid2 ssid3 ssid4 wl acl disable ssid1 ssid2 ssid3 ssid...

Страница 696: ...olate Set Done wl acl show Enable Mac Address Filter ssid1 dis ssid2 dis ssid3 dis ssid4 dis MAC Address Filter Index Attribute MAC Address Associated SSIDs 0 00 50 70 ff 12 70 ssid1 ssid2 ssid3 ssid4...

Страница 697: ...the SSID if required ssid_num Type 1 2 3 or 4 to specify SSID1 SSID2 SSID3 or SSID4 ssid_name Give a name for the specified SSID hidden_ssid Type 0 to hide the SSID or 1 to display the SSID Security S...

Страница 698: ...security 1 wpa1x Configured Wlan Security Setting SSID1 Mode wpa1x Wireless card must be reset for configurations to take effect Telnet Command wl restart T Te el ln ne et t C Co om mm ma an nd d w wl...

Страница 699: ...allows users to activate the function of VPN isolation wl iso_vpn ssid En S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description ssid It means the number of SSID 1 SSID1 2 SSID2 3...

Страница 700: ...the WMM for each SSID 0 disable 1 enable Apsd value It means to enable disable the ASPD automatic power save delivery function 0 disable 1 enable show It displays current status of WMM QueIdx It mean...

Страница 701: ...wl ht msdu value wl ht txpower value wl ht antenna value wl ht greenfield value S Sy yn nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description wl ht bw value The value you can type is 0 f...

Страница 702: ...o specify connection mode for WDS value Available settings are d Disable b Bridge r Repeapter security value It means to configure security mode with encrypted keys for WDS mode Available settings are...

Страница 703: ...hello 1 Note Please restart router after you set the parameters wl wds status T Te el ln ne et t C Co om mm ma an nd d w wl l b bt tn nc ct tl l This command allows you to enable or disable wireless...

Страница 704: ...nt ta ax x D De es sc cr ri ip pt ti io on n Parameter Description MAC Address It means the MAC address of the host IP address It means the LAN IP address of the host If you want to wake up LAN host b...

Страница 705: ...e user name that you want to get clear corresponding record all all of the records will be removed d Disable User management function e Enable User management function l all l userl l ip Show online u...

Страница 706: ...ans to set time quota 1 65535 of the user profile e g q 200 r Param It means to set data quota 1 65535 of the user profile e g r 1000 s Param It means to set schedule index sch_idex could be 1 to 15 t...

Страница 707: ...factory default configuration E Ex xa am mp pl le e user account admin d 0 q 200 r 1000 t 1 w MB Disable the admin data quota limited T Te el ln ne et t C Co om mm ma an nd d a ap pp pq qo os s The co...

Страница 708: ...am mp pl le e appqos enable 1 APP QoS set to Enable appqos traceable e 68 2 TELNET ENABLED QoS Class 2 T Te el ln ne et t C Co om mm ma an nd d n na an nd d b ba ad d n na an nd d u us sa ag ge e NAN...

Отзывы:

Нет отзывов

Похожие инструкции для Vigor 3220 SERIES

Бренд: W&T Страницы: 114

SECPATH U200-CS

Бренд: 3Com Страницы: 130

Бренд: IBASE Technology Страницы: 16

SecPath F100-X-G3

Бренд: H3C Страницы: 71

5.100.200.02.00

Бренд: MB Connect Line Страницы: 16

Бренд: Alcatel-Lucent Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды