Draytek Vigor2762 series Скачать руководство пользователя страница 206 | Manualshive

Страница: 206 / 651

Draytek Vigor2762 series Скачать руководство пользователя страница 206

IV-1-3 IPsec General Setup

IV-1-3 IPsec General Setup

In

IPsec General Setup,

there are two major parts of configuration.

There are two phases of IPsec.



Phase 1: negotiation of IKE parameters including encryption, hash, Diffie-Hellman

parameter values, and lifetime to protect the following IKE exchange, authentication
of both peers using either a Pre-Shared Key or Digital Signature (x.509). The peer that
starts the negotiation proposes all its policies to the remote peer and then remote
peer tries to find a highest-priority match with its policies. Eventually to set up a
secure tunnel for IKE Phase 2.



Phase 2: negotiation IPsec security methods including Authentication Header (AH) or
Encapsulating Security Payload (ESP) for the following IKE exchange and mutual
examination of the secure tunnel establishment.

There are two encapsulation methods used in IPsec,

Transport

and

Tunnel

. The

Transport

mode will add the AH/ESP payload and use original IP header to encapsulate the data

payload only. It can just apply to local packet, e.g., L2TP over IPsec. The

Tunnel

mode will

not only add the AH/ESP payload but also use a new IP header (Tunneled IP header) to
encapsulate the whole original IP packet.

Authentication Header (AH) provides data authentication and integrity for IP packets passed

between VPN peers. This is achieved by a keyed one-way hash function to the packet to
create a message digest. This digest will be put in the AH and transmitted along with

packets. On the receiving side, the peer will perform the same one-way hash on the packet
and compare the value with the one in the AH it receives.

Encapsulating Security Payload (ESP) is a security protocol that provides data confidentiality

and protection with optional authentication and replay detection service.

Available settings are explained as follows:

Item

Description

IKE Authentication
Method

This usually applies to those are remote dial-in user or node
(LAN-to-LAN) which uses dynamic IP address and IPsec-
related VPN connections such as L2TP over IPsec and IPsec
tunnel. There are two methods offered by Vigor router for
you to authenticate the incoming data coming from remote

Vigor2762 Series User’s Guide

196

«
...
204
205
206
207
208
...
»

Содержание Vigor2762 series

Страница 1: ......

Страница 2: ...Vigor2762 Series ADSL2 2 VDSL2 Router User s Guide Version 1 0 UK Firmware Version V3 8 8 BT For future updates please visit www draytek co uk support Date April 12 2018 Vigor2762 Series User s Guide ii ...

Страница 3: ...is subject to continuous evolution which may not always be reflected in current documentation For the formal and supported current specification please refer only to the web site at www draytek co uk Vigor2762 Series User s Guide iii ...

Страница 4: ...d of two 2 years from the date of purchase from a DrayTek authorized dealer in the UK Ireland Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials we will at our discretion repair or replace the defective products or ...

Страница 5: ... 27 I 6 1 For WAN1 ADSL 28 I 6 2 For WAN2 Ethernet 32 I 6 3 For WAN3 USB 42 I 7 Service Activation Wizard 44 I 8 Registering Vigor Router 46 Part II Connectivity 48 II 1 WAN 49 II 1 1 General Setup 51 II 1 1 1 WAN1 ADSL VDSL 52 II 1 1 2 WAN2 Ethernet 54 II 1 1 3 WAN3 WAN4 USB 55 II 1 2 Internet Access 57 II 1 2 1 Details Page for PPPoE PPPoA in WAN1 Physical Mode ADSL 59 II 1 2 2 Details Page for ...

Страница 6: ...Pv6 on WAN interface 101 II 2 LAN 106 II 2 1 General Setup 108 II 2 1 1 Details Page for LAN1 Ethernet TCP IP and DHCP Setup 110 II 2 1 2 Details Page for LAN1 LAN2 IPv6 Setup 112 II 2 1 3 Details Page for LAN2 115 II 2 2 VLAN 117 II 2 3 Bind IP to MAC 119 II 2 4 LAN Port Mirror 122 II 3 Hardware Acceleration 123 II 3 1 Setup 123 II 4 NAT 126 II 4 1 Port Redirection 127 II 4 2 DMZ Host 131 II 4 3 ...

Страница 7: ...ion List 189 Part IV VPN 192 IV 1 VPN and Remote Access 193 IV 1 1 Remote Access Control 194 IV 1 2 PPP General Setup 194 IV 1 3 IPsec General Setup 196 IV 1 4 IPsec Peer Identity 197 IV 1 5 Remote Dial in User 199 IV 1 6 LAN to LAN 202 IV 1 9 Connection Management 210 Application Notes 211 A 1 How to Build a LAN to LAN VPN Between Vigor Routers via IPsec Main Mode 211 IV 2 SSL VPN 216 IV 2 1 Gene...

Страница 8: ...the Users via Web Content Filter URL Content Filter 282 Part VI Management 287 VI 1 System Maintenance 288 VI 1 1 System Status 289 VI 1 2 TR 069 291 VI 1 3 Admin Setting 293 VI 1 4 User Password 296 VI 1 5 Login Page Greeting 299 VI 1 6 Configuration Backup 301 VI 1 7 SysLog Mail Alert 304 VI 1 8 Time and Date 307 VI 1 9 SNMP 308 VI 1 10 Management 310 VI 1 11 Self Signed Certificate 314 VI 1 12 ...

Страница 9: ...oup 370 VII 1 9 File Extension Object 371 VII 1 10 SMS Mail Service Object 373 VII 1 11 Notification Object 377 VII 1 12 String Object 378 Application Notes 380 A 1 How to Send a Notification to Specified Phone Number via SMS Service in WAN Disconnection 380 VII 2 USB Application 384 VII 2 1 USB General Settings 384 VII 2 2 USB User Management 385 VII 2 3 File Explorer 387 VII 2 4 USB Device Statu...

Страница 10: ...ur Computer Is OK or Not 420 VIII 4 Pinging the Router from Your Computer 423 VIII 5 Checking If the ISP Settings are OK or Not 425 VIII 6 Problems for 3G 4G Network Connection 426 VIII 7 Backing to Factory Default Setting If Necessary 427 VIII 8 Contacting DrayTek 429 VIII 8 1 Getting further help 429 VIII 8 2 Additional Feature Setup 429 VIII 8 3 Keep up to date with our mailing list 429 VIII 8 ...

Страница 11: ...Part I Installation Part I Installation This part will introduce Vigor router and guide to install the device in hardware and software Vigor2762 Series User s Guide 1 ...

Страница 12: ...ory they re determined to fit in which is managed by the GlobalView servers making it far simpler to block unwanted sites e g Gambling and adult categories with less maintenance required as new or changed site categorisations are continuously updated A free 30 day trial is included with your new router Advanced IP based Quality of Service Bandwidth Management and WAN Budget facilities make it poss...

Страница 13: ...r two minutes Off The wireless access point is turned off 5GHz Wireless LAN On Off WPS On Green 5GHz Access Point is turned off Blinking Green Data is being transmitted on the router s 5GHz wireless interface Blinking Orange WPS pairing mode is active for two minutes USB On USB device is connected and ready for use Blinking Data is being transmitted over USB DSL On DSL connection synchronised Blin...

Страница 14: ...tate 2 4G Off and 5G On press and release the button once 2 4G On and 5G Off press and release the button twice 2 4G Off and 5G Off press and release the button three times When WPS is enabled in the router s web interface press this button for more than 2 seconds to enable WPS pairing mode USB1 USB2 Connector for a USB 3G 4G modem storage printer or USB Thermometer GigaLAN1 LAN4 RJ 45 Gigabit Eth...

Страница 15: ...nnect the power adapter to the Vigor 2762 s PWR socket on the rear and plug the power adapter into a suitable mains socket 5 Turn the Vigor 2762 on using its power switch 6 The router will start up After completing the system test the ACT LED will light up and start blinking once per second to indicate that it is ready for use 7 Ethernet based Internet Connections The GigaLAN4 port can be switched...

Страница 16: ... the wall using the appropriate type of wall plug Note The recommended drill diameter shall be 6 5mm 1 4 4 When you finished about procedure the router has been mounted on the wall firmly I 2 3 Installing USB Printer to Vigor Router I 2 3 Installing USB Printer to Vigor Router You can install a printer onto the router for sharing printing All the PCs connected this router can print documents via t...

Страница 17: ...nnected computers or wireless clients 1 Connect the printer with the router through USB parallel port 2 Open All Programs Getting Started Devices and Printers 3 Click Add a printer 4 A dialog will appear Click Add a local printer and click Next Vigor2762 Series User s Guide 7 ...

Страница 18: ...5 In this dialog choose Create a new port In the field of Type of port use the drop down list to select Standard TCP IP Port Then click Next Vigor2762 Series User s Guide 8 ...

Страница 19: ...ing dialog type 192 168 1 1 router s LAN IP in the field of Hostname or IP Address and type 192 168 1 1 as the Port name Then click Next 7 Click Standard and choose Generic Network Card Vigor2762 Series User s Guide 9 ...

Страница 20: ...se right name of the printer that you installed onto the router Such step can make correct driver loaded onto your PC When you finish the selection click Next 9 Type a name for the chosen printer Click Next Vigor2762 Series User s Guide 10 ...

Страница 21: ...10 Choose Do not share this printer and click Next 11 Then in the following dialog click Finish Vigor2762 Series User s Guide 11 ...

Страница 22: ...een added and displayed under Printers and Faxes Click the new printer icon and click Printer server properties 13 Edit the property of the new printer you have added by clicking Configure Port Vigor2762 Series User s Guide 12 ...

Страница 23: ...14 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and LPR name Vigor2762 Series User s Guide 13 ...

Страница 24: ...pported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support FAQ Application Notes find out the link of USB Printer Server and click it Then click the What types of printers are compatible with Vigor router link Note 2 Vigor router supports printing request from computers via LAN ports but not WAN port Vigor2762 Series U...

Страница 25: ...s of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and type http 192 168 1 1 The following window will be open to ask for username and password 3 Please type admin admin as the Username Password and click Login Info If you fail to access to the web configuration please go to Trouble Shooting for...

Страница 26: ...th the type of the router you have 5 The web page can be logged out according to the chosen condition The default setting is Auto Logout which means the web configuration system will logout after 5 minutes without any operation Change the setting for your necessity Vigor2762 Series User s Guide 16 ...

Страница 27: ...ode 3 Go to System Maintenance page and choose Administrator Password 4 Enter the login password the default is admin on the field of Old Password Type New Password and Confirm Password Then click OK to continue Info The maximum length of the password you can set is 23 characters 5 Now the password has been changed Next time use the new password to access the Web user interface for this router Inf...

Страница 28: ...h default selections will be displayed on the screen Refer to the following figure I 5 1 Virtual Panel I 5 1 Virtual Panel On the top of the Dashboard a virtual panel simulating the physical panel of the router displays the physical interface connection It will be refreshed every five seconds When you move and click the mouse cursor on LEDs except ACT USB ports LAN or WAN related web setting page ...

Страница 29: ...o I 1 1 LED Indicators and Connectors I 5 2 Name with a Link I 5 2 Name with a Link A name with a link e g Router Name Current Time WAN1 4 and etc below means you can click it to open the configuration page for modification Vigor2762 Series User s Guide 19 ...

Страница 30: ...System Status Dynamic DDNS TR 069 User Management IM P2P Block Schedule Syslog Mail Alert LDAP RADIUS Firewall Object Setting and Data Flow Monitor are displayed here Move your mouse cursor on any one of the links and click on it The corresponding setting page will be open immediately In addition quick access for VPN security settings such as Remote Dial in User and LAN to LAN are located on the b...

Страница 31: ...ld be transmitted through LAN port s and then the WAN port The purpose is to perform the traffic monitor of the host s I 5 4 GUI Map I 5 4 GUI Map All the functions the router supports are listed with table clearly in this page Users can click the function link to access into the setting page of the function for detailed configuration Click the icon on the top of the main screen to display all the...

Страница 32: ...ges made by using web console have the same effects as modified through web user interface The functions settings modified under Web Console also can be reviewed on the web user interface Click the Web Console icon on the top of the main screen to open the following screen Vigor2762 Series User s Guide 22 ...

Страница 33: ...p icon It allows you to backup current settings as a file Such configuration file can be restored by using System Maintenance Configuration Backup Simply click the icon on the top of the main screen to store the setting I 5 7 Logout I 5 7 Logout Click this icon to exit the web user interface Vigor2762 Series User s Guide 23 ...

Страница 34: ... Physical Connection I 5 8 1 Physical Connection Such page displays the physical connection status such as LAN connection status WAN connection status ADSL information and so on Physical Connection for IPv4 Protocol Vigor2762 Series User s Guide 24 ...

Страница 35: ...ble Yes in red means such interface is available but not enabled Yes in green means such interface is enabled Line Displays the physical connection VDSL ADSL Ethernet or USB of this interface Name Display the name of the router Mode Displays the type of WAN connection e g PPPoE Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface GW IP Displays the IP ...

Страница 36: ...ed Yes in green means such interface is enabled No in red means such interface is not available Mode Displays the type of WAN connection e g TSPC Up Time Displays the total uptime of the interface IP Displays the IP address of the WAN interface Gateway IP Displays the IP address of the default gateway Info The words in green mean that the WAN connection of that interface is ready for accessing Int...

Страница 37: ...ase click Next On the next page as shown below please select the WAN interface WAN 1 to WAN3 that you use If DSL interface is used please choose WAN1 if Ethernet interface is used please choose WAN2 if 3G 4G USB modem is used please choose WAN3 For WAN2 choose Auto negotiation as the physical type for your router WAN1 WAN3 will bring up different configuration page Refer to the following sections ...

Страница 38: ... for such VLAN The range is from 0 to 7 Please select the appropriate Internet access type according to the information from your ISP Click Next PPPoE PPPoA PPPoE PPPoA PPPoE stands for Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single DSL line wirel...

Страница 39: ... provided by ISP Fixed IP Click Yes to enable Fixed IP feature IP Address Type the IP address if Fixed IP is enabled Primary DNS Type in the primary IP address for the router Secondary DNS Type in secondary IP address for necessity in the future Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 2 After...

Страница 40: ...d by the ISP Confirm Password Retype the password Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 3 Please manually enter the Username Password provided by your ISP Then click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system ...

Страница 41: ...ided for ADSL only You have to choose encapsulation and type the values for VPI and VCI Or click Auto detect to find out the best values Fixed IP Click Yes to enable Fixed IP feature IP Address Type the IP address if Fixed IP is enabled Subnet Mask Type the subnet mask Default Gateway Type the IP address as the default gateway Primary DNS Type in the primary IP address for the router Secondary DNS...

Страница 42: ...art Wizard Setup OK will appear Then the system status of this protocol will be shown 4 Now you can enjoy surfing on the Internet I 6 2 For WAN2 Ethernet I 6 2 For WAN2 Ethernet WAN2 is dedicated to physical mode in Ethernet Please select the appropriate Internet access type according to the information from your ISP For example you should select PPPoE mode if the ISP provides you PPPoE interface ...

Страница 43: ...PoE PPPoE stands for Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single DSL line wireless device or cable modem All the users over the Ethernet can share a common connection PPPoE is used for most of DSL modem users All local users can share one PPPoE...

Страница 44: ...d user name provided by the ISP Note The maximum length of the user name you can set is 63 characters Password Assign a valid password provided by the ISP Note The maximum length of the password you can set is 62 characters Confirm Password Retype the password Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start...

Страница 45: ...by your ISP Click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 Now you can enjoy surfing on the Internet Vigor2762 Series User s Guide 35 ...

Страница 46: ...hen click Next to continue Available settings are explained as follows Item Description Username Assign a specific valid user name provided by the ISP The maximum length of the user name you can set is 63 characters Password Assign a valid password provided by the ISP The maximum length of the password you can set is 62 characters Confirm Password Retype the password Vigor2762 Series User s Guide ...

Страница 47: ... IP address for necessity in the future PPTP Server L2TP Server Type the IP address of the server Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the quick start wizard 3 Please type in the IP address mask gateway information originally provided by your ISP Then click Next for viewing summary of such connection 4 Click Fin...

Страница 48: ...Simply click Next to continue Available settings are explained as follows Item Description WAN IP Type the IP address Subnet Mask Type the subnet mask Gateway Type the IP address of gateway Primary DNS Type in the primary IP address for the router Secondary DNS Type in secondary IP address for necessity in the future Back Click it to return to previous setting page Vigor2762 Series User s Guide 38...

Страница 49: ... Please type in the IP address information originally provided by your ISP Then click Next for next step 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 Now you can enjoy surfing on the Internet Vigor2762 Series User s Guide 39 ...

Страница 50: ...follows Item Description Host Name Type the name of the host Note The maximum length of the host name you can set is 39 characters MAC Some Cable service providers specify a specific MAC address for access authentication In such cases you need to enter the MAC address Back Click it to return to previous setting page Next Click it to get into the next setting page Cancel Click it to give up the qui...

Страница 51: ...k Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 Now you can enjoy surfing on the Internet Vigor2762 Series User s Guide 41 ...

Страница 52: ...selections as the protocol of accessing the internet 3G 4G USB Modem PPP mode SIM Pin code Type PIN code of the SIM card that will be used to access Internet The maximum length of the pin code you can set is 15 characters Modem Initial String Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP The maximum length of the string ...

Страница 53: ...Type the name and click Apply 3 Then click Next for viewing summary of such connection 4 Click Finish A page of Quick Start Wizard Setup OK will appear Then the system status of this protocol will be shown 5 Now you can enjoy surfing on the Internet Vigor2762 Series User s Guide 43 ...

Страница 54: ...tion Web Content Filter Profile for detailed information Now follow the steps listed below to activate WCF feature for your router Info Such function is available only for Admin Mode 1 Open Wizards Service Activation Wizard 2 In the following page you can activate the Web content filter services and APP Enforcement service at the same time or individually When you finish the selection check the bo...

Страница 55: ... the default rule configured in Firewall General Setup 4 Now the web page will display the service that you have activated according to your selection s The valid time for the free trial of these services is one month Vigor2762 Series User s Guide 45 ...

Страница 56: ...bsite for getting more service Please follow the steps below to finish the router registration 1 Please login the web configuration interface of Vigor router by typing admin admin as User Name Password 2 Click Support Area Production Registration from the home page 3 A Login page will be shown on the screen Please type the account and password that you created previously And click Login Vigor2762 ...

Страница 57: ...ter you logging in MyVigor When the following page appears please type in Nickname for the router and choose the right registration date from the popup calendar it appears when you click on the box of Registration Date Click Add 5 When the following page appears your router information has been added to the database 6 After clicking OK you will see the following page Your router has been registere...

Страница 58: ...ted and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP When the data flow passing through the Network Address Translation NAT function of the router will dedicate to translate public private addresses and the packets will be delivered to the correct host PC in the local area network DNS LAN DNS UPnP IGMP WOL Vigor2762 Series User...

Страница 59: ...be delivered to the correct host PC in the local area network Thus all the host PCs can share a common Internet connection Get Your Public IP Address from ISP Get Your Public IP Address from ISP In ADSL deployment the PPP Point to Point style authentication and authorization is required for bridging customer premises equipment CPE Point to Point Protocol over Ethernet PPPoE connects a network of h...

Страница 60: ...ce can be done in the router Besides 3G 4G USB Modem in WAN3 WAN4 also can be used as backup device Therefore when WAN1 and WAN2 are not available the router will use 3 5G for supporting automatically The supported 3G 4G USB Modem will be listed on DrayTek web site Please visit www draytek com for more detailed information Vigor2762 Series User s Guide 50 ...

Страница 61: ... general setup for WAN1 WAN2 WAN3 and WAN4 respectively In default WAN2 is disabled If you want to enable it simply click the WAN2 link and select Yes in the field of Enable Available settings are explained as follows Item Description Index Click the WAN interface link under Index to access into the WAN configuration page Enable V means such WAN interface is enabled and ready to be used Physical M...

Страница 62: ...l detect the physical line is connected by ADSL automatically Therefore this page allows you to configure settings for ADSL at one time That is it is not necessary for you to configure different profile settings for ADSL respectively Vigor2762 Series User s Guide 52 ...

Страница 63: ...n simply choose Default or contact the dealer for assistance VLAN Tag insertion ADSL VDSL Such feature is offered to the user with the environment supporting IEEE_802 1ad In which service is used for outer tag customer is used for inner tag Enable Enable the function of VLAN with tag The router will add specific VLAN number to all packets on the WAN while sending them out Please type the tag value...

Страница 64: ...ystem Line Speed If you choose According to Line Speed as the Load Balance Mode please type the line speed for downloading and uploading for such WAN interface The unit is kbps VLAN Tag insertion Enable Enable the function of VLAN with tag The router will add specific VLAN number to all packets on the WAN while sending them out Please type the tag value and specify the priority for the packets sen...

Страница 65: ...ough 3G 4G USB Modem please configure WAN3 or WAN4 interface Available settings are explained as follows Item Description Enable Choose Yes to invoke the settings for this WAN interface Choose No to disable the settings for this WAN interface Display Name Type the description for such WAN interface Physical Mode Display the physical mode of such WAN interface Line Speed If you choose According to ...

Страница 66: ...etwork connection Traffic Threshold When the data traffic of active WAN reaches the traffic threshold specified here the failover WAN will be enabled automatically to share the overloaded data traffic After finished the above settings click OK to save the settings Vigor2762 Series User s Guide 56 ...

Страница 67: ...owing figures And And Available settings are explained as follows Item Description Index Display the WAN interface Display Name It shows the name of the WAN1 WAN2 WAN3 that entered in general setup Physical Mode It shows the physical connection for WAN1 2 Ethernet WAN3 3G 4G USB Modem according to the real network connection Access Mode Use the drop down list to choose a proper access mode The det...

Страница 68: ...nd data information when such function is enabled and configured Enable Check the box to enable the function of DHCP Option Each DHCP option is composed by an option number with data For example Option number 100 Data abcd When such function is enabled the specified values for DHCP option will be seen in DHCP reply packets Interface Specify the WAN interface s that will be overwritten by such func...

Страница 69: ...specified for ADSL only Multi PVC channel The selections displayed here are determined by the page of WAN Multi PVC VLAN Select M PVCs Channel means no selection will be chosen VPI Type in the value provided by ISP VCI Type in the value provided by ISP Encapsulating Type Drop down the list to choose the type provided by ISP Protocol Drop down the list to choose the one PPPoE or PPPoA provided by I...

Страница 70: ... allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect for the system to execute for WAN detection If you choose Ping Detect as the detection mode you have to type required settings for the following items Primary Secondary Ping IP If you choose Ping Detect as detection mode you have to type Primary or Secondary IP a...

Страница 71: ... configure another account and password for ADSL connection by checking this box If it is checked the system will ask you to type another group of account and password additionally PPP Authentication Select PAP only or PAP or CHAP for PPP IP Address From ISP Usually ISP dynamically assigns IP address to you each time you connect to it and request In some case your ISP provides service to always as...

Страница 72: ...able settings are explained as follows Item Description Enable Disable Click Enable for activating this function If you click Disable this function will be closed and all the settings that you adjusted in this page will be invalid Modem Settings Set up the DSL parameters required by your ISP These settings configured here are specified for ADSL only Multi PVC channel The selections displayed here ...

Страница 73: ...he PING operation before WAN disconnection is judged MTU It means Max Transmit Unit for packet Path MTU Discovery It is used to detect the maximum MTU size of a packet not to be segmented in specific transmit path Click Detect to open the following dialog Path MTU to Type the IP address as the specific transmit path MTU reduce size by It determines the decreasing size of MTU value For example the ...

Страница 74: ...The maximum length of the password you can set is 62 characters Specify an IP address Click this radio button to specify some data IP Address Type in the private IP address Subnet Mask Type in the subnet mask Gateway IP Address Type in gateway IP address Default MAC Address Type in MAC address for the router You can use Default MAC Address or specify another MAC address for your necessity Specify ...

Страница 75: ...ll be invalid ISP Access Setup Enter your allocated username password and authentication parameters according to the information provided by your ISP Service Name Optional Enter the description of the specific network service Username Type in the username provided by ISP in this field The maximum length of the user name you can set is 63 characters Password Type in the password provided by ISP in ...

Страница 76: ...ber of times that the system is allowed to execute the PING operation before WAN disconnection is judged MTU It means Max Transmit Unit for packet Path MTU Discovery It is used to detect the maximum MTU size of a packet not to be segmented in specific transmit path Click Detect to open the following dialog Path MTU to Type the IP address as the specific transmit path MTU reduce size by It determin...

Страница 77: ... box of Fixed IP Address Default MAC Address You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC Address for the router Specify a MAC Address Type the MAC address for the router manually After finishing all the settings here please click OK to activate them II 1 2 4 Details Page for Static or Dynamic IP in Ethernet WAN II 1 2 4 Details Page for Static or Dy...

Страница 78: ...NG it for keeping alive PING Interval Enter the interval for the system to execute the PING operation WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect Mode Choose ARP Detect or Ping Detect or Always On for the system to execute for WAN detection If you choose Ping Detect as the detection mode you have to type r...

Страница 79: ... detect a suitable MTU value Accept After clicking it the detected value will be displayed in the field of MTU RIP Protocol Routing Information Protocol is abbreviated as RIP RFC1058 specifying how routers exchange routing tables information Click Enable RIP for activating this function TTL Change the TTL value Enable or disable the TTL Time to Live for a packet transmitted through Vigor router En...

Страница 80: ...IP Address Type the IP address Subnet Mask Type the subnet mask Gateway IP Address Type the gateway IP address Default MAC Address Click this radio button to use default MAC address for the router Specify a MAC Address Some Cable service providers specify a specific MAC address for access authentication In such cases you need to click the Specify a MAC Address and enter the MAC address in the MAC ...

Страница 81: ...ss Specify the IP address of the PPTP L2TP server if you enable PPTP L2TP client mode Specify Gateway IP Address Specify the gateway IP address for DHCP server ISP Access Setup Username Type in the username provided by ISP in this field The maximum length of the user name you can set is 63 characters Password Type in the password provided by ISP in this field The maximum length of the password you...

Страница 82: ...and request In some case your ISP provides service to always assign you the same IP address whenever you request In this case you can fill in this IP address in the Fixed IP field Please contact your ISP before you want to use this function Click Yes to use this function and type in a fixed IP address in the box Fixed IP Address Type a fixed IP address WAN IP Network Settings Obtain an IP address ...

Страница 83: ...sable this function will be closed and all the settings that you adjusted in this page will be invalid SIM PIN code Type PIN code of the SIM card that will be used to access Internet The maximum length of the PIN code you can set is 15 characters Modem Initial String Such value is used to initialize USB modem Please use the default value If you have any question please contact to Vigor2762 Series ...

Страница 84: ... set is 62 characters PPP Authentication Select PAP only or PAP or CHAP for PPP Index 1 15 in Schedule Setup You can type in four sets of time schedule for your request All the schedules can be set previously in Application Schedule web page and you can use the number that you have set in that web page WAN Connection Detection Such function allows you to verify whether network connection is alive ...

Страница 85: ...lows Item Description Modem Support List It lists all of the modems supported by such router 3G 4G USB Modem DHCP mode Click Enable for activating this function If you click Disable this function will be closed and all the settings that you adjusted in this page will be invalid SIM PIN code Type PIN code of the SIM card that will be used to access Internet The maximum length of the PIN code you ca...

Страница 86: ...P address for pinging With the IP address es pinging Vigor router can check if the WAN connection is on or off TTL Time to Live Set TTL value of PING operation Ping Interval Type the interval for the system to execute the PING operation Ping Retry Type the number of times that the system is allowed to execute the PING operation before WAN disconnection is judged MTU It means Max Transmit Unit for ...

Страница 87: ...or router through IPv6CP Later use DHCPv6 or accept RA to acquire the IPv6 prefix address such as 2001 B010 7300 200 64 offered by the ISP In addition PCs under LAN also can have the public IPv6 address for Internet access by means of the generated prefix No need to type any other information for PPP mode Available settings are explained as follows Item Description WAN Connection Detection Such fu...

Страница 88: ...setup protocol client TSPC is an application which could help you to connect to IPv6 network easily Please make sure your IPv4 WAN connection is OK and apply one free account from hexago http gogonet gogo6 com page freenet6 account before you try to use TSPC for network connection TSPC would connect to tunnel broker and requests a tunnel according to the specifications inside the configuration fil...

Страница 89: ...unnel broker IP FQDN or an optional port number WAN Connection Detection Such function allows you to verify whether network connection is alive or not through Ping Detect Mode Choose Always On or Ping Detect for the system to execute for WAN detection Always On means no detection will be executed The network connection will be on always Ping IP Hostname If you choose Ping Detect as detection mode ...

Страница 90: ...password assigned with the user name The maximum length of the password you can set is 19 characters Tunnel Broker It means a server of AICCU The server can provide IPv6 tunnels to sites or end users over IPv4 Type the address for the tunnel broker IP FQDN or an optional port number Tunnel ID One user account may have several tunnels And each tunnel shall have one specified tunnel ID e g T115394 T...

Страница 91: ...to execute for WAN detection Ping IP Hostname If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live If you choose Ping Detect as detection mode you have to type TTL value After finished the above settings click OK to save the settings Vigor2762 Series User s Guide 81 ...

Страница 92: ... Detect mode the system will check if network connection is established or not like IPv4 ARP Detect Always On means no detection will be executed The network connection will be on always Ping IP Hostname If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live If you choose Ping Detect as detection mode you have to type TTL value RIPng Prot...

Страница 93: ... activated Bridge Subnet Make a bridge between the selected LAN subnet and such WAN interface After finished the above settings click OK to save the settings II 1 2 13 Details Page for IPv6 II 1 2 13 Details Page for IPv6 Static Static IPv6 in in WAN1 WAN2 IPv6 in in WAN1 WAN2 This type allows you to setup static IPv6 address for WAN interface Vigor2762 Series User s Guide 83 ...

Страница 94: ...on will be executed The network connection will be on always Ping IP Hostname If you choose Ping Detect as detection mode you have to type IP address in this field for pinging TTL Time to Live If you choose Ping Detect as detection mode you have to type TTL value RIPng Protocol RIPng RIP next generation offers the same functions and benefits as IPv4 RIP v2 Bridge Mode Enable Bridge Mode If the fun...

Страница 95: ... server 6in4 IPv6 Address Type the static IPv6 address for IPv4 tunnel with the value for prefix length LAN Routed Prefix Type the static IPv6 address for LAN routing with the value for prefix length Tunnel TTL Type the number for the data lifetime in tunnel WAN Connection Detection Such function allows you to verify whether network connection is alive or not through Ping Detect Mode Choose Always...

Страница 96: ...ection mode you have to type TTL value After finished the above settings click OK to save the settings Below shows an example for successful IPv6 connection based on 6in4 Static Tunnel mode Vigor2762 Series User s Guide 86 ...

Страница 97: ... order bits that are identical across all CE IPv4 addresses within a given 6rd domain It may be any value between 0 and 32 6rd Prefix Type the 6rd IPv6 address 6rd Prefix Length Type the IPv6 prefix length for the 6rd IPv6 prefix in number of bits WAN Connection Detection Such function allows you to verify whether network connection is alive or not through Ping Detect Mode Choose Always On or Ping...

Страница 98: ... you choose Ping Detect as detection mode you have to type TTL value After finished the above settings click OK to save the settings Below shows an example for successful IPv6 connection based on 6rd mode Vigor2762 Series User s Guide 88 ...

Страница 99: ...nd can not be configured here Channels 4 10 are configurable Enable Display whether the settings in this channel are enabled Yes or not No WAN Type Displays the physical medium that the channel will use VPI VCI Display the value for VPI and VCI VLAN Tag Displays the VLAN tag value that will be used for the packets traveling on this channel Port based Bridge The network traffic flowing on each chan...

Страница 100: ...r ISP Protocol Select a proper protocol for this channel Encapsulation Choose a proper type for this channel The types will be different according to the protocol setting that you choose Add VLAN Header Check the box to enable the following two options VLAN Tag Type the value as the VLAN ID number Valid settings are in the range from 1 to 4095 The network traffic flowing on each channel will be id...

Страница 101: ...5 6 or 7 to configure your router Available settings are explained as follows Item Description Multi VLAN Channel 4 5 6 Enable Click it to enable the configuration of this channel Disable Click it to disable the configuration of this channel WAN Type The connections and interfaces created in every channel may select a specific WAN type to be built upon In the Multi PVC application only the Etherne...

Страница 102: ... selected using the VLAN tag configured Physical Members Group the physical ports by checking the corresponding check box es for applying the port based bridge connection Open WAN Interface for this Channel Check the box to enable relating function WAN Application Management It can be specified for general management Web configuration telnet TR069 If you choose Management the configuration for thi...

Страница 103: ...or PPP Always On Check it to keep the network connection always Idle Timeout Set the timeout for breaking down the Internet after passing through the time without any action Fixed IP Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address If MPoA is selected you have to configure the settings listed under MPoA Obtain an IP address automatically Click this butto...

Страница 104: ...o use the same ADSL connection settings of another PVC channel Please choose the PVC channel via the drop down list After finished the above settings click OK to save the settings II 1 4 WAN Budget II 1 4 WAN Budget This function is used to determine the data traffic volume for each WAN interface respectively to prevent from overcharges for data transmission by the ISP Please note that the Quota L...

Страница 105: ...eded the budget limit Shutdown WAN interface All the outgoing traffic through such WAN interface will be terminated Using Notification Object The system will send out a notification based on the content of the notification object Set Mail Alert The system will send out a warning message to the administrator when the quota is running out However the connection charges will be calculated continuousl...

Страница 106: ...ion is between 1 day and 60 days You can determine the cycle duration by specifying the days and the hours In addition you can specify which day of today is in a cycle Cycle duration Specify the days to reset the traffic record For example 7 means the whole cycle is 7 days 20 means the whole cycle is 20 days When the time is up the router will reset the traffic record automatically Today is day Sp...

Страница 107: ...ed on the page if Shutdown WAN interface is selected Which means no data transmission will be carried out Moreover the system will send out a warning message to the administrator if Send Mail Alert to Administrator is selected Or the system will send out SMS message to the administrator if Send SMS messages to Administrator is selected Vigor2762 Series User s Guide 97 ...

Страница 108: ...is document introduces how to set up Vigor Router for the LAN clients to obtain an IPv6 address from it 1 Make sure there is a WAN interface that has IPv6 access available See How to configure IPv6 on WAN interface 2 Go to LAN General Setup and click on IPv6 for the LAN subnet to enter IPv6 setting page Vigor2762 Series User s Guide 98 ...

Страница 109: ...3 In IPv6 Setup page set WAN Primary Interface to the WAN interface that has IPv6 service available enable DHCPv6 Server and click OK to apply Vigor2762 Series User s Guide 99 ...

Страница 110: ... will be able to obtain an IPv6 address and an IPv6 Gateway from Vigor Router For Windows PC we may check this by command ipconfig PC will be able to ping and get response from an IPv6 host e g ipv6 google com Vigor2762 Series User s Guide 100 ...

Страница 111: ... 1 Before configuring IPv6 on WAN please make sure the router is connected to the IPv4 Internet 2 Go to WAN Internet Access click on IPv6 of the WAN interface that you would like to configure an IPv6 address 3 Select a Connection Type from the drop down list enter the required parameters Then click OK and reboot the router to apply the settings Vigor2762 Series User s Guide 101 ...

Страница 112: ... Online Status Physical Connection page 5 Furthermore Network Administrator may test the connectivity of IPv6 from the router by going to Diagnostics Ping Diagnosis and selecting IPv6 Below we will provide some examples of configuring IPv6 with different connection types Vigor2762 Series User s Guide 102 ...

Страница 113: ...Setup Protocol Client In this mode the IPv6 connectivity is provided by a tunnel broker on the IPv4 Internet through a tunnel set up by Tunnel Setup Protocol TSP To use TSPC you ll need to sign up for a tunnel broker service and get a username and password first then configure the router as follows 1 Set Connection Type to TSPC 2 Enter the Username and Password registered at the TSP server 3 Enter...

Страница 114: ...ddress for WAN by doing the following steps 1 Set Connection Type to Static IPv6 2 Enter the IPv6 address and Prefix Length which provided by the ISP and click Add 3 You should see the IPv6 address in Current IPv6 Address Table Then specify the IP address of IPv6 Gateway Vigor2762 Series User s Guide 104 ...

Страница 115: ...u need sign up for a tunnel broker service and get an IPv6 address and routed IPv6 prefixes first Then configure the router as follows 1 Set Connection Type to 6in4 Static Tunnel 2 Enter the tunnel server s IPv4 address in Remote Endpoint IPv4 Address 3 Enter the router s IPv6 address in 6in4 IPv6 Address 4 Enter the routed IPv6 prefix in LAN Routed Prefix Vigor2762 Series User s Guide 105 ...

Страница 116: ...ic hosts on the Internet by using public IP address and talking to local hosts by using its private IP address What NAT does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly u...

Страница 117: ...ge the information of the router such as IP address and the routers will automatically inform for each other What are Virtual LANs and Rate Control What are Virtual LANs and Rate Control You can group local hosts by physical ports and create up to 8 virtual LANs To manage the communication between different groups please set up rules in Virtual LAN VLAN function and the rate of each Vigor2762 Seri...

Страница 118: ...ription General Setup Allow to configure settings for each subnet respectively Index Display all of the LAN items Status Basically LAN1 status is enabled in default LAN2 LAN6 and IP Routed Subnet can be observed by checking the box of Status DHCP LAN1 is configured with DHCP in default If required please check the DHCP box for each LAN IP Address Display the IP address for each LAN item Such infor...

Страница 119: ...condary server specified in such field Option Number Type a number for such function DataType Choose the type ASCII or Hex or address list for the data to be stored Data Type the content of the data to be processed by the function of DHCP option Force router to use DNS server IP address Force Vigor router to use DNS servers configured in LAN1 LAN2 instead of DNS servers given by the Internet Acces...

Страница 120: ...ble activate the RIP protocol DHCP Server Configuration DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatches related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your network If ...

Страница 121: ...all the IPs will be used out and then no one will be able to get any IPs from this server anymore Therefore this feature is used to get the IP back from inactive clients i e doesn t use the IP but the server still reserves the IP for him DNS Server IP Address DNS stands for Domain Name System Every Internet host must have a unique IP address also they may have a human friendly easy to remember nam...

Страница 122: ...LAN1 LAN2 IPv6 Setup IPv6 Setup There are two configuration pages for each LAN port Ethernet TCP IP and DHCP Setup based on IPv4 and IPv6 Setup Click the tab for each type and refer to the following explanations for detailed information Below shows the settings page for IPv6 It provides 2 daemons for LAN side IPv6 address configuration One is SLAAC stateless and the other is DHCPv6 Server Stateful...

Страница 123: ...Pv6 address for Primary DNS server Secondary DNS Server Type another IPv6 address for DNS server if required Management Host under LAN can be assigned IP address from Vigor router via the following method SLAAC stateless The IP address with Prefix of the host shall be formed according to RA transmitted by Vigor router DHCPv6 stateful The IP address of the host shall be assigned after communicating...

Страница 124: ...ation Disable Click it to disable router advertisement server Hop Limt The value is required for the device behind the router when IPv6 is in use Min Max Interval Time sec It defines the interval between minimum time and maximum time for sending RA Router Advertisement packets Default Lifetime sec Within such period of time Vigor2762 can be treated as the default gateway Default Preference It dete...

Страница 125: ...Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatch related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your network Enable Server Let the router assign IP address to every host in the LAN Disable Server Let...

Страница 126: ...igned by DHCP server can be used Clear DHCP lease for inactive clients periodically Whenever a DHCP client requests an IP address from the LAN DHCP server the server will give out an IP to this client for a certain amount of time e g 1 day However even if this client only uses the IP for say 5 minutes the server still reserves 1 day for that client Because a DHCP server only has a limited number o...

Страница 127: ...assign each of VLANs to each of the different IP subnets that the router may also be operating to provide even more isolation The said functionality is tag based multi subnet Port Based VLAN Port Based VLAN Relative to tag based VLAN which groups clients with an identifier port based VLAN uses physical ports P1 P4 to separate the clients into different VLAN group Virtual LAN function provides you ...

Страница 128: ...from 0 to 7 Permit untagged device in P1 to access router It can help users to communicate with the router still even though configuring wrong VLAN tag setting It is recommended to enable the management port LAN 1 to ensure the data transmission is unimpeded Info Leave one VLAN untagged at least to prevent from not connecting to Vigor router due to unexpected error Vigor2762 Series features a huge...

Страница 129: ...pancy applications Info As for the VLAN applications refer to Appendix I VLAN Application on Vigor Router for more detailed information II 2 3 Bind IP to MAC II 2 3 Bind IP to MAC This function is used to bind the IP and MAC address in LAN to have a strengthening control in network When this function is enabled all the assigned IP and MAC address binding together cannot be changed If you modified ...

Страница 130: ...t also can connect to Internet Disable Click this radio button to disable this function All the settings on this page will be invalid Strict Bind Click this radio button to block the connection of the IP MAC which is not listed in IP Bind List Apply Strict Bind to Subnet Choose the subnet s for applying the rules of Bind IP to MAC Vigor2762 Series User s Guide 120 ...

Страница 131: ... you to add the one you choose from the ARP table or the IP MAC address typed in Add and Edit to the table of IP Bind List Update It allows you to edit and modify the selected IP address and MAC address that you create before Delete You can remove any item listed in IP Bind List Simply click and select the one and click Delete The selected item will be removed from the IP Bind List IP Bind List It...

Страница 132: ...ay be able to view traffic on one or more ports within a VLAN at the same time Third it can transfer all data traffics to be mirrored to one analyzer connecting to the mirroring port Last it is more convenient and easy to configure in user s interface Available settings are explained as follows Item Description Port Mirror Check Enable to activate this function Or check Disable to close this funct...

Страница 133: ...this page to accelerate the data streaming by hardware itself Open Hardware Acceleration to access into the following page Available settings are explained as follows Item Description Mode Disable The default setting Auto When the hardware acceleration is configured with the Auto mode the sessions with the heaviest loading and the lower latency traffic will be added into PPA However the Auto mode ...

Страница 134: ... Therefore the performance will be lower than only one host Choose this option to specify certain PCs on LAN to apply the hardware acceleration Enable Check the box to make PC s specified in the selected index entry to be applied Dest Port Start Type the starting port for the PC s in LAN Dest Port End Type the ending port for the PC s in LAN Private IP Choose PC Type the IP address as the selected...

Страница 135: ...Vigor2762 Series User s Guide 125 ...

Страница 136: ...o the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated into one public IP address thus you can have only one IP address on behalf of the entire internal hosts Enhance ...

Страница 137: ...ce the server is actually located inside the LAN the network well protected by NAT of the router and identified by its private IP address port the goal of Port Redirection function is to forward all access request with public IP address from external users to the mapping private IP address port of the server The port redirection can only apply to incoming traffic To use this function please go to ...

Страница 138: ...rotocol Display the transport layer protocol TCP or UDP Public Port Display the port number which will be redirected to the specified Private IP and Port of the internal host Private IP Display the IP address of the internal host providing the service Status Display if the profile is enabled v or not x Press any number under Index to access into next page for configuring port redirection Vigor2762...

Страница 139: ... range of IP address and port Public Port Specify which port can be redirected to the specified Private IP and Port of the internal host If you choose Range as the port redirection mode you will see two boxes on this field Type the required number on the first box as the starting port and the second box as the ending port Source IP Use the drop down list to specify an IP object Or click IP Object ...

Страница 140: ...rface in the router is with default port 80 which may conflict with the web server in the local network http 192 168 1 13 80 Therefore you need to change the router s http port to any one other than the default port 80 to avoid conflict such as 8080 This can be set in the System Maintenance Management Setup You then will access the admin screen of by suffixing the IP address with 8080 e g http 192...

Страница 141: ...ing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc The security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional filter rule...

Страница 142: ...ed below The window consists of a list of private IP addresses of all hosts in your LAN network Select one private IP address in the list to be the DMZ host When you have selected one private IP from the above dialog the IP address will be shown on the screen Click OK to save the setting DMZ Host for WAN2 or WAN3 is slightly different with WAN1 Active True IP selection is available for WAN1 only S...

Страница 143: ...e number for the particular entry that you want to offer service in a local host You should click the appropriate index number to edit or clear the corresponding entry Comment Specify the name for the defined network service WAN Interface Display the WAN interface used by such index Local IP Address Display the private IP address of the local host offering the service Status Display the state for ...

Страница 144: ...IP Enter the private IP address of the local host or click Choose PC to select one Choose IP Click this button and subsequently a window having a list of private IP addresses of local hosts will automatically pop up Select the appropriate IP address of the local host in the list Protocol Specify the transport layer protocol It could be TCP UDP or none for selection Start Port Specify the starting ...

Страница 145: ...s taken effect open port keeps the ports opened forever Once the OK button is clicked and the configuration has taken effect port triggering will only attempt to open the ports once the triggering conditions are met The duration that these ports are opened depends on the type of protocol used The default durations are shown below and these duration values can be modified via telnet commands TCP 86...

Страница 146: ... the IP object Triggering Port Display the port of the triggering packets Incoming Protocol Display the protocol for the incoming data of such triggering profile Incoming Port Display the port for the incoming data of such triggering profile Status Display if the rule is active or de active Click the index number link to open the configuration page Available settings are explained as follows Vigor...

Страница 147: ...ted protocol Select the protocol TCP UDP or TCP UDP for the incoming data of such triggering profile Incoming Port Type the port or port range for the incoming packets After finishing all the settings here please click OK to save the configuration II 4 5 ALG II 4 5 ALG ALG means Application Layer Gateway There are two methods provided by Vigor router RTSP Real Time Streaming Protocol ALG and SIP S...

Страница 148: ...unction Listen Port Type a port number for SIP or RTSP protocol TCP Check the box to make correspond protocol message packet from TCP transmit and receive via NAT UDP Check the box to make correspond protocol message packet from UDP transmit and receive via NAT Vigor2762 Series User s Guide 138 ...

Страница 149: ... Web server inside LAN you can specify specific private IP address es to correspondent servers Thus even the remote PC is adopting public DNS as the DNS server the LAN DNS resolution on Vigor2762 Series will respond the specified private IP address Schedule Schedule The Vigor router has a built in clock which can update itself manually or automatically by means of Network Time Protocols NTP As a r...

Страница 150: ...s View Log Display DDNS log status Force Update Force the router updates its information to DDNS server Auto Update interval Set the time for the router to perform auto update for DDNS service Index Click the number below Index to access into the setting page of DDNS setup to set account s Domain Name Display the domain name that you set on the setting page of DDNS setup Active Display if this acc...

Страница 151: ...t you applied previously Use the drop down list to choose the desired domain Login Name Type in the login name that you set for applying domain Password Type in the password that you set for applying domain Wildcard and Backup MX The Wildcard and Backup MX Mail Exchange features are not supported for all Dynamic DNS providers You could get more detailed information from their websites Mail Extende...

Страница 152: ...ed Disable the Function and Clear all Dynamic DNS Accounts Disable the Function and Clear all Dynamic DNS Accounts Uncheck Enable Dynamic DNS Setup and click Clear All button to disable the function and clear all accounts from the router Delete a Dynamic DNS Account Delete a Dynamic DNS Account Click the Index number you want to delete and then click Clear All button to delete the account Vigor276...

Страница 153: ...ress es to correspondent servers Thus even the remote PC is adopting public DNS as the DNS server the LAN DNS resolution on Vigor2762 Series will respond the specified private IP address Simply click Application LAN DNS DNS Forwarding to open the following page Each item is explained as follows Item Description Set to Factory Default Clear all profiles and recover to factory settings Enable Check ...

Страница 154: ...e settings are explained as follows Item Description Enable Check this box to enable such profile Profile Type a name for such profile Note If you type a name here for LAN DNS and click OK to save the configuration the name also will be applied to conditional DNS forwarding automatically Domain Name Type the domain name for such profile CNAME Alias Domain Name CNAME is abbreviation of Canonical na...

Страница 155: ...o save the settings 4 If you need to configure LAN DNS settings click index 1 to edit the LAN DNS profile just created Or you can click index 2 to use this profile as conditional DNS forwarding Available settings are explained as follows Item Description Enable Check this box to enable such profile Profile Type a name for such profile Note If you type a name here for conditional DNS forwarding and...

Страница 156: ...s Item Description Enable Check the box to enable the DNS security management Interface There are four WAN interfaces allowed to be set with DNS security enabled Primary DNS Display the IP address of primary DNS obtained from DHCP server or specified by Static WAN Secondary DNS Display the IP address of secondary DNS obtained from DHCP server or specified by Static WAN Bogus DNS Reply Sometime Vig...

Страница 157: ...an update itself manually or automatically by means of Network Time Protocols NTP As a result you can not only schedule the router to dialup to the Internet at a specified time but also restrict Internet access to certain hours so that users can connect to the Internet only during certain hours say business hours The schedule is also applicable to other functions You have to set your time before s...

Страница 158: ...the index number link to access into the setting page of schedule Comment Display the name of the time schedule Time Display the valid time period by time bar Days in a week Display which day s will be always on and which day s will be always off of the schedule profile by color boxes If it lights in green it means such schedule is active You can set up to 15 schedules Then you can apply them to y...

Страница 159: ...rce the connection to be always on Force Down Force the connection to be always down How Often Specify how often the schedule will be applied Once The schedule will be applied just once Weekdays Specify which days in one week should perform the schedule Monthly on date The router will only execute the action applied such schedule on the date 1 to 28 of a month Cycle duration Type a number as cycle...

Страница 160: ...0 pm 1 Make sure the PPPoE connection and Time Setup is working properly 2 Configure the PPPoE always on from 9 00 to 18 00 for whole week 3 Configure the Force Down from 18 00 to next day 9 00 for whole week 4 Assign these two profiles to the PPPoE Internet access profile Now the PPPoE Internet connection will follow the schedule order to perform Force On or Force Down action according to the tim...

Страница 161: ...s Service Default WAN It is used to specify the WAN interface for applying such function The reminder as regards concern about Firewall and UPnP Can t work with Firewall Software Enabling firewall applications on your PC may cause the UPnP function not working properly This is because these applications will block the accessing ability of some network ports Security Considerations Activating the U...

Страница 162: ...val Vigor router will periodically check which IP obtaining IPTV service by sending query It might cause inconvenience for client Therefore set a suitable time unit second as the query interval to limit the frequency of query sent by Vigor router Add PPP header Check this box if the interface type for IGMP is PPPoE It depends on the specifications regulated by each ISP If you have no idea to enabl...

Страница 163: ...s are explained as follows Item Description Refresh Click this link to renew the working multicast group status Group ID This field displays the ID port for the multicast group The available range for IGMP starts from 224 0 0 0 to 239 255 255 254 P1 to P4 It indicates the LAN port used for the multicast group Vigor2762 Series User s Guide 153 ...

Страница 164: ... the BIOS setting Available settings are explained as follows Item Description Wake by If you choose to be woken by MAC Address you have to type the correct MAC address of the host in MAC Address boxes IP Address The IP addresses that have been configured in Firewall Bind IP to MAC will be shown in this drop down list Choose the IP address from the drop down list that you want to wake up MAC Addre...

Страница 165: ...content is and when the SMS will be sent Available settings are explained as follows Item Description Index Check the box to enable such profile SMS Provider Use the drop down list to choose SMS service provider You can click SMS Provider link to define the SMS server Recipient Type the phone number of the one who will receive the SMS Notify Profile Use the drop down list to choose a message profi...

Страница 166: ...ettings SMS Mail Service Option If there is no object listed click Mail Service link to define a new one with specified service provider Recipient Type the e mail address of the one who will receive the notification message Notify Profile Use the drop down list to choose a message profile The recipient will get the content stated in the message profile You can click the Notify Profile link to defi...

Страница 167: ...s computer have the plug in bonjour driver install they can utilize the service offered by the router by clicking the router name icon In short what the Clients users need to know is the name of the router only To enable the Bonjour service click Application Bonjour to open the following page Check the box es of the server service s that you want to share to the LAN clients Below shows an example ...

Страница 168: ... name as the Router Name and click OK 4 Next open Applications Bonjour Check the service that you want to use via Bonjour 5 Open the DNSSD page again The available items will be changed as the follows It means the Vigor router based on Bonjour protocol is ready to be used as a printer server FTP server SSH Server Telnet Server and HTTP Server Vigor2762 Series User s Guide 158 ...

Страница 169: ...6 Now any page or document can be printed out through Vigor router installed with a printer Vigor2762 Series User s Guide 159 ...

Страница 170: ...P to the DDNS server We will take Changeip org and 3322 net as example Before setting please make sure that the WAN connection is up Part A Changeip org Part A Changeip org Note that Username jo Password jo Host name j changeip org WAN IP address 1 169 185 242 Following is the screenshot of editing the HTML script on the browser to update your IP to the DDNS server Vigor2762 Series User s Guide 16...

Страница 171: ...date asp u jo p jo hostname j changeip org ip IP cmd update offline 0 In which IP is a value which will be replaced with the current interface IP address automatically when DDNS service is running In this case the IP will be 1 169 185 242 4 After setting the Customized DDNS service will be up and our IP will be updated to the DDNS server Part B 3322 net Part B 3322 net Username bi Password 88 Host...

Страница 172: ...tically 1 Please go to Applications Dynamic DNS to create a profile for Customized DDNS client 2 Set the Service Provider as Customized 3 Set the Provider Host as member 3322 net 4 Set the Service API as dyndns update hostname yourhost 3322 org myip IP wildcard OFF mx mail exchanger ext backmx NO offline NO 5 Enter your account and password 6 After the setting the Customized DDNS service will be u...

Страница 173: ...Part C Extend Note Part C Extend Note The customized Service Provider is also eligible with the ClouDNS net Vigor2762 Series User s Guide 163 ...

Страница 174: ...reless LAN Part III Wireless LAN Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well as Internet access Vigor2762 Series User s Guide 164 ...

Страница 175: ...WLAN applications Vigor2762 n ac series router supports 802 11n up to 300 Mbps for 40 MHz channel operations Info The actual data throughput will vary according to the network conditions and environmental factors including volume of network traffic network overhead and building materials In an Infrastructure Mode of wireless network Vigor wireless router plays a role as an Access Point AP connecti...

Страница 176: ...n during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which security suite you se...

Страница 177: ... can connect to Internet without hassle of the confidential information leakage For a more flexible deployment you may add filters of MAC addresses to isolate users access from wired LAN Manage Wireless Stations Manage Wireless Stations Station List Station List It will display all the stations in your wireless network and the status of their connection WPS WPS WPS Wi Fi Protected Setup provides e...

Страница 178: ...ernal users in a company or your home Available settings are explained as follows Item Description Name Type the SSID name of this router for wireless 2 4GHz The default name is defined with DrayTek Change the name if required Mode Available modes are different based on 2 4GHz and or 5GHz supported by Vigor router Channel Means the channel of frequency of the wireless LAN The default channel is 6 ...

Страница 179: ...ernet but not being allowed to share the LAN network and VPN connection Available settings are explained as follows Item Description Enable Disable Click it to enable or disable settings in this page SSID Type the SSID name of this router SSID1 Security Key The wireless mode offered by this wizard is WPA2 PSK The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre...

Страница 180: ...5 The following page will display the configuration summary for wireless setting 6 Click Finish to complete the wireless settings configuration Vigor2762 Series User s Guide 170 ...

Страница 181: ...taneously Simply choose Mixed 11b 11g 11n mode Channel Means the channel of frequency of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea of choosing the frequency please select Auto to let system determine for you Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized client...

Страница 182: ...ons Schedule setup The default setting of this field is blank and the function will always work After finishing all the settings here please click OK to save the configuration III 1 3 Security III 1 3 Security This page allows you to set security with different modes for SSID 1 2 3 and 4 respectively After configuring the correct settings please click OK to save and invoke it The password PSK of d...

Страница 183: ... the encryption key should be entered in PSK WPA2 PSK Accepts only WPA2 clients and the encryption key should be entered in PSK Mixed WPA WPA2 PSK Accepts WPA and WPA2 clients simultaneously and the encryption key should be entered in PSK WPA The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically ne...

Страница 184: ...re but only one key can be selected at a time The keys can be entered in ASCII or Hexadecimal Check the key you wish to use After finishing all the settings here please click OK to save the configuration III 1 4 Access Control III 1 4 Access Control In the Access Control the router may restrict wireless access to certain wireless clients only by locking their MAC address into a black or white list...

Страница 185: ... edited before Client s MAC Address Manually enter the MAC address of wireless client Apply SSID After entering the client s MAC address check the box of the SSIDs desired to insert this MAC address into their access control list Attribute s Isolate the station from LAN select to isolate the wireless connection of the wireless client of the MAC address from LAN Comment Type a brief description for...

Страница 186: ...e network connection between wireless station and wireless access point vigor router with the encryption of WPA and WPA2 Info WPS is available for the wireless station with WPS supported It is the simplest way to build connection between wireless network clients and vigor router Users do not need to select any encryption mode and type any long encryption passphrase to setup a wireless client every...

Страница 187: ... you want to use PIN code you have to know the PIN code specified in wireless client Then provide the PIN code of the wireless client you wish to connect to the vigor router For WPS is supported in WPA PSK or WPA2 PSK mode if you do not choose such mode in Wireless LAN Security you will see the following message box Please click OK and go back Wireless LAN Security to choose WPA PSK or WPA2 PSK mo...

Страница 188: ...d WPA PSK support WPS Configure via Push Button Click Start PBC to invoke Push Button style WPS setup procedure The router will wait for WPS requests from wireless clients about two minutes The WPS LED on the router will blink fast when WPS is in progress It will return to normal condition after two minutes You need to setup WPS within two minutes Configure via Client PinCode Please input the PIN ...

Страница 189: ... the WDS Repeater mode is depicted as below The major difference between these two modes is that while in Repeater mode the packets received from one peer AP can be repeated to another peer AP through WDS links Yet in Bridge mode packets received from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the foll...

Страница 190: ...y There are three types for security Disable and Pre shared key The setting you choose here will make the following WEP or Pre shared key field valid or not Choose one of the types for the router Pre shared Key Type There are some types for you to choose WPA and WPA2 are used for WDS devices e g 2920n wireless router you can set the encryption mode as WPA or WPA2 to establish your WDS system betwe...

Страница 191: ...if you want to invoke the peer MAC address remember to check Enable box in the front of the MAC address after typing Access Point Function Click Enable to make this router serve as an access point click Disable to cancel this function Status It allows user to send hello message to peers Yet it is valid only when the peer also supports this function After finishing all the settings here please clic...

Страница 192: ... the AP and the stations 20 40 Vigor Router will scan for nearby wireless AP and then use 20MHz if the number of AP is more than 10 or use 40MHz if it s not Guard Interval It is to assure the safety of propagation delays and reflections for the sensitive digital data If you choose auto as guard interval the AP router will choose short guard interval increasing the wireless performance or long guar...

Страница 193: ...e RTS threshold of wireless radio Do not modify default value if you don t know what it is default value is 2347 Country Code Vigor router broadcasts country codes by following the 802 11d standard However some wireless stations will detect scan the country code to prevent conflict occurred If conflict is detected wireless station will be warned and is unable to make network connection Therefore c...

Страница 194: ...or a long time Available settings are explained as follows Item Description SSID Display the SSID that the wireless station will use it to connect with Vigor router Enable Check the box to enable the station control function Connection Time Reconnection Time Use the drop down list to choose the duration for the wireless client connecting reconnecting to Vigor router Or type the duration manually w...

Страница 195: ... of the wireless client Total Upload Limit It is available when Auto Adjustment is selected Type a value to define the maximum data traffic uploading for all of the wireless clients connecting to Vigor2762 Total Download Limit It is available when Auto Adjustment is selected Type a value to define the maximum data clientstations connecting to Vigor2762 Upload Limit It is available when Per Station...

Страница 196: ...ly the AP which is in the same channel of this router can be found Please click Scan to discover all the connected APs Available settings are explained as follows Item Description Scan It is used to discover all the connected AP The results will be shown on the box above this button Statistics It displays the statistics for the channels used by APs Add to If you want the found AP applying the WDS ...

Страница 197: ...that each station has equal probability to access the channel When wireless stations have similar data rate this principle leads to a fair result In this case stations get similar channel access time which is called airtime However when stations have various data rate e g 11g 11n the result is not fair The slow stations 11g work in their slow data rate and occupy too much airtime whereas the fast ...

Страница 198: ...s Item Description Enable Airtime Fairness Try to assign similar airtime to each wireless station by controlling TX traffic Airtime Fairness Click the link to display the following screen of airtime fairness note Triggering Client Number Airtime Fairness function is applied only when active station number achieves this number After finishing this web page configuration please click OK to save the ...

Страница 199: ...e the network connection of wireless station When the signal strength is below the value dBm set here Vigor router will terminate the network connection for that wireless station Minimum RSSI Minimum RSSI When the signal strength of the wireless station is below the value dBm set here and adjacent AP must be DrayTek AP and support such feature too with higher signal strength value defined in the f...

Страница 200: ...gs are explained as follows Item Description Refresh Click this button to refresh the status of station list Add Click this button to add current typed MAC address into Access Control Vigor2762 Series User s Guide 190 ...

Страница 201: ...This page is left blank Vigor2762 Series User s Guide 191 ...

Страница 202: ...s of a point to point private link It is a form of VPN that can be used with a standard Web browser A digital certificate works as an electronic ID which is issued by a certification authority CA It contains information such as your name a serial number expiration dates etc and the digital signature of the certificate issuing authority so that a recipient can verify that the certificate is real He...

Страница 203: ...rkers or remote DrayTek Vigor routers back to your main office using SSL TLS technology the same encryption that you use for secure web sites such as your bank Site to site VPN tunnels can connect branch offices to a main office with DrayTek SSL VPN encryption securing the connection between the two offices a TLS encrypted HTTPS tunnel which can be more secure than PPTP and easier to configure tha...

Страница 204: ...service of Vigor Router to allow VPN tunnel pass through as well as the appropriate NAT settings such as DMZ or open port After finishing all the settings here please click OK to save the configuration IV 1 IV 1 2 2 PPP General Setup PPP General Setup This submenu only applies to PPP related VPN connections such as PPTP L2TP L2TP over IPsec Available settings are explained as follows Vigor2762 Ser...

Страница 205: ...ion the remote dial in user will use 40 bit to perform encryption prior to using 128 bit for encryption In other words if 128 bit MPPE encryption method is not available then 40 bit encryption scheme will be applied to encrypt the data Maximum MPPE This option indicates that the router will use the MPPE encryption scheme with maximum bits 128 bit to encrypt the data Mutual Authentication PAP The M...

Страница 206: ...only It can just apply to local packet e g L2TP over IPsec The Tunnel mode will not only add the AH ESP payload but also use a new IP header Tunneled IP header to encapsulate the whole original IP packet Authentication Header AH provides data authentication and integrity for IP packets passed between VPN peers This is achieved by a keyed one way hash function to the packet to create a message dige...

Страница 207: ...rity Payload ESP means payload data will be encrypted and authenticated You may select encryption algorithm from Data Encryption Standard DES Triple DES 3DES and AES After finishing all the settings here please click OK to save the configuration IV 1 IV 1 4 4 IPsec Peer Identity IPsec Peer Identity To use digital certificate for peer authentication in either LAN to LAN connection or Remote User Di...

Страница 208: ...t profile Accept Any Peer ID Click to accept any peer regardless of its identity Accept Subject Alternative Name Click to check one specific field of digital signature to accept the peer with matching value The field can be IP Address Domain or E mail Address The box under the Type will appear according to the type you select and ask you to fill in corresponding setting Accept Subject Name Click t...

Страница 209: ...ial in users The following figure shows the summary table Available settings are explained as follows Item Description Set to Factory Default Click to clear all indexes View All Click it to display the all of the user accounts Online Click it to display the online user accounts Offline Click it to display the offline user accounts Index Click the number below Index to access into the setting page ...

Страница 210: ... router will drop this connection By default the Idle Timeout is set to 300 seconds Allowed Dial In Type PPTP Allow the remote dial in user to make a PPTP VPN connection through the Internet You should set the User Name and Password of remote dial in user below IPsec Tunnel Allow the remote dial in user to make an IPsec VPN connection through Internet L2TP with IPsec Policy Allow the remote dial i...

Страница 211: ...when you select PPTP or L2TP with or without IPsec policy above The length of the password is limited to 19 characters Enable Mobile One Time Passwords mOTP Check this box to make the authentication with mOTP function PIN Code Type the code for authentication e g 1234 Secret Use the 32 digit secret number generated by mOTP in the mobile phone e g e759bb6f0e94c7ab4fe6 Subnet Chose one of the subnet...

Страница 212: ...is item is optional and can be used only in IKE aggressive mode After finishing all the settings here please click OK to save the configuration IV 1 6 LAN to LAN IV 1 6 LAN to LAN Here you can manage LAN to LAN connections by maintaining a table of connection profiles You may set parameters including connection peer ID connection type VPN connection including PPTP IPsec Tunnel and L2TP by itself o...

Страница 213: ... means the profile has been enabled X means the profile has not been enabled Status Indicate the status of individual profiles The symbol V and X represent the profile to be active and inactive respectively To edit each profile 1 Click each index to edit each profile and you will get the following page Each LAN to LAN profile includes 5 subgroups If the fields gray out it means you may leave it un...

Страница 214: ...e is conflict occurred between the hosts on both sides of VPN Tunnel in connecting such function can block data transmission of Netbios Naming Packet inside the tunnel Multicast via VPN Some programs might send multicast packets via VPN connection Pass Click this button to let multicast packets pass through the router Block This is default setting Click this button to let multicast packets be bloc...

Страница 215: ...iation Otherwise the dial out VPN connection becomes one pure L2TP connection Must Specify the IPsec policy to be definitely applied on the L2TP connection SSL Tunnel Build an SSL VPN connection to the server through Internet User Name This field is applicable when you select PPTP or L2TP with or without IPsec policy above The length of the name is limited to 49 characters Password This field is a...

Страница 216: ...S encryption algorithm and not apply any authentication scheme AES with Authentication Use AES encryption algorithm and apply MD5 or SHA 1 authentication algorithm Advanced Specify mode proposal and key life of each IKE phase Gateway etc The window of advance setup is shown as below IKE phase 1 mode Select from Main mode and Aggressive mode The ultimate outcome is to exchange security proposals to...

Страница 217: ...k and the function will always work Available settings are explained as follows Item Description TCP IP Network Settings My WAN IP This field is only applicable when you select PPTP or L2TP with or without IPsec policy above The default value is 0 0 0 0 which means the Vigor router will get a PPP IP address from the remote router during the IPCP negotiation phase If the PPP IP address is fixed by ...

Страница 218: ...T otherwise choose Route Change default route to this VPN tunnel Check this box to change the default route with this VPN tunnel IPSec VPN with the Same subnet For both ends e g different sections in a company are within the same subnet there is a function which allows you to build Virtual IP mapping between two ends Thus when VPN connection established the router will change the IP address accord...

Страница 219: ... Remote Network Mask through the VPN connection This is usually used when you find there are several subnets behind the remote VPN router Translated Type There are two types for you to choose Whole Subnet Specific IP Address Virtual IP Mapping A pop up dialog will appear for you to specify the local IP address and the mapping virtual IP address 2 After finishing all the settings here please click ...

Страница 220: ...ons You may disconnect any VPN connection by clicking Drop button You may also aggressively Dial out by using Dial out Tool and clicking Dial button Available settings are explained as follows Item Description Dial out Tool Dial Click this button to execute dial out function Vigor2762 Series User s Guide 210 ...

Страница 221: ...VPN with Main mode use the IP address of VPN client as identifier and the IP address must be set on VPN server therefore if the VPN client doesn t have a static IP please use Aggressive mode instead VPN Server Dial In Site Vigor 2862 Setup VPN Server Dial In Site Vigor 2862 Setup 1 Create a Dial In profile for VPN user go to VPN and Remote Access LAN to LAN click on an available index to add a new...

Страница 222: ... Gateway and enter Peer VPN Server IP as the public IP of VPN client router f Click on IKE Pre Shared Key and enter the Pre shared Key g Select the IPsec Security Method that are allowed to use 3 In TCP IP Network Settings enter VPN Client s LAN network in Remote Network IP and Remote Network Mask Click OK to save the profile Vigor2762 Series User s Guide 212 ...

Страница 223: ...ial out profile to VPN server Go to VPN and Remote Access LAN to LAN click on an available index to add a new profile 2 Setup the dial out profile In Common Settings a Enter a Profile Name b Enable this profile c Set Call Direction to Dial Out In Dial out Setting Vigor2762 Series User s Guide 213 ...

Страница 224: ... k Click on Advanced in IPsec Security Method In IKE advanced settings l Select Main Mode for IKE phase 1 mode m Make sure phase 1 and phase 2 proposal are using the security methods which are accepted by VPN server n Click OK to save 3 In TCP IP Network Settings enter VPN Server s LAN Network in Remote Network IP and Remote Network Mask Click OK to save the profile Vigor2762 Series User s Guide 2...

Страница 225: ... connection go to VPN and Remote Access Connection Management on VPN Client select the profile to VPN Sever and click Dial If all the settings are matched the VPN will be established and the statistics will be displayed on the same page Vigor2762 Series User s Guide 215 ...

Страница 226: ...e used with a standard Web browser There are two benefits that SSL VPN provides It is not necessary for users to preinstall VPN client software for executing SSL VPN connection There are less restrictions for the data encrypted through SSL VPN in comparing with traditional VPN Vigor2762 Series User s Guide 216 ...

Страница 227: ... in System Maintenance Management In general the default setting is 443 Server Certificate When the client does not set any certificate default certificate will be used for HTTPS and SSL VPN server Choose any one of the user defined certificates from the drop down list if users set several certificates previously Otherwise choose Self signed to use the router s built in default certificate The def...

Страница 228: ... a guest network or web cafe The SSL technology is the same as the encryption that you use for secure web sites such as your online bank The SSL VPN can be operated in either full tunnel mode or proxy mode Now Vigor2762 Series allows up to 16 simultaneous incoming users For SSL VPN identity authentication and power management are implemented through deploying user accounts Therefore the user accou...

Страница 229: ...applicable when you select PPTP or L2TP with or without IPsec policy above The length of the name password is limited to 19 characters Enable Mobile One Time Passwords mOTP Check this box to make the authentication with mOTP function PIN Code Type the code for authentication e g 1234 Secret Use the 32 digit secret number generated by mOTP in the mobile phone e g e759bb6f0e94c7ab4fe6 Allowed Dial I...

Страница 230: ...lock When there is conflict occurred between the hosts on both sides of VPN Tunnel in connecting such function can block data transmission of Netbios Naming Packet inside the tunnel Multicast via VPN Some programs might send multicast packets via VPN connection Pass Click this button to let multicast packets pass through the router Block This is default setting Click this button to let multicast p...

Страница 231: ...s payload data will be encrypted and authenticated You may select encryption algorithm from Data Encryption Standard DES Triple DES 3DES and AES Local ID Specify a local ID to be used for Dial in setting in the LAN to LAN Profile setup This item is optional and can be used only in IKE aggressive mode After finishing all the settings here please click OK to save the configuration Vigor2762 Series U...

Страница 232: ...ext users can open SSL VPN Online User Status to view logging status of SSL VPN Available settings are explained as follows Item Description Active User Display current user who visits SSL VPN server Host IP Display the IP address for the host Time out Display the time remaining for logging out Action You can click Drop to drop certain login user from the router s SSL Portal UI Vigor2762 Series Us...

Страница 233: ...forming to standard X 509 Any entity wants to utilize digital certificates should first request a certificate issued by a CA server It should also retrieve certificates of other trusted CA servers so it can authenticate the peer with certificates issued by those trusted CA servers Here you can manage generate and manage the local digital certificates and set trusted CA certificates Remember to adj...

Страница 234: ...formation Refresh Click this button to refresh the information listed below View Click this button to view the detailed settings for certificate request Delete Click this button to delete selected name with certification information G GENERATE ENERATE Click this button to open Generate Certificate Signing Request window Type in all the information that the window request such as certifcate name us...

Страница 235: ...yed on the window below IMPORT IMPORT Vigor router allows you to generate a certificate request and submit it the CA server then import it as Local Certificate If you have already gotten a certificate from a third party you may import it directly The supported types are PKCS12 Certificate and Certificate with a private key Vigor2762 Series User s Guide 225 ...

Страница 236: ...ne well in certificate generation the Status of the certificate will be shown as OK Upload PKCS12 Certificate It allows users to import the certificate whose extensions are usually pfx or p12 And these certificates usually need passwords Note PKCS12 is a standard for storing private keys and certificates securely It is used in among other things Netscape and Microsoft Internet Explorer with their ...

Страница 237: ...settings for certificate request Info You have to copy the certificate request information from above window Next access your CA server and enter the page of certificate request copy the information into it and submit a request A new certificate will be issued to you by the CA server You can save it Delete Delete Click this button to remove the selected certificate Vigor2762 Series User s Guide 22...

Страница 238: ... to authenticate the digital certificates offered by both ends However the procedure of applying digital certificate from a trusted root certificate authority is complicated and time consuming Therefore Vigor router offers a mechanism which allows you to generate root CA to save time and provide convenience for general user Later such root CA generated by DrayTek server can perform the issuing of ...

Страница 239: ...usted CA Importing a Trusted CA To import a pre saved trusted CA certificate please click IMPORT to open the following window Use Browse to find out the saved text file Then click Import The one you imported will be listed on the Trusted CA Certificate window For viewing each trusted CA certificate click View to open the certificate detail information window If you want to delete a CA certificate ...

Страница 240: ...in one file Please click Backup on the following screen to save them If you want to set encryption password for these certificates please type characters in both fields of Encrypt password and Confirm password Also you can use Restore to retrieve these two settings to the router whenever you want Vigor2762 Series User s Guide 230 ...

Страница 241: ...he firewall of the Vigor router helps to protect your local network against attack from unauthorized outsiders It also restricts users in the local network from accessing the Internet CSM is an abbreviation of Central Security Management which is used to control IM P2P usage filter the web content and URL content to reach a goal of security management Vigor2762 Series User s Guide 231 ...

Страница 242: ...ial of Service DoS Distributed DoS DDoS attacks protection IP Filter IP Filters s Depending on whether there is an existing Internet connection or in other words the WAN link status is up or down the IP filter architecture categorizes traffic into two Call Filter and Data Filter Call Filter When there is no existing Internet connection Call Filter is applied to all traffic all of which should be o...

Страница 243: ...ty attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables the Vigor router to inspect every incoming packet based on the attack signature database Any malicious packet that might duplicate itself to paralyze the host in the secure LAN will be strictly blocked and a Syslog message will be sent as warning if you s...

Страница 244: ...ork in a serial manner So here you assign the Start Filter Set only Also you can configure the Log Flag settings Apply IP filter to VPN incoming packets and Accept incoming fragmented UDP packets Click Firewall and click General Setup to open the general setup page General Setup Page General Setup Page Such page allows you to enable disable Call Filter and Data Filter determine general rule for fi...

Страница 245: ...abled in default All the packets while transmitting through Vigor router will be filtered by firewall If the firewall system e g content filter server does not make any response pass or block for these packets then the router s firewall will block the packets directly Block routing packet from WAN Usually IPv6 network sessions traffic from WAN to LAN will be accepted by IPv6 firewall in default IP...

Страница 246: ...000 Quality of Service Choose one of the QoS rules to be applied as firewall rule For detailed information of setting QoS please refer to the related section later APP Enforcement Select an APP Enforcement profile for global IM P2P application blocking If there is no profile for you to select please choose Create New from the drop down list in this page to create a new profile All the hosts in LAN...

Страница 247: ...ecord information for Web Content Filter by checking the Log box It will be sent to Syslog server Please refer to section Syslog Mail Alert for more detailed information DNS Filter Select one of the DNS Filter profile settings created in CSM DNS Filter for applying with this router Please set at least one profile in CSM Web Content Filter web page first Or click the DNS Filter link in this page to...

Страница 248: ...e performance will be However if the network is not stable small value will be proper Session timeout Setting timeout for sessions can make the best utilization of network resources After finishing all the settings here please click OK to save the configuration Vigor2762 Series User s Guide 238 ...

Страница 249: ...ilter rule Available settings are explained as follows Item Description Rule Click a button numbered 1 7 to edit the filter rule Click the button will open Edit Filter Rule web page For the detailed information refer to the following page Active Enable or disable the filter rule Comment Enter filter set comments description Maximum length is 23 character long Direction Display the direction of pac...

Страница 250: ...uently used settings of filter rule via three setting pages Advance Mode Allow to configure detailed settings of filter rule in one page To use Wizard Mode simple do the following steps 1 Click the Wizard Mode radio button 2 Click one of the indexe number linke e g Index 2 to access into the following page Available settings are explained as follows Item Description Comments Enter filter set comme...

Страница 251: ...t and last values are different it indicates a range for the port and available for this service type when the first and last value are the same it indicates all the ports except the port defined here when the first and last values are different it indicates that all the ports except the range defined here are available for this service type the port number greater than this value is available the...

Страница 252: ...inish to complete wizard setting To use Advance Mode do the following steps 1 Click the Advance Mode radio button 2 Click one of the indexe number linke e g Index 2 to access into the following page Vigor2762 Series User s Guide 242 ...

Страница 253: ... of the 15 schedules pre defined in Applications Schedule setup The default setting of this field is blank and the function will always work Clear sessions when schedule ON Check this box to clear the sessions when the above schedule profiles are applied Direction Set the direction of packet flow It is for Data Filter only For the Call Filter this setting is not available since Call Filter is only...

Страница 254: ...ess Type From the IP Group drop down list choose the one that you want to apply Or use the IP Object drop down list to choose the object that you want Service Type Click Edit to access into the following dialog to choose a suitable service type To set the service type manually please choose User defined as the Service Type and type them in this dialog In addition if you want to use the service typ...

Страница 255: ...kets match the rule Block Immediately Packets matching the rule will be dropped immediately Pass Immediately Packets matching the rule will be passed immediately Block If No Further Match A packet matching the rule and that does not match further rules will be dropped Pass If No Further Match A packet matching the rule and that does not match further rules will be passed through Branch to other Fi...

Страница 256: ...on for URL Content Filter by checking the Log box It will be sent to Syslog server Please refer to section Syslog Mail Alert for more detailed information Web Content Filter Select one of the Web Content Filter profile settings created in CSM Web Content Filter for applying with this router Please set at least one profile for anti virus in CSM Web Content Filter web page first Or choose Create New...

Страница 257: ...utilization of network resources However Queue timeout is configured for TCP protocol only session timeout is configured for the data flow which matched with the firewall rule DrayTek Banner Please uncheck this box and the following screen will not be shown for the unreachable web page The default setting is Enabled Strict Security Checking All the packets while transmitting through Vigor router w...

Страница 258: ... defense function Once detecting the Threshold of the TCP SYN packets from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent TCP SYN packets for a period defined in Timeout The goal for this is prevent the TCP SYN packets attempt to exhaust the limited resource of Vigor router By default the threshold and timeout values are set to 2000 packe...

Страница 259: ...ivate the Block IP options function The Vigor router will ignore any IP packets with IP option field in the datagram header The reason for limitation is IP option appears to be a vulnerability of the security for the LAN because it will carry significant information such as security TCC closed user group parameters a series of Internet addresses routing messages etc An eavesdropper outside might l...

Страница 260: ...e Vigor routers will block any packets realizing this attacking activity Block ICMP Fragment Check the box to activate the Block ICMP fragment function Any ICMP packets with more fragment bit set are dropped Block Unassigned Numbers Check the box to activate the Block Unknown Protocol function Individual IP packet has a protocol field in the datagram header to indicate the protocol type running ov...

Страница 261: ...Vigor2762 Series User s Guide 251 ...

Страница 262: ...e test specify the service type ICMP UDP TCP of the packet and type of the IP address IPv4 IPv6 Direction Set the way from WAN or from LAN that Vigor router receives the first packet for test Different way means the firewall will process the connection initiated from LAN or from WAN Test View This is a dynamic display page According to the direction specified test view will display the figure to g...

Страница 263: ...mputer A to B or from the B to A for the second packet Protocol It displays the mode selected above and the sate If required click the mode link to configure advanced setting The common service type Customize Ping Trace Route Customize DNS Trace Route Customize Http GET related to that mode ICMP UDP TCP will be shown on the following dialog box Type Choose Customize DNS Query and Trace Route Paylo...

Страница 264: ...figure shows the test result after clicking Analyze Processing state for the fuctions MAC Filter QoS User management etc related to the firewall will be displayed by green or red LED Vigor2762 Series User s Guide 254 ...

Страница 265: ...ce from LAN only The way we can use is to set two rules under Firewall For Rule 1 of Set 2 under Firewall Filter Setup is used as the default setting we have to create a new rule starting from Filter Rule 2 of Set 2 1 Access into the web user interface of Vigor router 2 Open Firewall Filter Setup Click the Set 2 link and choose the Filter Rule 2 button 3 Check the box of Check to enable the Filter...

Страница 266: ...he packets with the rules starting from Rule 3 to Rule 7 The packets not matching with the rules will be processed according to Rule 2 4 Next set another rule Just open Firewall Filter Setup Click the Set 2 link and choose the Filter Rule 3 button 5 Check the box of Check to enable the Filter Rule Type the comments e g open_ip Click the Edit button for Source IP Vigor2762 Series User s Guide 256 ...

Страница 267: ...f Start IP and type 192 168 1 20 in the field of End IP Then click OK to save the settings The computers within the range can access into the Internet 7 Now check the content of Source IP is correct or not The action for Filter shall be set with Pass Immediately Then click OK to save the settings Vigor2762 Series User s Guide 257 ...

Страница 268: ...ilter rules have been created Click OK Now all the settings are configured well Only the computers with the IP addresses within 192 168 1 10 192 168 1 20 can access to Internet Vigor2762 Series User s Guide 258 ...

Страница 269: ... payload of TCP packets while legacy firewall inspects packets based on the fields of TCP IP headers only On the other hand Vigor router can prevent user from accidentally downloading malicious codes from web pages It s very common that malicious codes conceal in the executable objects such as ActiveX Java Applet compressed files and other executable files Once downloading these types of files fro...

Страница 270: ...al Setup for filtering Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Profile Display the number of the profile which allows you to click to set different policy Name Display the name of the APP Enforcement Profile Click the number under Index column for settings in detail There are four tabs IM P2P Protocol and Others displayed on this page ...

Страница 271: ...it to choose all of the items in this page Clear All Uncheck all the selected boxes Enable Check the box to select the APP to be blocked by Vigor router Adv A button under Enable check box allows you to open a pop up window to specify activity for that APP The profiles configured here can be applied in the Firewall General Setup and Firewall Filter Setup pages as the standard for the host s to fol...

Страница 272: ...as follows Item Description Upgrade Setting APPE Module Version Display current version status of APPE signature New version from the Internet Download button is available only when Vigor router detects new APPE version After clicking it a dialog will appear with information added to such new version Click OK to exit the dialog and start the signature upgrade Upgrade via interface Choose one of th...

Страница 273: ...ent hence to increase the employee work efficiency How can URL Content Filter work better than traditional firewall in the field of filtering Because it checks the URL strings or some of HTTP data hiding in the payload of TCP packets while legacy firewall inspects packets based on the fields of TCP IP headers only On the other hand Vigor router can prevent user from accidentally downloading malici...

Страница 274: ...tration Message You can type the message manually for your necessity Default Message You can type the message manually for your necessity or click this button to get the default message which will be displayed on the field of Administration Message You can set eight profiles as URL content filter Simply click the index number under Profile to open the following web page Available settings are expl...

Страница 275: ...second Either Web Feature First When all the packages matching with the conditions specified in URL Access Control and Web Feature below such function can determine the priority for the actions executed For this one the router will process the packages with the conditions set below for web feature first then URL second Log None There is no log file will be recorded for this profile Pass Only the l...

Страница 276: ...oun or a complete URL string Multiple keywords within a frame are separated by space comma or semicolon In addition the maximal length of each frame is 32 character long After specifying keywords the Vigor router will decline the connection request to the website whose URL string matched to any user defined keyword It should be noticed that the more simplified the blocking keyword list is the more...

Страница 277: ...ard by means of CSM Web Content Filter Profile or via System Maintenance Activation Service Activation Wizard allows you to use trial version of WCF directly without accessing into the server MyVigor located on http myvigor draytek com However if you use the Web Content Filter Profile page to activate WCF feature it is necessary for you to access into the server MyVigor located on http myvigor dra...

Страница 278: ...lick it to access into MyVigor for activating WCF service Setup Query Server It is recommended for you to use the default setting auto selected You need to specify a server for categorize searching when you type URL in browser based on the web content filter profile Setup Test Server It is recommended for you to use the default setting auto selected Find more Click it to open http myvigor draytek ...

Страница 279: ...the same destination ID the router will check it by comparing the record stored If it matches the page will be retrieved quickly Such item can provide URL matching with the fastest rate L1 L2 Cache the router will check the URL with fast processing rate combining the feature of L1 and L2 Eight profiles are provided here as Web content filters Simply click the index number under Profile to open the...

Страница 280: ...up Object Selections If the web pages do not match with the specified feature set here they will be processed with the categories listed on the box below Block restrict accessing into the corresponding webpage with the characters listed on Group Object Selections If the web pages do not match with the specified feature set here they will be processed with the categories listed on the box below Act...

Страница 281: ...uter or external DNS server e g 8 8 8 8 If the router server is used DNS Filter General Setting will be applied to DNS query from clients on LAN However if the external DNS server is used DNS Filter Profile will be applied to DNS query coming from clients on LAN Info For DNS filter must use the WCF service profile to filter the packets therefore WCF license must be activated first Otherwise DNS fi...

Страница 282: ...e the name of the profile and specify WCF UCF based on your requirement DNS Filter Local Setting DNS Filter Local Setting will be applied to DNS query from clients on LAN when router s DNS server is used DNS Filter Check Enable to enable such feature Syslog The filtering result can be recorded according to the setting selected for Syslog None There is no log file will be recorded for this Vigor276...

Страница 283: ...UCF Set the filtering conditions Black White List Specify IP address subnet mask IP object or IP group as a black list or white list for DNS packets passing through or blocked by Vigor router Administration Message Type the words or sentences which will be displayed when a web page is blocked by Vigor router After finishing all the settings please click OK to save the configuration Vigor2762 Serie...

Страница 284: ...t List This page offers the software versions for each applications managed by APP Enforcement Profiles by Vigor router Click the IM P2P PROTOCOL OTHERS tab to open the information page for different APP type Vigor2762 Series User s Guide 274 ...

Страница 285: ... Web Content Filter Anti Intrusion and etc to filtering the web pages for the sake of protecting your system To access into MyVigor for getting more information please create an account for MyVigor Create an Account via Vigor Router Create an Account via Vigor Router 1 Click CSM Web Content Filter Profile The following page will appear Or Click System Maintenance Activation to open the following p...

Страница 286: ...ctivate link A login page for MyVigor web site will pop up automatically 3 Click the link of Create an account now 4 Check to confirm that you accept the Agreement and click Accept Vigor2762 Series User s Guide 276 ...

Страница 287: ...5 Type your personal information in this page and then click Continue 6 Choose proper selection for your computer and click Continue Vigor2762 Series User s Guide 277 ...

Страница 288: ...on email with the title of New Account Confirmation Letter from myvigor draytek com 9 Click the Activate my Account link to enable the account that you created The following screen will be shown to verify the register process is finished Please click Login Vigor2762 Series User s Guide 278 ...

Страница 289: ... Your account has been activated You can access into MyVigor server to activate the service e g WCF that you want Create an Account via MyVigor Web Site Create an Account via MyVigor Web Site 1 Access into http myvigor draytek com Find the line of Not registered yet Then click the link Click here to access into next page Vigor2762 Series User s Guide 279 ...

Страница 290: ...ent and click Accept 3 Type your personal information in this page and then click Continue 4 Choose proper selection for your computer and click Continue 5 Now you have created an account successfully Click START Vigor2762 Series User s Guide 280 ...

Страница 291: ... Account Confirmation Letter from myvigor draytek com 7 Click the Activate my Account link to enable the account that you created The following screen will be shown to verify the register process is finished Please click Login Vigor2762 Series User s Guide 281 ...

Страница 292: ... the fields of UserName and Password Then type the code in the box of Auth Code according to the value displayed on the right side of it Now click Login Your account has been activated You can access into MyVigor server to activate the service e g WCF that you want Vigor2762 Series User s Guide 282 ...

Страница 293: ...ntent Filter Benefits Easily and quickly implement the category website that you want to block Note License is required URL Content Filter Benefits Free flexible for customize webpage Note Manual setting e g one keyword for one website I Via Web Content Filter I Via Web Content Filter 1 Make sure the Web Content Filter powered by Commtouch license is valid 2 Open CSM Web Content Filter Profile to ...

Страница 294: ...ed and the following message would be displayed instead II Via URL Content Filter A Block the web page containing the word of Facebook 1 Open Object Settings Keyword Object Click an index number to open the setting page 2 In the field of Contents please type facebook Configure the settings as the following figure Vigor2762 Series User s Guide 284 ...

Страница 295: ... Filter Profile Click an index number to open the setting page 4 Configure the settings as the following figure 5 When you finished the above steps click OK Then open Firewall General Setup Vigor2762 Series User s Guide 285 ...

Страница 296: ...ow users cannot open any web page with the word facebook inside B Disallow users to play games on Facebook 1 Open Object Settings Keyword Object Click an index number to open the setting page 2 In the field of Contents please type apps facebook Configure the settings as the following figure Vigor2762 Series User s Guide 286 ...

Страница 297: ... the following figure 5 When you finished the above steps please open Firewall General Setup 6 Click the Default Rule tab Choose the profile just configured from the drop down list in the field of URL Content Filter Now users cannot open any web page with the word facebook inside Vigor2762 Series User s Guide 287 ...

Страница 298: ...strator Password User Password Login Page Greeting Configuration Backup Syslog Mail Alert Time and Date Management Reboot System Firmware Upgrade and Activation It is used to control the bandwith of data transmission through configuration of Sessions Limit Bandwidth Limit and Quality of Servie QoS Vigor2762 Series User s Guide 288 ...

Страница 299: ...figuration System Status TR 069 Administrator Password User Password Login Page Greeting Configuration Backup Syslog Mail Alert Time and Date SNMP Management Self Signed Certificate Reboot System Firmware Upgrade Modem Code Upgrade and Activation Below shows the menu items for System Maintenance Vigor2762 Series User s Guide 289 ...

Страница 300: ...e settings are explained as follows Item Description Model Name Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build LAN MAC Address Display the MAC address of the LAN Interface IP Address Display the IP address of the LAN interface Subnet Mask Display the subnet mask address of the ...

Страница 301: ... Display the IP address of the WAN interface Default Gateway Display the assigned IP address of the default gateway IPv6 Address Display the IPv6 address for LAN Scope Display the scope of IPv6 address For example IPv6 Link Local could only be used for direct IPv6 link It can t be used for IPv6 internet Internet Access Mode Display the connection mode chosen for accessing into Internet Vigor2762 S...

Страница 302: ...is device supports TR 069 standard It is very convenient for an administrator to manage a TR 069 device through an Auto Configuration Server e g VigorACS Available settings are explained as follows Vigor2762 Series User s Guide 292 ...

Страница 303: ...o send notification to CPE Or click Disable to close the mechanism of notification STUN Settings The default is Disable If you click Enable please type the relational settings listed below Server IP Type the IP address of the STUN server Server Port Type the port number of the STUN server Minimum Keep Alive Period If STUN is enabled the CPE must send binding request to the server for the purpose o...

Страница 304: ... it is necessary to increase the bandwidth setting for that CPE or not Enable Click it to enable such feature Time Period Choose the time interval 15 mins 30 mins 1hour 3 hours or 6 hours for CPE to send a notification of bandwidth utilization to VigorACS WAN Choose the WAN interface for applying the bandwidth utilization notification mechanism Threshold Level Set the percentage of bandwidth in tr...

Страница 305: ...of the settings to fit the requirements This feature allows other user in LAN who can access into the web user interface with the same privilege of the administrator Local User Check the box to enable the local user configuration Local User List It displays the username of the local user User Name Give a user name for the local user Password Type the password for the local user Confirm Password Ty...

Страница 306: ...atisfied simply click the username and click Delete to remove it Enable admin account login to Web UI from the Internet The default setting is enabled It can ensure any user accessing into web user interface of Vigor router through Internet by username password of admin admin When you click OK the login window will appear Please use the new password to access into the web user interface again Vigo...

Страница 307: ...ord in this field The length of the password is limited to 31 characters Confirm Password Type in the new password again Password Strength Display the security strength of the password specified above Set to Factory Default Click to return to the factory default setting When you click OK the login window will appear Please use the new password to access into the web user interface again Below show...

Страница 308: ...k OK 4 Log out Vigor router web user interface by clicking the Logout button 5 The following window will be open to ask for username and password Type the new user password in the filed of Password and click Login Vigor2762 Series User s Guide 298 ...

Страница 309: ...llows Settings to be configured in User Mode will be less than settings in Admin Mode Only basic configuration settings will be available in User Mode Info Setting in User Mode can be configured as same as in Admin Mode Vigor2762 Series User s Guide 299 ...

Страница 310: ...to enable the login customization function Login Page Title Type a brief description e g Welcome to DrayTek which will be shown on the heading of the login dialog Welcome Message and Bulletin Type words or sentences here It will be displayed for bulletin message In addition it can be displayed on the login dialog at the bottom Note that do not type URL redirect link here Preview Click it to displa...

Страница 311: ...Vigor2762 Series User s Guide 301 ...

Страница 312: ...n 1 Go to System Maintenance Configuration Backup The following page will be popped up as shown below Available settings are explained as follows Item Description Restore Choose File Click it to specify a file to be restored Click Restore to restore the configuration Backup Click it to perform the configuration backup of this router 2 Click Backup button to get into the following dialog Click Save...

Страница 313: ...wnload automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating examples The Mac or Linux platform will appear different windows but the backup function is still available Info Backup for Certification must be done independently The Configuration Backup does not include information of Certificate Vigor2762 Series User s Guide 303 ...

Страница 314: ...ing windows will be popped up as shown below 2 Click Choose File button to choose the correct configuration file for uploading to the router 3 Click Restore button and wait for few seconds the following picture will tell you that the restoration procedure is successful Vigor2762 Series User s Guide 304 ...

Страница 315: ...simply lick the link to access into System Maintenance Management to set the router name Server IP Address The IP address of the Syslog server Destination Port Assign a port for the Syslog protocol Mail Syslog Check the box to recode the mail event on Syslog Enable syslog message Check the box listed on this web page to send the corresponding message of firewall VPN User Access Call WAN Router DSL...

Страница 316: ...this function while using e mail application User Name Type the user name for authentication Password Type the password for authentication Enable E mail Alert Check the box to send alert message to the e mail box while the router detecting the item s you specify here Click OK to save these settings For viewing the Syslog please do the following 1 Just set your monitor PC s IP address in the field ...

Страница 317: ... the router you want to monitor Be reminded that in Network Information select the network adapter used to connect to the router Otherwise you won t succeed in retrieving information from the router Vigor2762 Series User s Guide 307 ...

Страница 318: ... to inquire time information from Time Server on the Internet using assigned protocol Time Server Type the web site of the time server Priority Choose Auto or IPv6 First as the priority Time Zone Select the time zone where the router is located Enable Daylight Saving Check the box to enable the daylight saving Such feature is available for certain area Advanced Click it to open a pop up dialog Use...

Страница 319: ...rvices The SNMPv3 is more secure than SNMP through the encryption method support AES and DES and authentication method support MD5 and SHA for the management needs Available settings are explained as follows Item Description Enable SNMP Agent Check it to enable this function Get Community Set the name for getting community by typing a proper character The default setting is public Vigor2762 Series...

Страница 320: ...e host that will receive the trap community Notification Host IP IPv6 Set the IPv6 address of the host that will receive the trap community Trap Timeout The default setting is 10 seconds Enable SNMPV3 Agent Check it to enable this function USM User USM means user based security mode Type a username which will be used for authentication The maximum length of the text is limited to 23 characters Aut...

Страница 321: ...Pv4 and IPv6 protocols are different VI 1 10 1 IPv4 Management Setup VI 1 10 1 IPv4 Management Setup Available settings are explained as follows Item Description Router Name Type in the router name provided by ISP Default Disable Auto Logout If it is enabled the function of auto logout for web user interface will be disabled The web user interface will be open until you click the Logout icon manua...

Страница 322: ...ck to specify user defined port numbers for the Telnet HTTP HTTPS FTP TR 069 and SSH servers Default Ports Check to use standard port numbers for the Telnet and HTTP servers TLS SSL Encryption Setup Enable SSL 3 0 1 0 1 1 1 2 Check the box to enable the function of SSL 3 0 1 0 1 1 1 2 if required Due to security consideration the built in HTTPS and SSL VPN server of the router had upgraded to TLS1...

Страница 323: ...box es to specify Enable PING from the Internet Check the checkbox to enable all PING packets from the Internet For security issue this function is disabled by default Access List from the Inernet You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed Index in IP Object Type the index number ...

Страница 324: ...ers provided by the system which allow you to manage the router from LAN interface Check the box es to specify Apply To Subnet Check the LAN interface for the administrator to use for accessing into web user interface of Vigor router Index in IP Object Type the index number of the IP object profile Related IP address will appear automatically After finished the above settings click OK to save the ...

Страница 325: ...own private key The self signed certificate will be applied in SSL VPN HTTPS and so on In addition it can be created for free by using a wide variety of tools Click Regeneration to open Regenerate Self Signed Certificate window Type in all the information that the window request such as certifcate name used for identifying different certificate subject alternative name type and relational settings...

Страница 326: ...Vigor2762 Series User s Guide 316 ...

Страница 327: ...r that you have set in that web page If you want to reboot the router using the current configuration check Using current configuration and click Reboot Now To reset the router settings to default values check Using factory default configuration and click Reboot Now The router will take 5 seconds to reboot the system Info When the system pops up Reboot System web page after you configure web setti...

Страница 328: ...e Utility Choose the right firmware by clicking Select Then click Upgrade The system will upgrade the firmware of the router automatically Click OK The following screen will appear Please execute the firmware upgrade utility first VI 1 14 Modem Code Upgrade VI 1 14 Modem Code Upgrade This function is used to upgrade modem code if you find built in modem code is not suitable for Vigor router Contac...

Страница 329: ...open the following page for accessing http myvigor draytek com Available settings are explained as follows Item Description Activate via Interface Choose WAN interface used by such device for activating Web Content Filter Activate The Activate link brings you accessing into www vigorpro com to finish the activation of the account and the router Authentication Message As for authentication informat...

Страница 330: ...Vigor2762 Series User s Guide 320 ...

Страница 331: ...always keep the parameter as original This document will demonstrate how to keep the admin123 as admin password via ACS SI Keep Profile Setup on VigorACS SI Keep Profile Setup on VigorACS SI 1 Setup the parameter in KeepProfile Setting Go to Provision page Click Provision Setting KeepProfile Setting From Network View select the device which network administrator want to keep the setting Click on d...

Страница 332: ...ameterLog and we could see there s one log says that parameter has been applied Verifying Verifying 1 Go to the CPE router login with the password admin123 set in KeepProfile Setting and it could login successfully 2 Try to modify the admin password to 123 then check whether ACS server will detect the changes and keep the original setting Vigor2762 Series User s Guide 322 ...

Страница 333: ... will find ACS has detected the parameter difference but assigned the original value again 4 Go back to login the router type 123 as password we will find the password is incorrect which means ACS has kept the password as admin123 Vigor2762 Series User s Guide 323 ...

Страница 334: ...tive applications mentioned above might be the ones to drop off How this will affect application performance There are two components within Primary configuration of QoS deployment Classification Identifying low latency or crucial applications and marking them for high priority service level enforcement throughout the network Scheduling Based on classification of service level to assign packets to...

Страница 335: ...ch node may take different attitude toward packets with high priority marking since it may bind with the business deal of SLA among different DS domain owners It s not easy to achieve deterministic and consistent high priority QoS traffic throughout the whole network with merely Vigor router s effort Vigor2762 Series User s Guide 325 ...

Страница 336: ... Sessions Limit to open the web page To activate the function of limit session simply click Enable and set the default session limit Available settings are explained as follows Item Description Session Limit Enable Click this button to activate the function of limit session Disable Click this button to close the function of limit session Vigor2762 Series User s Guide 326 ...

Страница 337: ...ex Add Adds the specific session limitation onto the list above Edit Allows you to edit the settings for the selected limitation Delete Remove the selected settings existing on the limitation list Administration Message Type the words which will be displayed when reaches the maximum number of Internet sessions permitted Default Message Click this button to apply the default message offered by the ...

Страница 338: ...ck this button to activate the function of limit bandwidth IP Routed Subnet Check this box to apply the bandwidth limit to the second subnet specified in LAN General Setup Disable Click this button to close the function of limit bandwidth Default TX limit Define the default speed of the upstream for each computer in LAN Default RX limit Define the default speed of the downstream for each computer ...

Страница 339: ...on onto the list above Edit Allow you to edit the settings for the selected limitation Delete Remove the selected settings existing on the limitation list Allow auto adjustment to assign available Check this box to make the best utilization of available bandwidth Smart Bandwidth Limit Check this box to have the bandwidth limit determined by the system automatically TX limit Define the limitation f...

Страница 340: ...rs Display the bandwidth percentage for each class UDP Bandwidth Control Display the UDP bandwidth control is enabled or not Online Statistics Display an online statistics for quality of service for your reference Setup Allow to configure general QoS setting for WAN interface Class Rule Index Display the class number that you can edit Name Display the name of the class Rule Allow to configure deta...

Страница 341: ...ccess into next for configuration You can configure general setup for the WAN interface edit the Class Rule and edit the Service Type for the Class Rule for your request Online Statistics Online Statistics Display an online statistics for quality of service for your reference This feature is available only when the Quality of Service for WAN interface is enabled Vigor2762 Series User s Guide 331 ...

Страница 342: ... appearing on this page WAN Inbound Bandwidth for WAN2 WAN3 It allows you to set the connecting rate of data input for other WAN For example if your ADSL supports 1M of downstream and 256K upstream please set 1000kbps for this box The default value is 10000kbps WAN Outbound Bandwidth for WAN2 WAN3 It allows you to set the connecting rate of data output for other WAN For example if your ADSL suppor...

Страница 343: ...t calculation of QoS It is suggested to set the bandwidth value for inbound outbound as 80 85 of physical network speed provided by ISP to maximize the QoS performance Edit the Class Rule for QoS Edit the Class Rule for QoS 1 The first three Class 1 to Class 3 class rules can be adjusted for your necessity To add edit or delete the class rule please click the Edit link of that one 2 After you clic...

Страница 344: ...mine the address type for the source address For Single Address you have to fill in Start IP address For Range Address you have to fill in Start IP address and End IP address For Subnet Address you have to fill in Start IP address and Subnet Mask DiffServ CodePoint All the packets of data will be divided with different levels and will be processed according to the level type by the system Please a...

Страница 345: ... edit an existed rule please select the radio button of that one and click Edit to open the rule edit page for modification Edit the Service Type for Class Rule Edit the Service Type for Class Rule 1 To add a new service type edit or delete an existed service type please click the Edit link under Service Type field 2 After you click the Edit link you will see the following page Vigor2762 Series Us...

Страница 346: ...lick Single or Range as the Type If you select Range you have to type in the starting port number and the end porting number on the boxes below Port Number Type in the starting port number and the end porting number here if you choose Range as the type 5 After finishing all the settings here please click OK to save the configuration By the way you can set up to 10 service types If you want to edit...

Страница 347: ...th AF configured in Bandwidth QoS Class automatically VI 2 4 APP QoS VI 2 4 APP QoS The QoS function is used to do bandwidth management for the services with certain IP or port number However there is no effect of bandwidth management on the service such as VNC or PPTV without fixed IP or port number APP QoS employs the function of APP Enforcement to detect the types of software in application lay...

Страница 348: ...ers different types of protocols to fit your request Untraceable The protocol listed below is not easy to be traced by Vigor router Each tab offers different types of protocols to fit your request Select All Click it to select all of the protocols Clear All Click it to de select all of the protocols Apply to all Choose one of the actions from the drop down list It is prepared for applying to all p...

Страница 349: ...the common Internet connection line The advanced bandwidth management technology QoS Quality of Service helps you to well allocate the bandwidth upon your demand of Voice Video or Data transferring Let s see how to get the optimum bandwidth per your request by using DrayTek Vigor router as below Scenario The Internet connection you got from ISP line is 2MB 512Kb There are VoIP telephony network IP...

Страница 350: ...3 In the following page type a name e g VoIP for such class and click Add 4 Check the box of ACT Click Edit to specify the local address Vigor2762 Series User s Guide 340 ...

Страница 351: ... in relational fields Click OK to save the settings and exit the window 6 Click OK again to save the settings 7 The class rule for VoIP has been set Click OK to return to previous page 8 Do the same steps to add class rules for IPTV and Data Email with IP addresses as shown below Vigor2762 Series User s Guide 341 ...

Страница 352: ... set up the bandwidth for different groups among VoIP IPTV and Data Email 10 In the Setup page check the box of Enable the QoS Control Type 30 50 and 15 in the boxes for VoIP IPTV and Data Email respectively Check the box of Enable UDP Bandwidth Control Vigor2762 Series User s Guide 342 ...

Страница 353: ...11 Click OK to save the settings The class rules for WAN1 are defined as shown below Vigor2762 Series User s Guide 343 ...

Страница 354: ...rly indicated through simulated signal strength AP Maintenance AP Maintenance Vigor router can execute configuration backup configuration restoration firmware upgrade and remote reboot for the APs managed by the router It is very convenient for the administrator to process maintenance without accessing into the web user interface of the access point Load Balance for AP Load Balance for AP The para...

Страница 355: ...he AP managed by Vigor router will be displayed here IP Address Display the true IP address of the access point SSID Display the SSID configured for the access point s connected to Vigor2762 Ch Display the channel used by the access point STA List Display the number of wireless clients stations connecting to the access point In which 0 64 means that up to 64 clients are allowed to connect to the a...

Страница 356: ... profiles offered to be configured Simply click the index number link to open the modification page Name Display the name of the profile The default profile cannot be renamed Main SSID Display the SSID configured by such wireless profile Security Display the security mode selected by such wireless profile Multi SSID Enable means multiple SSIDs more than one are active Disable means only SSID1 is a...

Страница 357: ... Click it to apply the selected wireless profile to the specified Access Point Simply choose the device you want from Existing Device field Click to move the device to Selected Device field Then click OK The selected WLAN profile will be applied to the selected access point immediately Later the access point will reboot Vigor2762 Series User s Guide 347 ...

Страница 358: ...wireless LAN profile 1 Select the WLAN profile index number 1 to 5 you want to edit 2 Click the index number link to display the following page Info The function of Auto Provision is available for the default WLAN profile Vigor2762 Series User s Guide 348 ...

Страница 359: ...3 After finished the general settings configuration click Next to open the following page for 2 4G wireless security settings Vigor2762 Series User s Guide 349 ...

Страница 360: ...Next to open the following page for 5G wireless security settings 5 When you finished the above web page configuration click Finish to exit and return to the first page The modified WLAN profile will be shown on the web page Vigor2762 Series User s Guide 350 ...

Страница 361: ...rmware Upgrade Remote Reboot can be performed to more than one AP at one time by using Vigor2862 Available settings are explained as follows Item Description Action There are four actions provided by Vigor router to manage the access points Vigor router can backup the configuration of the selected AP restore the configuration for the selected AP perform the firmware upgrade of the selected AP rebo...

Страница 362: ...re please click OK to perform the action VI 3 4 Traffic Graph VI 3 4 Traffic Graph Click Traffic Graph to open the web page Choose one of the managed Access Points LAN A or LAN B daily or weekly for viewing data transmission chart Click Refresh to renew the graph at any time The horizontal axis represents time the vertical axis represents the transmission rate in kbps Info Enabling Disabling such ...

Страница 363: ...owed number for the station connecting to the access point The purpose is to prevent lots of stations connecting to access point at the same time and causing traffic unbalanced Please define the required station number for WLAN 2 4GHz and WLAN 5GHz separately By Traffic The operation of load balance will executed according to the traffic configuration in this page By Station Number or Traffic The ...

Страница 364: ...mit of station number or limit of network traffic it will terminate the network connection of the client s station which is idle for a longest time Dissociate existing station by worst signal strength if it is less than When the access point is overload e g reaching the limit of station number or limit of network traffic it will terminate the network connection of the client s station with the wea...

Страница 365: ...VI 3 6 Function Support List VI 3 6 Function Support List List the AP management functions that the Access Points support under different firmware versions Vigor2762 Series User s Guide 355 ...

Страница 366: ...on and others These pre defined objects can be applied in CSM USB device connected on Vigor router can be regarded as a server or WAN interface By way of Vigor router clients on LAN can access write and read data stored in USB storage disk with different applications Vigor2762 Series User s Guide 356 ...

Страница 367: ...Ps in a range and service ports in a limited range usually will be applied in configuring router s settings therefore we can define them with objects and bind them with groups for using conveniently Later we can select that object group for applying it For example all the IPs in the same department can be defined with an IP object a range of IP address You can set up to 192 sets of IP Objects with...

Страница 368: ... more time in bulk creating IP objects a quick method is offered by Vigor router to modify the IP objects with a single file a CSV file All of the IP objects or the template can be exported as a file by clicking Download Then the user can open the CSV file through Microsoft Excel and modify all the IP objects at the same time Backup the current IP Objects with a CSV file Click it to backup current...

Страница 369: ...r interface For example the Direction setting in Edit Filter Rule will ask you specify IP or IP range for WAN or LAN RT VPN or any IP address If you choose LAN RT VPN as the Interface here and choose LAN RT VPN as the direction setting in Edit Filter Rule then all the IP addresses specified with LAN DMZ RT VPN interface will be opened for you to choose in Edit Filter Rule page Address Type Determi...

Страница 370: ...he Range Address type is selected Subnet Mask Type the subnet mask if the Subnet Address type is selected Invert Selection If it is checked all the IP addresses except the ones listed above will be applied later while it is chosen 3 After finishing all the settings here please click OK to save the configuration Below is an example of IP objects settings Vigor2762 Series User s Guide 360 ...

Страница 371: ...ption Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows Vigor2762 Series User s Guide 361 ...

Страница 372: ...ll be shown in this box Selected IP Objects Click button to add the selected IP objects in this box 3 After finishing all the settings here please click OK to save the configuration VII 1 3 IPv6 Object VII 1 3 IPv6 Object You can set up to 64 sets of IPv6 Objects with different conditions Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index D...

Страница 373: ...ess if this object contains any IPv6 address Select Mac Address if this object contains Mac address Match Type Specify which type 128 Bits or 64 Bits of address fomat for IPv6 protocol will be used for comparison The length of IPv6 address is composed by prefix and suffix interface ID 128 Bits When it is selected Vigor router will make the completed comparison for IPv6 protocol based on prefix and...

Страница 374: ...6 Group VII 1 4 IPv6 Group This page allows you to bind several IPv6 objects into one IPv6 group Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for...

Страница 375: ...ace chosen above will be shown in this box Selected IPv6 Objects Click button to add the selected IPv6 objects in this box 3 After finishing all the settings please click OK to save the configuration VII 1 5 Service Type Object VII 1 5 Service Type Object You can set up to 96 sets of Service Type Objects with different conditions Available settings are explained as follows Vigor2762 Series User s ...

Страница 376: ...tion Port Source Port and the Destination Port columns are available for TCP UDP protocol It can be ignored for other protocols The filter rule will filter out any port number when the first and last value are the same it indicates one port when the first and last values are different it indicates a range for the port and available for this profile when the first and last value are the same it ind...

Страница 377: ...vice Type Group This page allows you to bind several service types into one group Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile Vigor2762 Series User s Guide 367 ...

Страница 378: ... Description Name Type a name for this profile Maximum 15 characters are allowed Available Service Type Objects All the available service objects that you have added on Objects Setting Service Type Object will be shown in this box Selected Service Type Objects Click button to add the selected IP objects in this box 3 After finishing all the settings please click OK to save the configuration Vigor2...

Страница 379: ...ng as black white list in CSM URL Web Content Filter Profile Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the object profile Vigor2762 Series User s Guide 369 ...

Страница 380: ...cription Name Type a name for this profile e g game Maximum 15 characters are allowed Contents Type the content for such profile For example type gambling as Contents When you browse the webpage the page with gambling information will be watched out and be passed blocked based on the configuration on Firewall settings 3 After finishing all the settings please click OK to save the configuration Vig...

Страница 381: ... Available settings are explained as follows Item Description Set to Factory Default Clear all profiles Index Display the profile number that you can configure Name Display the name of the group profile To set a new profile please do the steps listed below 1 Click the number e g 1 under Index column for configuration in details 2 The configuration page will be shown as follows Vigor2762 Series Use...

Страница 382: ...in this box 3 After finishing all the settings please click OK to save the configuration VII 1 9 File Extension Object VII 1 9 File Extension Object This page allows you to set eight profiles which will be applied in CSM URL Content Filter All the files with the extension names specified in these profiles will be processed according to the chosen action Available settings are explained as follows ...

Страница 383: ...e shown as follows Available settings are explained as follows Item Description Profile Name Type a name for this profile The maximum length of the name you can set is 7 characters 3 Type a name for such profile and check all the items of file extension that will be processed in the router Finally click OK to save this profile Vigor2762 Series User s Guide 373 ...

Страница 384: ...ttings and return to factory default settings Index Display the profile number that you can configure Profile Display the name for such SMS profile SMS Provider Display the service provider which offers SMS service To set a new profile please do the steps listed below 1 Click the SMS Provider tab and click the number e g 1 under Index column for configuration in details 2 The configuration page wi...

Страница 385: ... set is 31 characters Password Type a password that the sender can use to register to selected SMS provider The maximum length of the password you can set is 31 characters Quota Type the number of the credit that you purchase from the service provider chosen above Note that one credit equals to one SMS text message on the standard route Sending Interval To avoid quota being exhausted soon type tim...

Страница 386: ...e fixed You can click the number e g 9 under Index column for configuration in details Available settings are explained as follows Item Description Profile Name Display the name of this profile It cannot be modified Service Provider Type the website of the service provider Type the URL string in the box under the filed of Service Provider You have to contact your SMS provider to obtain the exact U...

Страница 387: ...hortest time interval for the system to send SMS After finishing all the settings here please click OK to save the configuration Mail Service Object Mail Service Object This page allows you to set ten profiles which will be applied in Application SMS Mail Alert Service Each item is explained as follows Item Description Set to Factory Default Clear all of the settings and return to factory default ...

Страница 388: ...s https as the transmission method Authentication The mail server must be authenticated with the correct username and password to have the right of sending message out Check the box to enable the function Username Type a name for authentication The maximum length of the name you can set is 31 characters Password Type a password for authentication The maximum length of the password you can set is 3...

Страница 389: ... a name for such notification profile The maximum length of the name you can set is 15 characters Category Display the types that will be monitored Status Display the status for the category You can check the box you want to be monitored 3 After finishing all the settings here please click OK to save the configuration VII 1 12 String Object VII 1 12 String Object This page allows you to set severa...

Страница 390: ... OK A new profile e g index 1 with the defined string will be shown on the web page In general there is no limit in the number of string profiles created Each page can display 10 20 30 40 or 50 profiles Vigor2762 Series User s Guide 380 ...

Страница 391: ... objects first Open Object Settings SMS Mail Server Object to get the following page Index 1 to Index 8 allows you to choose the built in SMS service provider If the SMS service provider is not on the list you can configure Index 9 and Index 10 to add the new service provider to Vigor router 3 Choose any index number e g Index 1 in this case to configure the SMS Provider setting In the following p...

Страница 392: ...ngs Notification Object to configure the event conditions of the notification 6 Choose any index number e g Index 1 in this case to configure conditions for sending the SMS In the following page type the name of the profile and check the Disconnected and Reconnected boxes for WAN to work in concert with the topic of this paper Vigor2762 Series User s Guide 382 ...

Страница 393: ...fy Profile specify the time of sending SMS Then type the phone number in the field of Recipient the one who will receive the SMS 9 Click OK to save the settings Later if one of the WAN connections fails in your router the system will send out SMS to the phone number specified If the router has only one WAN interface the system will send out SMS to the phone number while reconnecting the WAN interf...

Страница 394: ...ex numbers 9 or 10 allowing you to customize the SMS Provider In the web page type the URL string of the SMS provider and type the username and password After clicking OK the new added SMS provider will be added and will be available for you to specify for sending SMS out Vigor2762 Series User s Guide 384 ...

Страница 395: ...dels of the modems supported by Vigor router can be seen from USB Application Modem Support List For network connection via USB modem refer to WAN Internet Access and WAN General Setup for detailed information Web User Interface Web User Interface VII 2 1 USB General Settings VII 2 1 USB General Settings This page will determine the number of concurrent FTP connection default charset for FTP serve...

Страница 396: ...o the SMB server of the router LAN And WAN Both LAN and WAN users can access SMB server of the router NetBios Name Service For the NetBios service of USB storage disk you have to specify a workgroup name and a host name A workgroup name must not be the same as the host name The workgroup name can have as many as 15 characters and the host name can have as many as 23 characters Both them cannot con...

Страница 397: ...m Description FTP SMB User Enable Click this button to activate this profile account for FTP service or SMB file sharing service Later the user can use the username specified in this page to login into FTP server Disable Click this button to disable such profile Username Type the username for FTP SMB users for accessing into FTP server USB storage disk Be aware that users cannot access into USB st...

Страница 398: ... here he she can access into all of the disk folders and files in USB storage disk Note When write protect status for the USB storage disk is ON you cannot type any new folder name in this field Only can be used in such case You can click to open the following dialog to add any new folder which can be specified as the Home Folder Access Rule It determines the authority for such profile Any user wh...

Страница 399: ... USB Device Status This page is to monitor the status for USB device connecting to Vigor router In addition the status of the USB modem or USB printer or USB sensor connecting to Vigor router can be checked from such page If you want to remove the storage disk from USB port in router please click Disconnect USB Disk first And then remove the USB device later Available settings are explained as fol...

Страница 400: ...B Thermometer is now available It complements your installed DrayTek router installations which will help you monitor the server or data communications room environment and notify you if the server room or data communications room is overheating During summer in particular it is important to ensure that your server or data communications equipment are not overheating due to cooling system failures...

Страница 401: ...emperature Unit Choose the display unit of the temperature There are two types for you to choose Alarm Settings Enable Syslog Alarm The temperature log will be recorded on Syslog if it is enabled Upper temperature limit Lower temperature limit Type the upper limit and lower limit for the system to send out temperature alert Vigor2762 Series User s Guide 391 ...

Страница 402: ...ws an example of temperature graph VII 2 6 Modem Support List VII 2 6 Modem Support List Such page provides the information about the brand name and model name of the USB modems which are supported by Vigor router Vigor2762 Series User s Guide 392 ...

Страница 403: ...lient Support List VII 2 6 SMB Client Support List SMB Client Support List provides the test status information for applications with file sharing operated under different platforms Vigor2762 Series User s Guide 393 ...

Страница 404: ...lient Support List VII 2 7 SMB Client Support List SMB Client Support List provides the test status information for applications with file sharing operated under different platforms Vigor2762 Series User s Guide 394 ...

Страница 405: ...he device or write paste files to the devcie it must be done through SMB server or FTP server SMB service is based on the original USB FTP service You will need to setup USB FTP first We would like to give brief instructions on USB FTP setup here 1 Plug the USB device to the USB port on the router Open USB Application USB Device Status Make sure Disk Connected appears on the Connection Status as t...

Страница 406: ...k Enable to enable FTP SMB User account Here we add a new account user1 and assign authorities Read Write and List to it 4 Click OK to save the configuration 5 Make sure the FTP service is running properly Please open a browser and type ftp 192 168 1 1 Use the account user1 to login Vigor2762 Series User s Guide 396 ...

Страница 407: ...e information for FTP server will be shown as below Now users in LAN of Vigor2762 can access into the USB storage device by typing ftp 192 168 1 1 on any browser They can add or remove files directories depending on the Access Rule for FTP account settings in USB Application USB User Management Vigor2762 Series User s Guide 397 ...

Страница 408: ...This page is left blank Vigor2762 Series User s Guide 398 ...

Страница 409: ...oting Part VIII Troubleshooting This part will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the web configuration Vigor2762 Series User s Guide 399 ...

Страница 410: ...ngs are OK or not Backing to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer or DrayTek technical support for advanced help Web User Interface Web User Interface Fisrt take a look at the menu items under Diagnostics Diagnostic Tools provide a useful way to view or diagnose the status of your Vi...

Страница 411: ...plained as follows Item Description Decoded Format It shows the source IP address local destination IP remote address the protocol and length of the package Refresh Click it to reload the page Vigor2762 Series User s Guide 401 ...

Страница 412: ...ble VIII 1 2 Routing Table Click Diagnostics and click Routing Table to open the web page Available settings are explained as follows Item Description Refresh Click it to reload the page Vigor2762 Series User s Guide 402 ...

Страница 413: ...n IP address Available settings are explained as follows Item Description Refresh Click it to reload the page VIII 1 4 IPv6 Neighbour Table VIII 1 4 IPv6 Neighbour Table The table shows a mapping between an Ethernet hardware address MAC Address and an IPv6 address This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click IPv6 Neighbour ...

Страница 414: ... explained as follows Item Description Index It displays the connection item number IP Address It displays the IP address assigned by this router for specified PC MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it Leased Time It displays the leased time of the specified PC HOST ID It displays the host ID name of the specified PC Refresh Click it to re...

Страница 415: ...ss and port of local PC Pseudo Port It indicates the temporary port of the router used for NAT Peer IP Port It indicates the destination IP address and port of remote host Interface It displays the representing number for different interface Refresh Click it to reload the page Vigor2762 Series User s Guide 405 ...

Страница 416: ...ble Available settings are explained as follows Item Description Clear Click this link to remove the result on the window Refresh Click it to reload the page When an entry s TTL is larger than Check the box the type the value of TTL time to live for each entry Click OK to enable such function It means when the TTL value of each DNS query reaches the threshold of the value specified here the corres...

Страница 417: ...ge or Available settings are explained as follows Item Description IPV4 IPV6 Choose the interface for such function Ping through Use the drop down list to choose the WAN interface that you want to ping through or choose Unspecified to be determined by the router automatically Vigor2762 Series User s Guide 407 ...

Страница 418: ...nitor VIII 1 9 Data Flow Monitor This page displays the running procedure for the IP address monitored and refreshes the data in an interval of several seconds The IP address listed here is configured in Bandwidth Management You have to enable IP bandwidth limit and IP session limit before invoking Data Flow Monitor If not a notification dialog box will appear to remind you enabling it Click Diagn...

Страница 419: ...s page manually Index Display the number of the data flow IP Address Display the IP address of the monitored device TX rate kbps Display the transmission speed of the monitored device RX rate kbps Display the receiving speed of the monitored device Sessions Display the session number that you specified in Limit Session web page Action Block can prevent specified PC accessing into Internet within 5...

Страница 420: ...peed Current means current transmission rate and receiving rate for WAN interface Peak means the highest peak value detected by the router in data transmission Speed means line speed specified in WAN General Setup If you do not specify any rate at that page here will display Auto for instead Vigor2762 Series User s Guide 410 ...

Страница 421: ...ed and transmitted data of WAN Click Refresh to renew the graph at any time The horizontal axis represents time Yet the vertical axis has different meanings For WAN1 WAN2 WAN3 Bandwidth chart the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past For Sessions chart the numbers displayed on vertical axis represent the numbers of the NAT sess...

Страница 422: ...ply type the IP address of the host in the box and click Run The result of route trace will be shown on the screen or Available settings are explained as follows Item Description IPv4 IPv6 Click one of them to display corresponding information for it Trace through Use the drop down list to choose the interface that you want to ping through Vigor2762 Series User s Guide 412 ...

Страница 423: ... the display mode you want Later the event of Syslog with specified type will be shown for your reference Available settings are explained as follows Item Description Enable Web Syslog Check this box to enable the function of Web Syslog Syslog Type Use the drop down list to specify a type of Syslog to be displayed Export Click this link to save the data as a file Refresh Click this link to refresh...

Страница 424: ...IPv6 TSPC Status VIII 1 13 IPv6 TSPC Status IPv6 TSPC status web page could help you to diagnose the connection status of TSPC If TSPC has configured properly the router will display the following page when the user connects to tunnel broker successfully Available settings are explained as follows Item Description Refresh Click this link to refresh this page manually VIII 1 14 DSL Status VIII 1 14...

Страница 425: ...rk environment to find out if there is any abnormal connection Information of IP traced and destination port used for SYN Flood UDP Flood and ICMP Flood attacks will be detected and shown respectively on different pages Moreover IP address detected and suspected to attack the network system can be blocked shortly by clicking the Block button shown on pages of SYN Flood UDP Flood and ICMP Flood Vig...

Страница 426: ...Info The icon means there is something wrong e g attacking the system with that IP address Vigor2762 Series User s Guide 416 ...

Страница 427: ...ed forever Available settings are explained as follows Item Description Blocking IP Type the IP address in this field and click add It will be added to the IP List and appear in the right frame IP list in the right frame will be blocked by Vigor system permanatly Remove It is used to remove selected IP address from the Blocking IP List Refresh Click this link to refresh current page Vigor2762 Seri...

Страница 428: ...in a specified file will be sent by a route policy Packet Information Specify the nature of the packets to be analyzed by Vigor router ICMP UDP TCP ANY Specify a protocol for diagnosis Src IP Type an IP address as the source IP Dst IP Type an IP address as the destination IP Dst Port Use the drop down list to specify the destination port Analyze Click it to perform the job of analyzing The analyze...

Страница 429: ... will be shown on the page If required click export analysis to export the result as a file Note that the analysis was based on the current load balance route policy settings we do not guarantee it will be 100 the same as the real case Vigor2762 Series User s Guide 419 ...

Страница 430: ...LAN LAN cable connections Refer to I 2 Hardware Installation for details 2 Turn on the router Make sure the ACT LED blink once per second and the correspondent LAN LED is bright 3 If not it means that there is something wrong with the hardware status Simply back to I 2 Hardware Installation to execute the hardware installation again And then try again Vigor2762 Series User s Guide 420 ...

Страница 431: ...elow to make sure the network connection settings is OK For Windows For Windows Info The example is based on Windows 7 As to the examples for other operation systems please refer to the similar steps or find support notes in www DrayTek com 1 Open All Programs Getting Started Control Panel Click Network and Sharing Center 2 In the following window click Change adapter settings 3 Icons of network c...

Страница 432: ...elect Internet Protocol Version 4 TCP IP and then click Properties 5 Select Obtain an IP address automatically and Obtain DNS server address automatically Finally click OK Vigor2762 Series User s Guide 422 ...

Страница 433: ... Double click on the current used Mac OS on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 Vigor2762 Series User s Guide 423 ...

Страница 434: ...ndows 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista 7 8 The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address setting of your computer For Mac For Mac ...

Страница 435: ...Vigor2762 Series User s Guide 425 ...

Страница 436: ...re on or not If not please install an additional switch for connecting both Vigor router and the modem offered by ISP Then check if the LEDs on Vigor router are on or not If the problem of LEDs cannot be solved by the above measures please contact with the nearest reseller or send an e mail to DrayTek FAE for technical support Check if the settings offered by ISP are configured well or not When th...

Страница 437: ...t work Check the PIN Code of SIM card is disabled or not Please use the utility of 3G 4G USB Modem to disable PIN code and try again If it still fails it might be the compliance problem of system Please open DrayTek Syslog Tool to capture the connection information WAN Log and send the page similar to the following graphic to the service center of DrayTek Transmission Rate is not fast enough Trans...

Страница 438: ...all settings you did before Make sure you have recorded all useful settings before you pressing The password of factory default is null Software Reset Software Reset You can reset the router to factory default via Web page Such function is available in Admin Mode only Go to System Maintenance and choose Reboot System on the web page The following screen will appear Choose Using factory default con...

Страница 439: ...hold for more than 5 seconds When you see the ACT LED blinks rapidly please release the button Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request Vigor2762 Series User s Guide 429 ...

Страница 440: ...nt can arrange repair or service if then deemed necessary The standard Vigor 2762 series warranty is Return to base RTB unless you have VigorCare which provides enhanced services see www draytek co uk vigorcare You should keep your proof of purchase original invoice safely in case warranty or other service is ever required VIII 8 VIII 8 2 Additional Feature Setup 2 Additional Feature Setup The onl...

Страница 441: ...oute of the packets sent out of the router can be traced VIII 8 VIII 8 5 Security Router Best Practice 5 Security Router Best Practice Your router is the gateway to an entire business network and data Even the best security equipment requires correct usage in order to ensure that its features are effective There are many simple practices that every router user should adopt to help reduce the risk ...

Страница 442: ...en two or more Ethernet switches Thus VLAN is suitable for some circumstances for example the rental apartment SOHO office and so on These clients may need two or three isolated networks only and setup a network in a simple way Tag based Tag based The idea of tag based VLAN is to identify a virtual LAN with a specific ID therefore VLAN ID introduced by tag based VLAN Through VLAN ID ports with dif...

Страница 443: ... forwarding the packets to another switch Bridge mode of WAN P1 and P2 are doing NAT flow to access to the internet but P3 and P4 will forward the packets between WAN and LAN ports directly Web User Interface Web User Interface So far there are two kinds of open system on Vigor router One is DrayOS which is DrayTek owned and another is Linux like which customized by DrayTek from OpenWRT Here DrayO...

Страница 444: ...Vigor2762 Series User s Guide 434 ...

Страница 445: ...LAN VLAN applications on Vigor router VLAN applications on Vigor router Multi Subnet VLAN of LAN Vigor2762 Series User s Guide 435 ...

Страница 446: ...he traffics of the LAN port or SSID that are NOT being grouped in the same VLAN are unable to forward to each other The benefit of Port based is able to extend the wired ports by installing a cheaper dumb switch as many as you need but Tag based offers you a flexible and well managed network The networks are isolated secured and reduce the broadcasting storm effectively in each of networks with VL...

Страница 447: ... network due to the security considerations it can be done by above settings However a switch support VLAN function is need if VLAN Tag enabled Triple Play Multi WAN NAT mode with VLAN Following settings the set top box STB is able to attach with any LAN port Video streaming which your ISP provided will be played on your monitor Vigor2762 Series User s Guide 437 ...

Страница 448: ...Vigor2762 Series User s Guide 438 ...

Страница 449: ...B or the other kinds of media devices are able to attach with Port4 or Port5 of LAN Those devices that attached with Port4 or Port5 are able to access the services network directly which your ISP provided Vigor2762 Series User s Guide 439 ...

Страница 450: ...Part IX DrayTek Tools Part IX DrayTek Tools Vigor2762 Series User s Guide 440 ...

Страница 451: ...n With SSL VPN embedded on Vigor routers teleworkers can have convenient and simple access to central site VPN The teleworkers do not need to install any VPN software manually From regular web browser you can establish VPN connection back to your main office even in a guest network or web cafe DrayTek provided free SmartVPN for Windows based users to easily establish VPN tunnels There were million...

Страница 452: ...droid is now available on Google play This document demonstrates how to use the APP to establish a SSL VPN tunnel 1 On VPN server create a SSL user account Please refer to How to Set up SSL VPN on www draytek com for detailed instructions 2 Download the APP from Google play and run the APP 3 Click to add a new profile Vigor2762 Series User s Guide 442 ...

Страница 453: ...Tap SAVE to save the profile or to cancel Info Installation of relevant Root CA is required to enable server certificate authentication If you check Use default gateway on remote network all the traffic of this smart device will be forwarded to the remote gateway 5 Tap the profile bar to establish SSL VPN tunnel 6 Enter Username and Password then tap Dial Vigor2762 Series User s Guide 443 ...

Страница 454: ...7 When the tunnel is up the profile will turn green Tap the bar again will disconnect the tunnel 8 Tap the pencil icon to edit or remove the profile Vigor2762 Series User s Guide 444 ...

Страница 455: ...This page is left blank Vigor2762 Series User s Guide 445 ...

Страница 456: ...Part X Telnet Commands Part X Telnet Commands Vigor2762 Series User s Guide 446 ...

Страница 457: ...turned on under Control Panel Programs Type cmd and press Enter The Telnet terminal will be open later In the following window type Telnet 192 168 1 1 as below and press Enter Note that the IP address in the example is the default address of the router If you have changed the default enter the current IP address of the router Next type admin admin for Account Password Then type You will see a list...

Страница 458: ...Windows system e g 2000 XP simply click Start Run and type Telnet 192 168 1 1 in the Open box as below Next type admin admin for Account Password And type to get a list of valid common commands Vigor2762 Series User s Guide 448 ...

Страница 459: ...o display current status of ADSL setting Syntax Syntax adsl status Example Example adsl status ATU R Info hw annex A f w annex A Running Mode State TRAINING DS Actual Rate 0 bps US Actual Rate 0 bps DS Attainable Rate 0 bps US Attainable Rate 0 bps DS Path Mode Fast US Path Mode Fast DS Interleave Depth 0 US Interleave Depth 0 NE Current Attenuation 0 dB Cur SNR Margin 0 dB DS actual PSD 0 0 dB US...

Страница 460: ...idge 5 VCMUX_Route 6 IPoE Proto It means the protocol used to connect Internet Different numbers represent different protocols 0 PPPoA 1 PPPoE 2 MPoA Modu 0 T1 413 2 G dmt 4 Multi 5 ADSL2 7 ADSL2_AnnexM 8 ADSL2 14 ADSL2 _AnnexM acqIP It means the way to acquire IP address Type the number to determine the IP address by specifying or assigned dynamically by DHCP server 0 fix_ip 1 dhcp_client PPPoE P...

Страница 461: ... 0 Channel 1 to 7 Channel 8 status It means to shown the whole bridge status save It means to save the configuration to flash enable It means to enable the Multi VLAN function disable It means to disable the Multi VLAN function on off It means to turn on off bridge mode for the specific channel clear It means to turn off and clear all the PVC settings tag tag_no No tag 1 Available number for tag 0...

Страница 462: ...t power of data transmission Please follow the steps below to set adsl drivermode 1 Please connect dsl line to the DSLAM 2 Waiting for dsl SHOWTIME 3 Drop the dsl line 4 Now it is on continuous sending mode and adsl2 2 led is always ON 5 Use adsl reboot to restart dsl to normal mode Telnet Command Telnet Command adsl reboot adsl reboot This command can wake up the idle router Example Example adsl ...

Страница 463: ...C level chklink Check the DSL connection Log_on log_off Enable or disable the OAM log for debug Example Example adsl oamlb chklink on OAM checking dsl link is ON adsl oamlb F5 4 Tx cnt 0 Rx Cnt 0 Telnet Command Telnet Command adsl vcilimit adsl vcilimit This command can cancel the limit for vci value Some ISP might set the vci value under 32 In such case we can cancel such limit manually by using ...

Страница 464: ...efault settings plus the new added ADSL mode default Use default settings show Display current setting adsl_mode There are three modes to be choose ANNEXL ANNEXM and ANNEXJ Example Example Vigor adsl automode set ANNEXJ Automode supported T1 413 G DMT ADSL2 ADSL2 ANNEXJ Vigor adsl automode default Automode supported T1 413 G DMT ADSL2 ADSL2 Telnet Command Telnet Command adsl showbins adsl showbins...

Страница 465: ...eatures back to default settings us ds bi us means upstream ds means downstream bi means bidirection value The values for different functions change slightly bitswap 0 2 sra 0 2 3 4 on off Type on for enabling such function Type off for disabling such function Functions of aelem and g vector are only on off Example Example adsl optn status trellis US ON DS ON bitswap US 0 DS 0 0 default ON 1 ON 2 ...

Страница 466: ...et Command adsl atm adsl atm This command can set QoS parameter for ATM adsl atm pcr pvc_no PCR max status adsl atm scr pvc_no SCR status adsl atm mbs pvc_no MBS status adsl atm status Syntax Description Syntax Description Parameter Description pvc_no It means pvc number and must be between 0 Channel 1 to 7 Channel 8 PCR It means Peak Cell Rate for upstream The range for the number is 1 to 2539 ma...

Страница 467: ...g 3 5 set done bind pvc3 to pvc5 The above example means PVC3 has been bound to PVC5 adsl pvcbinding 3 1 clear pvc 1 binding The above example means the PVC3 binding group has been removed Telnet Command adsl inventory Telnet Command adsl inventory This command is used to display information about CO or CPE Syntax Syntax adsl inventory co cpe Syntax Description Syntax Description Parameter Descrip...

Страница 468: ... Description Syntax Description Parameter Description m Available settings are 1 and 2 a enable 1 0 to enable disable this entry n UserName contact UserName max 24 characters p PassWord contact PassWord max 24 characters s select It means to specify an IP address for Server 0 no selection 1 NSW 61 9 192 13 2 QLD 61 9 208 13 3 VIC 61 9 128 13 4 SA 61 9 224 13 5 WA 61 9 240 13 l List List all settin...

Страница 469: ...hers in APP Enforcement Profile Syntax Syntax csm appe set i INDEX v GROUP e AP_IDX d AP_IDX a AP_IDX ACTION Syntax Description Syntax Description Parameter Description INDEX Specify the index number of CSM profile from 1 to 32 v View the IM P2P Protocol and Others configuration of the CSM profile e Enable to block specific application d Disable to block specific application a Set the action of sp...

Страница 470: ...ration status of Others group Example Example csm appe show t Type Index Name Version Advance Advanced Option M essage F ile Transfer G ame C onference and O ther Activities PROTOCOL 52 DB2 PROTOCOL 53 DNS PROTOCOL 54 FTP PROTOCOL 55 HTTP 1 1 PROTOCOL 56 IMAP 4 1 PROTOCOL 57 IMAP STARTTLS 4 1 PROTOCOL 58 IRC 2 4 0 Telnet Command Telnet Command csm appe csm appe config config It is used to display ...

Страница 471: ...APPs Telnet Command Telnet Command csm appe csm appe interface interface It is used to configure APPE signature download interface Syntax Syntax csm appe interface AUTO WAN Syntax Description Syntax Description Parameter Parameter Description Description AUTO Vigor router specifies WAN interface automatically WAN Specify the WAN interface for signature downloading Example Example csm appe interfac...

Страница 472: ...Parameter Description Description show Display all of the profiles setdefault Return to default settings for all of the profile msg MSG Set the administration message MSG means the content less than 255 characters of the message itself obj Specify the object for the profile INDEX Specify the index number of CSM profile from 1 to 8 n Set the profile name PROFILE_NAME Specify the name of the profile...

Страница 473: ...NDEX uac a P B csm ucf obj INDEX uac i E D csm ucf obj INDEX uac o KEY_WORD_Object_Index csm ucf obj INDEX uac g KEY_WORD_Group_Index Syntax Description Syntax Description Parameter Description INDEX Specify the index number of CSM profile from 1 to 8 v View the protocol configuration of the CSM profile e Enable the function of URL Access Control d Disable the function of URL Access Control a Set ...

Страница 474: ...rofile Name game Log none Priority Select Bundle Pass Enable URL Access Control Action pass v Prevent web access from IP address No Obj NO Object Name No Grp NO Group Name csm ucf obj 1 uac a B Profile Index 1 Profile Name game Log none Priority Select Bundle Pass Enable URL Access Control Action block v Prevent web access from IP address No Obj NO Object Name No Grp NO Group Name Vigor2762 Series...

Страница 475: ... the restriction of web feature a Set the action of web feature P or B B Block The web access meets the web feature will be blocked P Pass The web access meets the web feature will be passed s Enable the the Web Feature configuration Features available for configuration are c Cookie p Proxy u Upload u Cancel the web feature configuration f Set the file extension object index number File_Extension_...

Страница 476: ...the web content filter profiles Look Display the license information of WCF Cache Set the cache level for the profile Server WCF_SERVER Set web content filter server Msg MSG Set the administration message MSG means the content less than 255 characters of the message itself setdefault Return to default settings for all of the profile obj Specify the object profile INDEX Specify the index number of ...

Страница 477: ...t Weapons Violence School Cheating Sex Education Tasteless Child Abuse Imges Entertainment Games Sports Travel Leisure Recreation Fashin Beauty Business Job Search Web based Emai Chat Instant Messaging Anonymizers Forums Newsgroups Computers Technology Download Sites Streaming Media Downloads Phishing Fraud Search Engines Portals Social Networking Spam Sites Malware Botnets Hacking Illegal Softwar...

Страница 478: ...ages leisure Group Entertainment Games Sports Travel Leisure Recreation Fashion Beauty Telnet Command Telnet Command csm dnsf csm dnsf It means to configure the settings regarding to DNS filter csm dnsf enable ON OFF csm dnsf syslog N P B A csm dnsf service WCF_PROFILE csm dnsf service_ucf UCF_PROFILE csm dnsf time CACHE_TIME csm dnsf blockpage show on off csm dnsf profile_show csm dnsf profile_ed...

Страница 479: ...ect port When a web page is blocked by DNS filter the router system will send a message page to describe that the page is not allowed to be visisted ON Enable the function of displaying message page OFF Disable the function of displaying message page SHOW Display the function of displaying message page is ON or OFF profile_show Display the table of the DNS filter profile profile_edit Modify the co...

Страница 480: ... DoS defense system dos V D A dos s ATTACK_F THRESHOLD TIMEOUT dos a e ATTACK_F ATTACK_0 d ATTACK_F ATTACK_0 Syntax Description Syntax Description Parameter Description V View the configuration of DoS defense system D Deactivate the DoS defense system A Activate the DoS defense system s Enable the defense function for a specific attack and set its parameter s ATTACK_F Specify the name of flooding ...

Страница 481: ...WAN interface 1 WAN1 2 WAN2 Default is WAN1 M n M means to set Internet Access Mode Mandatory and n means different modes represented by 0 3 n 0 Offline n 1 PPPoE n 2 Dynamic IP n 3 Static IP n 4 PPTP with Dynamic IP n 5 PPTP with Static IP n 6 L2TP with Dynamic IP n 7 L2TP with Static IP n A 3G 4G USB Modem PPP mode n B 3G 4G USB Modem DHCP mode command parameter The available commands with param...

Страница 482: ...aracters v service name Set PPP mode Service Name max 23 characters m ppp username Set PPP mode PPP Username max 63 characters o ppp password Set PPP mode PPP Password max 62 characters e n Set PPP mode PPP Authentication Type n 0 PAP CHAP default 1 PAP Only q n PPP mode Index 1 15 in Schedule Setup One x n PPP mode Index 1 15 in Schedule Setup Two y n PPP mode Index 1 15 in Schedule Setup Three z...

Страница 483: ...Command ip ip pub pubsubnet subnet This command allows users to enable or disable the IP routing subnet for your router Syntax Syntax ip pubsubnet Enable Disable Syntax Description Syntax Description Parameter Description Enable Enable the function Disable Disable the function Example Example ip 2ndsubnet enable public subnet enabled Telnet Command Telnet Command ip ip pub pubaddr addr This comman...

Страница 484: ...net mask The system will set the one that you specified as the public subnet mask Example Example ip pubmask ip pubmask public subnet mask Now 255 255 255 0 ip pubmask 255 255 0 0 Set public subnet mask done Telnet Command Telnet Command ip aux ip aux This command is used for configuring WAN IP Alias Syntax Syntax ip aux add IP Join to NAT Pool wanX ip aux remove index Syntax Description Syntax De...

Страница 485: ...1 Set IP address OK Info When the LAN IP address is changed the start IP address of DHCP server are still the same To make the IP assignment of the DHCP server being consistent with this new IP address they should be in the same network segment the IP address of the PC must be fixed with the same LAN IP address network segment set by this command for accessing into the web user interface of the ro...

Страница 486: ... it means you have an ARP cache at 0 second Sixty seconds later without any ARP messages received the system will think such ARP cache is expired The system will issue a few ARP request to see if this cache is still valid Syntax Description Syntax Description Parameter Description IP address It means the LAN IP address MAC address It means the MAC address of your router LAN or WAN It indicates the...

Страница 487: ...splay usage l list all custom set DHCP options d delete custom dhcp client option by index number e enable disable option feature 1 enable 0 disable w set WAN number e g 1 WAN1 c set option number 0 255 v set option value by string x set option value by raw byte hex u update by index number release It means to release current WAN IP address renew It means to renew the WAN IP address and obtain ano...

Страница 488: ... from 172 16 3 229 time 0ms Packets Sent 5 Received 5 Lost 0 0 loss Telnet Command Telnet Command ip tracert ip tracert This command allows users to trace the routes from the router to the host ip tracert Host IP address WAN1 WAN2 WAN3 WAN4 WAN5 Udp Icmp Syntax Description Syntax Description Parameter Description IP address The target IP address WAN1 WAN2 It means the WAN port that the above IP ad...

Страница 489: ...tion Parameter Description 0 1 2 0 means disable 1 means LAN1 and 2 means IP Routed Example Example ip rip 1 Set RIP LAN1 Telnet Command Telnet Command ip wanrip ip wanrip This command allows users to set the RIP routing information protocol of WAN IP Syntax Syntax ip wanrip ifno e 0 1 Syntax Description Syntax Description Parameter Description ifno It means the connection interface 1 WAN1 2 WAN2 ...

Страница 490: ...Telnet Command Telnet Command ip route ip route This command allows users to set static route Syntax Syntax ip route add dst netmask gateway ifno rtype ip route del dst netmask rtype ip route status ip route cnc ip route default wan1 wan2 off ip route clean 1 0 Syntax Description Syntax Description Parameter Description add It means to add an IP address as static route del It means to delete speci...

Страница 491: ...f the route settings 1 Enable the function 0 Disable the function Example Example ip route add 172 16 2 0 255 255 255 0 172 16 2 4 3 static ip route status Codes C connected S static R RIP default private C 192 168 9 0 255 255 255 0 is directly connected DMZ C 192 168 1 0 255 255 255 0 is directly connected LAN1 S 172 16 2 0 255 255 255 0 via 172 16 2 4 WAN1 Vigor2762 Series User s Guide 481 ...

Страница 492: ... WAN interface for IGMP service query It means to set IGMP general query interval The default value is 125000 ms ppp 0 No need to set IGMP with PPP header 1 Set IGMP with PPP header status It means to display current status for proxy server Example Example This command is for setting IGMP General Query Interval The default value is 125000 ms Current Setting is 130000 ms ip igmp_proxy set ip igmp_p...

Страница 493: ...2 v3 IGMP query will be sent out to LAN periodically mode hw sw Make IGMP snooping work on software or hardware chkleave on off Off Vigor router will drop LEAVE if clients still on the same group separate on off On IGMP packets will be separated by NAT Bridge mode Example Example ip igmp_snoop enable ip igmp snooping enable disable status IGMP Snooping is Enabled Telnet Command Telnet Command ip i...

Страница 494: ...tch switch This command is to enable disable private IP DMZ or Active True IP DMZ for DMZ host Syntax Syntax ip dmzswitch off ip dmzswitch private ip dmaswitch active_trueip Syntax Description Syntax Description Parameter Description off Disable the function of DMZ host private Enable private IP address of the DMZ host Active_trueip Enable active true IP address of the DMZ host Example Example ip ...

Страница 495: ...for p2p status Display the current settings show Display all session limit settings in the IP range timer num Set when the IP session block works The unit is second block unblock IP Block unblock the specified IP address Block The IP cannot access Internet through the router Unblock The specified IP can access Internet through the router add Add the session limits in an IP range del Delete the ses...

Страница 496: ... bandwidth limits settings within the IP range add Add the bandwidth within the IP range del Delete the bandwidth within the IP range IP1 IP2 It means the range of IP address specified for this command tx Set transmission rate for bandwidth limit rx Set receiving rate for bandwidth limit shared It means that the bandwidth will be shared for the IP range Example Example ip bandwidth default 200 800...

Страница 497: ...o network show Display the IP address and MAC address of the pair of binded one add Add one IP bindmac del Delete one IP bindmac IP Type the IP address for binding with specified MAC address MAC Type the MAC address for binding with the IP address specified Comment Type words as a brief description All Delete all the IP bindmac settings Example Example ip bindmac add 192 168 1 46 00 50 7f 22 33 55...

Страница 498: ...Route i value Specify an index number for setting policy route profile Value 1 to 60 1 means to get a free policy index automatically e 0 1 0 Disable the selected policy route profile 1 Enable the selected policy route profile o value Determine the operation of the policy route Value add Create a new policy rotue profile del Remove an existed policy route profile edit Modify an existed policy rout...

Страница 499: ... Indicate the priority of the policy route profile Value Type a number 0 250 The default value is 150 I value Indicate the interface specified for the policy route profile Value Available interfaces include LAN1 LAN8 IP_Routed_Subnet DMZ_Subnet WAN1 WAN5 VPN_PROFILE_1 VPN_PROFILE_100 WAN_1_IP_ALIAS_1 WAN_4_IP_ALIAS_8 g value Indicate the gateway IP address Value The type format shall be xxx xxx xx...

Страница 500: ...g any number t value It means protocol Value Available settings include ICMP TCP UDP and Any Example Example ip policy_rt diagnose s 192 168 1 100 d any p any t ICMP Matched Route Priority No_Match Matched Policy Priority Policy_1 200 Conclusion The packet was dropped because the send to interface of the mat ched policy policy 1 was inactive and there was no failover setting ip policy_rt i 1 o add...

Страница 501: ... ip lanDNSRes i 1 l Idx 1 State Disable Profile test Domain Name Address Mapping Table Not Set Address Mapping Telnet Command Telnet Command ip ip dnsforward dnsforward This command is used to set LAN DNS profile for conditional DNS forwarding ip dnsforward command parameter Syntax Description Syntax Description Parameter Description command parameter The available commands with parameters are lis...

Страница 502: ...N2 iface Syntax Description Syntax Description Parameter Description s It means to add a static ipv6 address d It means to delete an ipv6 address a It means to show current address es status u It means to show only unicast addresses prefix It means to type the prefix number of IPv6 address prefix length It means to type a fixed value as the length of the prefix LAN WAN1 WAN2 iface It means to spec...

Страница 503: ...splayed 0 the parameter related to the request will not be displayed Example Example ip6 dhcp req_opt WAN2 S 1 ip6 dhcp req_opt WAN2 r 1 ip6 dhcp req_opt WAN2 a Interface WAN2 is set to request following DHCPv6 options sip name Telnet Command Telnet Command ip6 dhcp client ip6 dhcp client This command allows you to use DHCPv6 protocol to obtain IPv6 address from server ip6 dhcp client WAN1 WAN2 if...

Страница 504: ...on Parameter Description server It means the dhcp server settings command parameter The available commands with parameters are listed below means that you can type in several commands in one line a It means to show current DHCPv6 status i pool_min_addr It means to set the start IPv6 address of the address pool x pool_max_addr It means to set the end IPv6 address of the address pool d addr It means...

Страница 505: ... minimum address of the pool FF02 1 1st DNS IPv6 Addr FF02 1 Vigor2762 Series User s Guide 495 ...

Страница 506: ...d command parameter The available commands with parameters are listed below means that you can type in several commands in one line For 6rd C n Set 6rd Connection Mode n 0 Auto n 1 Static s server Set 6rd IPv4 Border Relay server IPv4 address m n Set 6rd IPv4 address mask length n 1 to 32 p prefix Set 6rd IPv6 prefix prefix IPv6 address l n Set 6rd IPv6 prefix length n 1 to 64 For 6in4 s server Se...

Страница 507: ...er Set 1st DNS Server IP server IPv6 Address D server Set 2nd DNS Server IP server IPv6 Address t dhcp ra none Set ipv6 PPP WAN test mode for DHCP or RA V View IPv6 Internet Access Profile k Dial the Tunnel on the WAN j Drop the Tunnel on the WAN r n Set Prefix State Machine RA timeout n any value default is 15 unit second c n Set Prefix State Machine DHCPv6 Client timeout n any value default is 1...

Страница 508: ...on Syntax Description Parameter Description s It means to add a neighbour d It means to delete a neighbour a It means to show neighbour status inet6_addr Type an IPv6 address eth_addr Type submask address LAN WAN1 WAN2 Specify an interface for the neighbor Example Example ip6 neigh s 2001 2222 3333 1111 00 50 7F 11 ac 22 WAN2 Neighbour 2001 2222 3333 1111 successfully added ip6 neigh a I F ADDR MA...

Страница 509: ...essfully added Telnet Command Telnet Command ip6 route ip6 route This command allows you to Syntax Syntax ip6 route s prefix prefix length gateway LAN WAN1 WAN2 iface D ip6 route s prefix prefix length gateway LAN1 LAN2 LAN4 WAN1 WAN2 USB1 USB2 VPN1 VPN32 D ip6 route d prefix prefix length ip6 route a LAN1 LAN2 LAN4 WAN1 WAN2 USB1 USB2 VPN1 VPN32 Syntax Description Syntax Description Parameter Des...

Страница 510: ...1 UNREACHABLE 0 Telnet Command Telnet Command ip6 ping ip6 ping This command allows you to pin an IPv6 address or a host Syntax Syntax ip6 ping IPV6 address Host LAN1 LAN2 LAN4 WAN1 WAN2 USB1 USB2 send count data_size 1 1452 Syntax Description Syntax Description Parameter Description IPV6 address Host It means to specify the IPv6 address or host for ping LAN1 LAN2 LAN4 WAN1 WAN2 USB1 USB2 It means...

Страница 511: ... USB1 USB2 It means to specify LAN or WAN interface for such address Example Example ip6 tracert 2001 4860 4860 8888 traceroute to 2001 4860 4860 8888 30 hops max through protocol ICMP 1 2001 5C0 1400 B 10B8 340 ms 2 2001 4DE0 1000 A22 1 330 ms 3 2001 4DE0 A 1 330 ms 4 2001 4DE0 1000 34 1 340 ms 5 2001 7F8 1 A501 5169 1 330 ms 6 2001 4860 1 0 4B3 350 ms 7 2001 4860 8 0 2DAF 330 ms 8 2001 4860 2 0 ...

Страница 512: ...able the RADVD server 0 Disable the RADVD server D 1 0 Enable Disable the RDNSS d lifetime Set the default lifetime for RADVD server i lifetime Set the mininum interval time sec for RADVD server I lifetime Set the maximum interval time sec for RADVD server Lifetime It means to set the lifetime The lifetime associated with the default router in units of seconds It s used to control the lifetime of ...

Страница 513: ...list ip6 mngt list ip6 mngt list add index prefix prefix length remove index flush ip6 mngt status ip6 mngt http telnet ping https ssh on off Syntax Description Syntax Description Parameter Description list It means to show the setting information of the access list status It means to show the status of IPv6 management add It means to add an IPv6 address which can be used to execute management thr...

Страница 514: ...mmand allows you to check the online status of IPv6 LAN WAN ip6 online WAN1 WAN2 USB1 USB2 Syntax Description Syntax Description Parameter Description WAN1 WAN2 USB1 USB2 It means the connection interface Example Example ip6 online WAN1 WAN1 online status IPv6 WAN1 Disabled Default Gateway Interface DOWN UpTime 0 00 00 IPv6 DNS Server Static IPv6 DNS Server Static IPv6 DNS Server Static Tx packets...

Страница 515: ...d v It is used to show the NTP state p 0 1 It is used to specify NTP server for IPv6 0 Auto 1 First Query IPv6 NTP Server Example Example ip6 ntp p 1 Set NTP Priority IPv6 First Telnet Command ip6 lan Telnet Command ip6 lan This command allows you to configure settings for IPv6 LAN Syntax Syntax ip6 lan l n l w d D m o s parameter Syntax Description Syntax Description Parameter Description h It is...

Страница 516: ... bit n WAN n 1 f n Disable IPv6 n 1 Disable IPv6 n 0 Enable IPv6 s n Show IPv6 LAN setting n 0 show all n 1 LAN1 2 LAN2 x LANx 5 DMZ Default is show all Example Example ip6 lan l 2 w 1 d 2001 4860 4860 8888 o 1 f 0 s 2 Set LAN2 Set primary WAN1 Telnet Command Telnet Command ipf view ipf view IPF users to view the version of the IP filter to view set the log flag to view the running IP filter rules...

Страница 517: ... to setup Call Filter e g c 2 The range for the index number you can type is 0 to 12 0 means disable d SET_NO It means to setup Data Filter e g d 3 The range for the index number you can type is 0 to 12 0 means disable l VALUE It means to setup Log Flag e g l 2 Type 0 to disable the log flag Type 1 to display the log of passed packet Type 2 to display the log of blocked packet Type 3 to display th...

Страница 518: ...means to accept large incoming fragmented UDP or ICMP packets E VALUE It means to set the maximum count 0 60000 for session limitation F VALUE It means to configure the load balance policy Q VALUE It means to set the QoS class Example Example ipf set c 1 set call filter start from set 1 Setting saved ipf set d 2 set data filter start from set 2 Setting saved ipf set v Call Filter Enable Start Filt...

Страница 519: ... Available settings range from 1 192 For example s g 3 means the third source IP group profile s u Address Type Start IP Address End IP Address Address Mask It means to configure source IP address including address type start IP address end IP address and address mask u It means user defined Address Type Type the number representing different address type 0 Subnet Address 1 Single Address 2 Any Ad...

Страница 520: ... 3 0 1 2 3 3 Port range of the Start Port Number range is 1 65535 5 Port range of the End Port Number range is 1 65535 destination_port_value 2 Port OP range is 0 3 0 1 2 3 4 Port range of the Start Port Number range is 1 65535 6 Port range of the End Port Number range is 1 65535 F index log flag It means the Filter action you can specify index Available settings contain 0 Pass Immediately 1 Block...

Страница 521: ...g Flag It means to specify which DNS Filter profile will be applied index Available settings range from 0 8 0 means no profile will be applied log flag 0 means disable to save and display in Syslog 1 means enable to save and display in Syslog c 0 20 It means to set code page Different number represents different code page 0 None 1 ANSI 1250 Central Europe 2 ANSI 1251 Cyrillic 3 ANSI 1252 Latin I 4...

Страница 522: ...r Filter Set None Max Sessions Limit 60000 Current Sessions 0 Mac Bind IP Non Strict Qos Class None APP Enforcement None URL Content Filter None WEB Content Filter None DNS Filter None Load Balance policy Auto select Log Enable CodePage ANSI 1252 Latin I Window size 65535 Session timeout 1440 DrayTek Banner Enable Strict Security Checking APP Enforcement Telnet Command Telnet Command ipf flowtrack...

Страница 523: ...lowtrack sessions state ORIGIN 192 168 1 11 59939 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 59939 ifno 3 proto 17 age 93023180 3920 flag 203 ORIGIN 192 168 1 11 15073 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 15073 ifno 3 proto 17 age 93025100 2000 flag 203 ORIGIN 192 168 1 11 7247 8 8 8 8 53 ifno 0 REPLY 8 8 8 8 53 192 168 1 11 7247 ifno 3 proto 17 age 93020100 7000 flag 203 End to sh...

Страница 524: ...WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 Next server IP 0 0 0 0 Relay agent IP 0 0 0 0 25 36 49 580 DHCP WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 Next server IP 0 0 0 0 Relay agent IP 0 0 0 0 25 36 57 580 DHCP WAN 5 Len 548XID 0x7880fdd4 Client IP 0 0 0 0 Your IP 0 0 0 0 MORE q Quit Enter New Lines Space Bar Next Page Telnet Command ldap user Telnet Comman...

Страница 525: ...ple ldap user 1 n LD_user_test1 Profile Name has been updated ldap user 1 v Profile Index 1 Profile Name LD_user_test1 Common Name Identifier Base Distinguished Name Additional Filter Group distinguished Name ldap user 1 b ou People dc example dc com Telnet Command ldap set Telnet Command ldap set This command is used to set general settings e g IP address port number for LDAP server Syntax Syntax...

Страница 526: ...t status of LDAP settings configuration Syntax Syntax ldap view Example Example ldap view LDAP Enable Disabled LDAP Bind Type Simple LDAP with SSL Disabled LDAP Regular DN LDAP Regular Password LDAP Server IP LDAP Server Port 389 Telnet Command Telnet Command radius radius This command allows you to configure detailed settings for RADIUS server Syntax Syntax radius enable 0 1 radius authport port ...

Страница 527: ... server enable_dot1x 0 1 Enable 1 or disable 0 the 802 1X Authentication function of RADIUS Server Default is disabled set_dot1x_phase1 method_idx Set the phase1 method for 802 1X authentication of RADIUS server method_idx Specify which method will be used At present dot1x_phase1 can only support PEAP now So only 1 can be used for it set_dot1x_phase2 method_idx Set the phase2 method for 802 1X aut...

Страница 528: ...csplus view Telnet Command tacacsplus view This command allows users to check the general settings for TACACS server Syntax Syntax tacacspluse view Example Example tacacsplus view TACACS Enable Enable TACACS Server IP 192 168 1 59 TACACS Server Port 49 TACACS Type ASCII TACACS Shared Secret Telnet Command Telnet Command mngt ftpport mngt ftpport This command allows users to set FTP port for manage...

Страница 529: ...xample mngt httpsport 443 Set web server port to 443 done Telnet Command Telnet Command mngt telnetport mngt telnetport This command allows users to set telnet port for management mngt telnetport Telnet port Syntax Description Syntax Description Parameter Description Telnet port It means to type the number for telnet port The default setting is 23 Example Example mngt telnetport 23 Set Telnet serv...

Страница 530: ...g mngt noping clearlog Syntax Description Syntax Description Parameter Description on All PING packets will be forwarded from LAN PC to Internet off All PING packets will be blocked from LAN PC to Internet viewlog It means to display a log of ping action including source MAC and source IP clearlog It means to clear the log of ping action Example Example mngt noping off No Ping Packet Out is OFF Vi...

Страница 531: ...orm packet Example Example mngt defenseworm add 21 Add TCP port 21 Block TCP port list 135 137 138 139 445 21 mngt defenseworm del 21 Delete TCP port 21 Block TCP port list 135 137 138 139 445 Telnet Command Telnet Command mngt rmtcfg mngt rmtcfg This command can allow the system administrators to login from the Internet By default it is not allowed mngt rmtcfg status mngt rmtcfg enable mngt rmtcf...

Страница 532: ...tion Parameter Description e 0 1 It means to enable disable the function 0 disable the function 1 enable the function s value It means to specify service offered Available values include FTP HTTP HTTPS TELNET SSH None All i value It means the interface which is allowed to access Available values include LAN2 LAN6 DMZ IP Routed Subnet None All Note LAN1 is always allowed for accessing into the rout...

Страница 533: ...echo ICMP packet disable It means to drop the echo ICMP packet Example Example mngt echoicmp enable Echo ICMP packet enabled Telnet Command Telnet Command mngt accesslist mngt accesslist This command allows you to specify that the system administrator can login from a specific host or network A maximum of three IPs subnet masks is allowed mngt accesslist list mngt accesslist add index ip addr mask...

Страница 534: ...Community name It means to set the name for getting community by typing a proper character max 23 characters s Community name It means to set community by typing a proper name max 23 characters m IP address It means to set one host as the manager to execute SNMP function Please type in IPv4 address to specify certain host t Community name It means to set trap community by typing a proper name max ...

Страница 535: ... msubnet addr This command is used to configure IP address for the specified LAN interface msubnet addr 2 3 4 IP address Syntax Description Syntax Description Parameter Description 2 3 4 5 6 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 IP address Type the private IP address for the specified LAN interface Example Example msubnet addr 2 192 168 5 1 Set LAN2 subnet IP address done This setting will t...

Страница 536: ...ion 2 3 4 5 6 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 Example Example msubnet status 2 LAN2 Off 0 0 0 0 0 0 0 0 PPP Start IP 0 0 0 60 DHCP server Off Dhcp Gateway 0 0 0 0 Start IP 0 0 0 10 Pool Count 50 Telnet Command Telnet Command msubnet dhcps msubnet dhcps This command allows you to enable or disable DHCP server for the subnet msubnet dhcps 2 3 4 On Off Syntax Description Syntax Descriptio...

Страница 537: ... packets from this subnet will be forwarded to the right WAN interface This setting will take effect after rebooting Please use sys reboot command to reboot the router Telnet Command Telnet Command msubnet gateway msubnet gateway This command is used to configure an IP address as the gateway used for subnet msubnet gateway 2 3 4 Gateway IP Syntax Description Syntax Description Parameter Descriptio...

Страница 538: ...between two LAN interfaces msubnet talk 1 2 3 4 1 2 3 4 On Off Syntax Description Syntax Description Parameter Description 1 2 3 4 It means LAN interface 1 LAN1 2 LAN2 3 LAN3 4 LAN4 On Off On It means to establish a link for the selected LAN with others Off It means to terminate the link Example Example msubnet talk 1 2 on Enable routing between LAN1 and LAN2 This setting will take effect after re...

Страница 539: ...pppip msubnet pppip This command is used to configure a starting IP address for PPP connection msubnet pppip 2 3 4 Start IP Syntax Description Syntax Description Parameter Description 2 3 4 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 Start IP Type an IP address as the starting IP address for PPP connection Example Example msubnet pppip 2 192 168 2 250 Set LAN2 PPP IPCP Start IP done This setting w...

Страница 540: ...ne msubnet nodetype msubnet nodetype 2 3 4 count Now LAN2 1 LAN3 0 LAN4 0 count 1 B node 2 P node 4 M node 8 H node Telnet Command Telnet Command msubnet primWINS msubnet primWINS This command is used to configure primary WINS server msubnet primWINS 2 3 4 WINS IP Syntax Description Syntax Description Parameter Description 2 3 4 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 WINS IP Type the IP addre...

Страница 541: ...INS server msubnet secWINS 2 3 4 WINS IP Syntax Description Syntax Description Parameter Description 2 3 4 It means LAN interface 2 LAN2 3 LAN3 4 LAN4 WINS IP Type the IP address as the WINS IP Example Example msubnet secWINS 2 192 168 3 89 Set LAN2 Dhcp Secondary WINS IP done msubnet secWINS msubnet secWINS 2 3 4 WINS IP Now LAN2 192 168 3 89 LAN3 0 0 0 0 LAN4 0 0 0 0 Vigor2762 Series User s Guid...

Страница 542: ...t LAN2 TFTP Server Name done msubnet tftp msubnet tftp 2 3 4 TFTP server name Now LAN2 publish LAN3 LAN4 Telnet Command Telnet Command msubnet mtu msubnet mtu This command allows you to configure MTU value for LAN IP Routed Subnet msubnet mtu interface value Syntax Description Syntax Description Parameter Description interface Available settings include LAN1 LAN4 IP_Routed_Subnet value 1000 1508 B...

Страница 543: ... object profile v It means to view the information of the specified object profile Example object ip obj 1 v n NAME It means to define a name for the IP object NAME Type a name with less than 15 characters Example object ip obj 9 n bruce i INTERFACE It means to define an interface for the IP object INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 3 means WAN Example object ip obj 8 i 0 s INVE...

Страница 544: ...NDEX Syntax Description Syntax Description Parameter Description setdefault It means to return to default settings for all profiles INDEX It means the index number of the specified group profile v It means to view the information of the specified group profile Example object ip grp 1 v n NAME It means to define a name for the IP group NAME Type a name with less than 15 characters Example object ip...

Страница 545: ...luded ip object index 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 object ip grp 2 i 1 object ip grp 2 a 1 2 IP Group Profile 2 Name First Interface Lan Included ip object index 0 1 1 2 2 0 3 0 4 0 5 0 6 0 7 0 Vigor2762 Series User s Guide 535 ...

Страница 546: ...n bruce i INTERFACE It means to define an interface for the IP object INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 3 means WAN Example object ip obj 8 i 0 s INVERT It means to set invert seletion for the object profile INVERT 0 means disableing the function INVERT 1 means enabling the function Example object ip obj 3 s 1 a TYPE It means to set the address type and IP for the IP object pro...

Страница 547: ...up profile v It means to view the information of the specified group profile Example object ip grp 1 v n NAME It means to define a name for the IP group NAME Type a name with less than 15 characters Example object ip grp 8 n bruce i INTERFACE It means to define an interface for the IP group INTERFACE 0 means any INTERFACE 1 means LAN INTERFACE 2 means WAN Example object ip grp 3 i 0 a IP_OBJ_INDEX...

Страница 548: ... v It means to view the information of the specified service object profile Example object service obj 1 v n NAME It means to define a name for the IP object NAME Type a name with less than 15 characters Example object service obj 9 n bruce i PROTOCOL It means to define a PROTOCOL for the service object profile PROTOCOL 0 means any PROTOCOL 1 means ICMP PROTOCOL 2 means IGMP PROTOCOL 6 means TCP P...

Страница 549: ...bj 1 d 1 200 220 object service obj 1 v Service Object Profile 1 Name limit Protocol 255 Source port check action Source port range 120 240 Destination port check action Destination port range 200 220 Telnet Command Telnet Command object service grp object service grp This command is used to integrate several service objects under a service group profile object service grp setdefault object servic...

Страница 550: ... keyword profile object kw obj setdefault object kw obj show PAGE object kw obj INDEX v object kw obj INDEX n NAME object kw obj INDEX a CONTENTS Syntax Description Syntax Description Parameter Description setdefault It means to return to default settings for all profiles show PAGE It means to show the contents of the specified profile PAGE type the page number show It means to show the contents f...

Страница 551: ...on Syntax Description Parameter Description show It means to show the contents for all of the profiles setdefault It means to return to default settings for all profiles INDEX It means the index number from 1 to 8 of the specified file extension object profile v It means to view the information of the specified file extension object profile n NAME It means to define a name for the file extension o...

Страница 552: ... v Profile Index 1 Profile Name music Image category bmp dib gif jpeg jpg jpg2 jp2 pct pcx pic pict png tif tiff Video category asf avi mov mpe mpeg mpg v mp4 qt rm v wmv 3gp 3gpp 3gpp2 3g2 Audio category v aac v aiff v au v mp3 v m4a v m4p v ogg v ra v ram v vox v wav v wma Java category class jad jar jav java jcm js jse jsp jtk ActiveX category alx apb axs ocx olb ole tlb viv vrm Compression cat...

Страница 553: ... scr Vigor2762 Series User s Guide 543 ...

Страница 554: ...e LAN Port Mirror function On Enable the function Off Disable the function Port Set the mirror port E g port sniff p1 TXRX Set the port number to be mirrored for transmitting receiving the packets E g port sniff txrx p2 p3 Restart After finished the setting use such command to activate port mirror function Status Display the status of LAN port mirror 802 1x enable disable statu s addport delport E...

Страница 555: ...ssion timeout w sec It means TCP WWW protocol sec Type a number to set the TCP WWW session timeout s sec It means TCP SYN protocol sec Type a number to set the TCP SYN session timeout f It means to flush all portmaps useful for diagnostics l List List all settings Example Example portmaptime t 86400 u 300 i 10 portmaptime l Current setting TCP Timeout 86400 sec UDP Timeout 300 sec IGMP Timeout 10 ...

Страница 556: ...ost l rule Specify an index number of rule profile for QoS mode h host Type an IP address for Specific Host mode s start port Specify a starting port number for Specific Host mode e end port Specify an ending port number for Specific Host mode Example Example ppa m 1 p 1 b 0 Set ok The PPA mode is Auto You need to set the Manual mode first TWO way accleration is disable ppa v PPA mode is Auto PPA ...

Страница 557: ...tatus interface and driver of USB printer prn status prn debug Example Example prn status Interface USB bus 2 0 Printer NotReady prn debug conn 0 none conn 1 none conn 2 none conn 3 none LPD_data_total 0 usblp_ptr 0 UsbPrintReady 0 UsbIsPrinting 0 Vigor2762 Series User s Guide 547 ...

Страница 558: ...ble setting is from 1 to 100000 o bandwidth It means to set outbound bandwidth in kbps Ethernet WAN only The available setting is from 1 to 100000 r index ratio It means to set ratio for class index in u mode It means to enable bandwidth control for UDP 0 disable 1 enable Default is disable p ratio It means to enable bandwidth limit ratio for UDP t mode It means to enable disable Outbound TCP ACK ...

Страница 559: ... example l 172 16 3 9 addr1 addr2 It means Range address Please specify the IP addresses for example l 172 16 3 9 172 16 3 50 addr1 subnet It means the subnet address with start IP address Please type the subnet and the IP address for example l 172 16 3 9 255 255 0 0 0 any It means Any address Simple type l to specify any address for this command r addr Set the remote address addr1 It means Single...

Страница 560: ...92 168 1 80 Telnet Command Telnet Command qos qos type type This command allows user to configure protocol type and port number for QoS Syntax Syntax qos type a service name e no d no Syntax Description Syntax Description Parameter Description a name It means to add rule e no It means to edit user defined service type no means the index number Available numbers are 1 40 d no It means to delete use...

Страница 561: ...for VoIP Disable SIP Port 5060 Telnet Command Telnet Command quit quit This command can exit the telnet command screen Telnet Command Telnet Command show lan show lan This command displays current status of LAN IP address settings Example Example show lan The LAN settings Status IP Mask DHCP Start IP Pool Gateway V LAN1 192 168 1 1 255 255 255 0 V 192 168 1 10 200 192 168 1 1 X LAN2 192 168 2 1 25...

Страница 562: ...Status WAN4 aux IP Private IP 1 Disable 0 0 0 0 Telnet Command Telnet Command show dns show dns This command displays current status of DNS setting Example Example show dns Domain name server settings LAN1 Primary DNS Not set LAN1 Secondary DNS Not set LAN2 Primary DNS Not set LAN2 Secondary DNS Not set LAN3 Primary DNS Not set LAN3 Secondary DNS Not set LAN4 Primary DNS Not set LAN4 Secondary DNS...

Страница 563: ... 0 0 0 13 0 0 0 0 0 0 0 14 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 16 0 0 0 0 0 0 0 17 0 0 0 0 0 0 0 18 0 0 0 0 0 0 0 19 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 MORE q Quit Enter New Lines Space Bar Next Page Telnet Command Telnet Command show portmap show portmap This command displays the table of NAT Active Sessions Example Example show portmap Private_IP Port Pseudo_IP Port Peer_IP Port Timeout Protocol Flag Tel...

Страница 564: ...Current Session Usage 0 WAN4 Current Session Usage 0 Telnet Command Telnet Command show status show status This command displays current status of LAN and WAN connections Example Example show status System Uptime 1 4 49 LAN Status Primary DNS 8 8 8 8 Secondary DNS 8 8 4 4 IP Address 192 168 1 1 Tx Rate 3266 Rx Rate 2245 WAN 1 Status Disconnected Enable Yes Line xDSL Name Mode PPPoE Up Time 0 00 00...

Страница 565: ...e Fast DS Interleave Depth 0 US Interleave Depth 0 NE Current Attenuation 0 dB Cur SNR Margin 0 dB DS actual PSD 0 0 dB US actual PSD 0 0 dB NE Rcvd Cells 0 NE Xmitted Cells 0 NE CRC Count 0 FE CRC Count 0 NE ES Count 0 FE ES Count 0 Xdsl Reset Times 0 Xdsl Link Times 0 ITU Version 0 b5004946 ITU Version 1 544e0000 ADSL Firmware Version 06 06 01 07 00 01 Power Management Mode DSL_G997_PMS_NA Test ...

Страница 566: ...mitted received bytes to Zero interface It means to specify WAN1 WAN5 interface for displaying related statistics Example Example show statistic WAN1 total TX 0 Bytes RX 0 Bytes WAN2 total TX 0 Bytes RX 0 Bytes WAN3 total TX 0 Bytes RX 0 Bytes WAN4 total TX 0 Bytes RX 0 Bytes WAN5 total TX 0 Bytes RX 0 Bytes WAN6 total TX 0 Bytes RX 0 Bytes WAN7 total TX 0 Bytes RX 0 Bytes show statistic reset wan...

Страница 567: ...SMB service set access LAN or LANWAN Allow to access into SMB server by LAN or borth LA N and WAN Example Example smb setting enable SMB service is enabled smb setting set access LAN Allow SMB access from LAN only Telnet Command Telnet Command srv dhcp srv dhcp badip badip This command is reserved for future using srv dhcp badip Example Example srv dhcp badip Telnet Command Telnet Command srv dhcp...

Страница 568: ...ic status Index MAC Address Telnet Command Telnet Command srv dhcp dns1 srv dhcp dns1 This command allows users to set Primary IP Address for DNS Server in LAN srv dhcp dns1 srv dhcp dns1 DNS IP address Syntax Description Syntax Description Parameter Description It means to display current IP address of DNS 1 for the DHCP server DNS IP address It means the IP address that you want to use as DNS1 N...

Страница 569: ...DNS IP address It means the IP address that you want to use as DNS2 Note The IP Routed Subnet DNS must be the same as NAT Subnet DNS Example Example srv dhcp dns2 10 1 1 1 srv dhcp dns2 DNS IP address Now 10 1 1 1 IP Routed Subnet dns same as NAT Subnet dns Vigor2762 Series User s Guide 559 ...

Страница 570: ...ver now is using manual settings srv dhcp frcdnsmanl off Domain name server now is using auto settings Telnet Command Telnet Command srv dhcp gateway srv dhcp gateway This command allows users to specify gateway address for DHCP server srv dhcp gateway srv dhcp gateway Gateway IP Syntax Description Syntax Description Parameter Description It means to display current gateway that you can use Gatewa...

Страница 571: ...ws users to turn on DHCP server It needs rebooting router please type sys reboot command to reboot router Telnet Command Telnet Command srv dhcp relay srv dhcp relay This command allows users to set DHCP relay setting srv dhcp relay servip server ip srv dhcp relay subnet index Syntax Description Syntax Description Parameter Description server ip It means the IP address that you want to used as DHC...

Страница 572: ...ng Please use sys reboot command to reboot the router Telnet Command Telnet Command srv dhcp status srv dhcp status This command can display general information for the DHCP server such as IP address MAC address leased time host ID and so on Example Example srv dhcp status DHCP server Relay Agent Default gateway 192 168 1 1 Index IP Address MAC Address Leased Time HOST ID 1 192 168 1 113 00 05 5D ...

Страница 573: ... server can use The unit is second Example Example srv dhcp leasetime srv dhcp leasetime Lease Time sec Now 86400 Telnet Command Telnet Command srv dhcp nodetype srv dhcp nodetype This command can set the node type for the DHCP server srv dhcp nodetype count Syntax Description Syntax Description Parameter Description count It means to specify a type for node 1 B node 2 P node 4 M node 8 H node Exa...

Страница 574: ...p primWINS srv dhcp primWINS WINS IP address srv dhcp primWINS clear Now 192 168 1 88 Telnet Command Telnet Command srv dhcp secWINS srv dhcp secWINS This command can set the secondary IP address for the DHCP server srv dhcp secWINS WINS IP address srv dhcp secWINS clear Syntax Description Syntax Description Parameter Description WINS IP address It means the IP address of secondary WINS server cle...

Страница 575: ...ion TFTP server name It means to type the name of TFTP server Example Example srv dhcp tftp TF123 srv dhcp tftp srv dhcp tftp TFTP server name Now TF123 Telnet Command Telnet Command srv dhcp option srv dhcp option This command can set the custom option for the DHCP server srv dhcp option h srv dhcp option l srv dhcp option d idx srv dhcp option e 1 or 0 c option number v option value srv dhcp opt...

Страница 576: ... set the option value by specifying the IP address x It means to set option number with the format of Hexadecimal characters u It means to update the option value of the sepecified index idx number It means the index number of the option value Example Example srv dhcp option e 1 i 2 r c 44 a 192 168 1 10 192 168 1 20 Vigor2762 Series User s Guide 566 ...

Страница 577: ...ture 1 enable 0 disable i It means to specify the private IP address of the DMZ host r It means to remove DMZ host setting v It means to display current status Example Example srv nat dmz 1 1 i 192 168 1 96 srv nat dmz v WAN1 DMZ mapping status Index Status WAN1 aux IP Private IP 1 Disable 0 0 0 0 192 168 1 96 Telnet Command Telnet Command srv nat ipsecpass srv nat ipsecpass This command allows us...

Страница 578: ...k service i local ip It means to set the IP address for local computer Local ip Type an IP address in this field w idx It means to specify the public IP 1 WAN1 Default 2 WAN1 Alias 1 and so on p protocol Specify the transport layer protocol Available values are TCP UDP and ALL s start port It means to specify the starting port number of the service offered by the local host The range is from 0 to ...

Страница 579: ...to type one name as service name proto It means to specify TCP or UDP as the protocol pub port It means to specify which port can be redirected to the specified Private IP and Port of the internal host pri ip It means to specify the private IP address of the internal host providing the service pri port It means to specify the private port number of the service offered by the internal host wan1 wan...

Страница 580: ...0 2 6 0 0 0 2 7 0 0 0 2 8 0 0 0 2 9 0 0 0 2 10 0 0 0 2 11 0 0 0 2 12 0 0 0 2 13 0 0 0 2 14 0 0 0 2 15 0 0 0 2 16 0 0 0 2 17 0 0 0 2 18 0 0 0 2 19 0 0 0 2 20 0 0 0 2 Protocol 0 Disable 6 TCP 17 UDP Telnet Command Telnet Command srv nat srv nat trigger trigger This command allows users to configure port triggering settings for NAT Syntax Syntax Vigor2762 Series User s Guide 570 ...

Страница 581: ...Specify the port number 0 65535 for trigger P Specify the incoming protocol for such trigger rule i Specify the port number 0 65535 for incoming protocol d Delete the selected trigger rule v Display the port trigger settings for specified rule Example Example srv nat trigger 1 c after_dinner srv nat trigger 1 e 1 srv nat trigger 1 p 1 srv nat trigger 1 t 2000 srv nat trigger 1 P 2 srv nat trigger ...

Страница 582: ... New Lines Space Bar Next Page Telnet Command Telnet Command srv nat showall srv nat showall This command allows users to view a summary of NAT port redirection setting open port and DMZ settings Example Example srv nat showall Index Proto WAN IP Port Private IP Port Act R01 TCP 0 0 0 0 80 192 168 1 11 100 Y O01 TCP 0 0 0 0 23 83 192 168 1 100 23 83 Y D01 All 0 0 0 0 192 168 1 96 Y R Port Redirect...

Страница 583: ...used to check the status for the auto discovery of external devices Example Example switch status External Device auto discovery status Disable No Respond to External Device Enable Telnet Command Telnet Command switch switch not_respond not_respond This command is used to detect the external device automatically and display on this page Syntax Syntax switch not_respond 0 switch not_respond 1 Synta...

Страница 584: ... switch clear switch clear This command is used to reset the switch table and reboot the router switch clear idx Syntax Description Syntax Description Parameter Description idx It means the index number of each item shown on the table The range is from 1 to 8 f It means to clear all of the data Example Example switch clear 1 Switch Data clear successful switch clear f Switch Data clear successful ...

Страница 585: ...account or create a new local user account INDEX 1 8 There are eight profiles to be added edited Username Type a new name for local user Password Type a password for local user delete INDEX Delete a local user account view INDEX Show the user account password detail information Example Example sys adminuser Local 1 Local User has enabled sys adminuser LDAP 1 LDAP has enabled sys adminuser edit 1 c...

Страница 586: ...e enable FTP service 0 disable 1 enable s enable It is used to disable enable SSH service 0 disable 1 enable p enable It is used to disable enable printer service 0 disable 1 enable 6 enable It is used to disable enable IPv6 0 disable 1 enable Example Example sys bonjour s 1 Vigor2762 Series User s Guide 576 ...

Страница 587: ... default Telnet Command Telnet Command sys cmdlog sys cmdlog This command displays the history of the commands that you have typed Example Example sys cmdlog Commands Log The lowest index is the newest 1 sys cmdlog 2 sys cmdlog 3 sys 4 sys cfg status 5 sys cfg Telnet Command Telnet Command sys ftpd sys ftpd This command displays current status of FTP server sys ftpd on sys ftpd off Syntax Descript...

Страница 588: ...ix max 40 characters sys domainname wan1 wan2 clear Now wan1 clever wan2 intelligent Telnet Command Telnet Command sys iface sys iface This command displays the current interface connection status UP or Down with IP address MAC address and Netmask for the router Example Example sys iface Interface 0 Ethernet Status UP IP Address 192 168 1 1 Netmask 0xFFFFFF00 Private IP Address 0 0 0 0 Netmask 0xF...

Страница 589: ...tatus DOWN IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 06 Interface 9 Ethernet Status DOWN IP Address 0 0 0 0 Netmask 0x00000000 MAC 00 50 7F 00 00 07 MORE q Quit Enter New Lines Space Bar Next Page Vigor2762 Series User s Guide 579 ...

Страница 590: ... ASCII string max 20 characters sys name wan1 wan2 clear Now wan1 drayrouter wan2 Note Such name can be used to recognize router s identification in SysLog dialog Telnet Command Telnet Command sys passwd sys passwd This command allows users to set password for the administrator sys passwd ASCII string Syntax Description Syntax Description Parameter Description ASCII string It means the password fo...

Страница 591: ...is ON autoreboot time is 2 hour s Telnet Command Telnet Command sys commit sys commit This command allows users to save current settings to FLASH Usually current settings will be saved in SRAM Yet this command will save the file to FLASH Example Example sys commit Telnet Command Telnet Command sys tftpd sys tftpd This command can turn on TFTP server for upgrading the firmware Example Example sys t...

Страница 592: ...uf KMC2552 2552B used 1641 cached 42 Buf KMC1016 1016B used 7 cached 1 Buf KMC504 504B used 8 cached 8 Buf KMC248 248B used 26 cached 22 Buf KMC120 120B used 67 cached 61 Buf KMC56 56B used 20 cached 44 Buf KMC24 24B used 58 cached 70 Dynamic memory 13107200B 4573168B used 190480B 0B in level 1 2 cache FLOWTRACK Memory Status of free 12000 of maximum 0 of flowstate 12000 of lost by siganture 0 of ...

Страница 593: ...ption sys tr069 set parm value sys tr069 getnoti parm sys tr069 setnoti parm value sys tr069 log sys tr069 debug on off sys tr069 save sys tr069 inform event code sys tr069 port port num sys tr069 cert_auth on off Syntax Description Syntax Description Parameter Description get parm option It means to get parameters for tr 069 option nextlevel only gets nextlevel for GetParameterNames set parm valu...

Страница 594: ...atewayDevice DeviceInfo InternetGatewayDevice ManagementServer InternetGatewayDevice Time InternetGatewayDevice Layer3Forwarding InternetGatewayDevice LANDevice InternetGatewayDevice WANDevice InternetGatewayDevice Services InternetGatewayDevice X_00507F_InternetAcc InternetGatewayDevice X_00507F_LAN InternetGatewayDevice X_00507F_NAT InternetGatewayDevice X_00507F_Firewall InternetGatewayDevice X...

Страница 595: ... qry sys license dev_chg sys license dev_key Syntax Description Syntax Description Parameter Description licmsg It means to display license message licauth It means the license authentication time setting regser It means the license register server setting licera It means to erase license setting licifno It means license and signature download interface setting lic_wiz set reg qry It means the lic...

Страница 596: ...mber is the detailed the data is displayed feature on off y It is used to specify the function of the log Supported features include SYS and DSL Case Insensitive Default setting is on for DSL voip_feature on off vf_name It means VoIP feature Type on to enable the feature or type off to disable the feature vf_name available settings include DRVTAPI DRVVMMC DRVMPS DRVFXO DRVHAL PSMPHONE PSMSUPP PSM ...

Страница 597: ...aylightsave daylightsave This command is used to configure daylight save setting Syntax Syntax sys daylightsave command parameter Syntax Description Syntax Description Parameter Description command parameter The available commands with parameters are listed below means that you can type in several commands in one line v Display the daylight saving settings r Set to factory default setting e 1 0 En...

Страница 598: ... sys dnsCacheTbl command parameter Syntax Description Syntax Description Parameter Description command parameter The available commands with parameters are listed below means that you can type in several commands in one line l Display DNS IPv4 entry in the DNS cache table s Display DNS IPv6 entry in the DNS cache table v Display the TTL limit value in the DNS cache table t 0 n Set the TTL limit va...

Страница 599: ... w 1 0 Enable 1 or disable 0 WAN Log r 1 0 Enable 1 or disable 0 Router DSL Information t 1 0 Enable 1 or disable 0 AlertLog Setup o port number Define the port number 1 65535 for AlertLog Example Example sys syslog a 1 s 1 i 192 168 1 25 d 514 Telnet Command Telnet Command sys sys time time This command is used to configure system time and date Syntax Syntax sys time server domain sys time inquir...

Страница 600: ... Istanbul Minsk 38 GMT 02 00 Jerusalem 39 GMT 02 00 Harare Pretoria 40 GMT 03 00 Volgograd 41 GMT 03 00 Baghdad Kuwait Riyadh 42 GMT 03 00 Nairobi 43 GMT 03 00 Moscow St Petersburg 44 GMT 03 30 Tehran 45 GMT 04 00 Abu Dhabi Muscat 46 GMT 04 00 Baku Tbilisi 47 GMT 04 30 Kabul 48 GMT 05 00 Ekaterinburg 49 GMT 05 00 Islamabad Karachi Tashkent 50 GMT 05 30 Bombay Calcutta 51 GMT 05 30 Madras New Delhi...

Страница 601: ...ty level Syntax Syntax sys eap_tls set 0 1 Syntax Description Syntax Description Parameter Description 0 Disable EAP TLS compatibility 1 Enable EAP TLS compatibility Example Example sys eap_tls set 1 Enable EAP_TLS compatibility Telnet Command Telnet Command testmail testmail This command is used to display current settings for sending test mail Example Example testmail Send out test mail Mail Ale...

Страница 602: ...ocol NULL The tmpvirtual server index 0 PortMapLeaseDuration 0 PortMapEnabled 0 PortMapProtocol NULL The tmpvirtual server index 0 PortMapLeaseDuration 0 PortMapEnabled 0 0 MORE q Quit Enter New Lines Space Bar Next Page Telnet Command Telnet Command upnp service upnp service This command can display the information of the UPnP service UPnP service must be enabled first Example Example upnp on UPN...

Страница 603: ...on UPNP start upnp subscribe Vigor upnp subscribe 1 serviceType urn schemas microsoft com service OSInfo 1 Subscribtion1 sid 7a2bbdd0 0047 4fc8 b870 4597b34da7fb eventKey 1 ToSendEventKey 1 expireTime 6926 active 1 DeliveryURLs http 192 168 1 113 2869 upnp eventing twtnpnsiun 2 serviceType urn schemas upnp org service WANCommonInterfaceConfig 1 Subscribtion1 sid d9cd47a5 d9c9 4d3d 8043 d03a82f2798...

Страница 604: ...tax Description Syntax Description Parameter Description n It means to specify WAN interface to apply UPnP n 0 it means to auto select WAN interface n 1 WAN1 n 2 WAN2 Example Example upnp wan 1 use wan1 now Telnet Command usb list Telnet Command usb list This command is use to display the information about the brand name and model name of the USB modems which are supported by Vigor router Example ...

Страница 605: ...tion usb user add Index Username Password Permission Home path usb user rm Index usb user enable Index usb user disable Index usb user list Syntax Description Syntax Description Parameter Description add Add a new user profile Rm Delete an existed user profile enable Enable a user profile disable Disable a user profile list Display all of the user profile index It means the index number of the use...

Страница 606: ... Indicate the IP version for the IP address 4 IPv4 6 IPv6 w WAN_idx WAN_idx Indicate the WAN interface 1 WAN1 2 WAN2 3 WAN3 4 WAN4 l LAN_idx LAN_idx Indicate the LAN interface 1 LAN1 2 LAN2 3 LAN3 4 LAN4 e 0 1 Enable 1 or disable 0 the Vigor Bridge for WAN or and LAN f 0 1 Enable 1 or disable 0 the firewall functions Example Example vigbrg set v 4 w 1 l 1 e 1 WAN1 IPv4 bridge is enable Set subnet ...

Страница 607: ...Vigor2762 Series User s Guide 597 ...

Страница 608: ... including index number MAC address Stamp Time PVC VLAN port for Vigor Bridge Function Example Example vigbrg wanstatus Vigor Bridge Running WAN mac table Index MAC Address Stamp Time PVC VLan Port Telnet Command Telnet Command vigbrg vigbrg wlanstatus wlanstatus This command can display the existed WLAN connection status for the modem change from router into bridge modem including index number MA...

Страница 609: ... Command vlan off This command allows you to disable VLAN function Syntax Syntax vlan off Example Example vlan off VLAN is Disable Force subnet LAN2 3 4 to be disabled Telnet Command vlan on Telnet Command vlan on This command allows you to enable VLAN function Syntax Syntax vlan on Example Example vlan on VLAN is Enable Telnet Command vlan pri Telnet Command vlan pri This command is used to defin...

Страница 610: ...Example Example vlan status VLAN is Enable VLAN Enable VID Pri p1 p2 p3 p4 s1 s2 s3 s4 subnet 0 OFF 0 0 1 LAN1 1 OFF 0 2 1 LAN1 2 OFF 0 0 1 LAN1 3 OFF 0 0 V V V 1 LAN1 4 OFF 0 0 1 LAN1 5 OFF 0 0 1 LAN1 6 OFF 0 0 1 LAN1 7 OFF 0 0 1 LAN1 Note they are only untag for s1 s2 s3 s4 but they can join tag vlan with lan ports Permit untagged device in P1 to access router ON Telnet Command vlan subnet Telne...

Страница 611: ...t means to display if submode is normal mode or promiscuous mode Example Example vlan submode status vlan subnet mode normal mode vlan submode on vlan subnet mode modified to promiscuous mode vlan submode status vlan subnet mode promiscuous mode Telnet Command vlan tagged Telnet Command vlan tagged This command is used to enable or disable the incoming of untagged packets Syntax Syntax vlan tagged...

Страница 612: ...rom 0 to 7 vid_no It means the value of VLAN ID Type the value as the VLAN ID number The range is form 0 to 4095 Example Example vlan vid 1 4095 VLAN1 vid 4095 Telnet Command vlan sysvid Telnet Command vlan sysvid This command is used to modify and show the scope reserved 78 of the VLAN IDs used internally by the system Syntax Syntax vlan sysvid show n Syntax Description Syntax Description Paramet...

Страница 613: ...identity for aggressive mode main It means to choose proposal for main mode auto index It means to choose default proposals proposal index It means to choose specified proposal aggressive It means the chosen DH group for aggressive mode pfs It means perfect forward secrete on off It means to turn on or off the PFS function phase1 It means phase 1 of IKE lifetime It means the lifetime value in seco...

Страница 614: ...mple Example vpn dinset 1 Dial in profile index 1 Profile Name Status Deactive Mobile OTP Disabled Password Idle Timeout 300 sec vpn dinset 1 on set profile active vpn dinset 1 motp on Enable Mobile OTP mode vpn dinset 1 pin_secret 1234 e759bb6f0e94c7ab4fe6 vpn dinset 1 Dial in profile index 1 Profile Name Status Active Mobile OTP Enabled PIN 1234 Secret e759bb6f0e94c7ab4fe6 Idle Timeout 300 sec T...

Страница 615: ... l2tp_out ip usr pwd nip nmask Command of Dial In vpn setup index name dialin ip usr pwd key nip nmask Syntax Description Syntax Description Parameter Description For PPTP Dial Out index It means the index number of the profile name It means the name of the profile ip It means the IP address to dial to usr pwd It means the user and the password required for the PPTP connection nip nmask It means t...

Страница 616: ...e password required for the PPTP L2TP connection key It means the value of IPsec Pre Shared Key nip nmask It means the remote network IP and the mask e g vpn setup 1 name1 dialin 1 2 3 4 vigor 1234 abc 192 168 1 0 255 255 255 0 Example Example vpn setup 1 name1 dialin 1 2 3 4 vigor 1234 abc 192 168 1 0 255 255 255 0 Profile Change Log Profile Index 1 Profile Name name1 Username vigor Password 1234...

Страница 617: ... out Available values include 1 it means always on for dial out 0 it means always on for dial in Other numbers e g idle 200 idle 300 idle 500 mean the router will be idle after the interval seconds configured here palive It means to enable PING to keep alive 1 disable the function 1 2 3 4 Enable the function and PING IP 1 2 3 4 to keep alive For Dial Out Settings ctype It means Type of Server I am...

Страница 618: ...ocal ID vigor For Dial In Settings itype It means Allowed Dial In Type Available settings include itype t means PPTP itype s means IPSec itype L1 means L2TP None itype L1 means L2TP Nice to Have itype l2 means L2TP Must peer It means specify Peer VPN Server IP for Remote VPN Gateway Type 203 12 23 48 means to allow VPN dial in with IP address of 203 12 23 48 Type off means any remote IP is allowed...

Страница 619: ...mode n means to set NAT mode droute It means to Change default route to this VPN tunnel Only single WAN supports this droute on off means to enable disable the function Example Example vpn option 1 idle 250 Change Log Idle Timeout 250 Telnet Command Telnet Command vpn mroute vpn mroute This command allows users to list add or delete static routes for a certain LAN to LAN VPN profile vpn mroute ind...

Страница 620: ...t settings of the specified profile in It means to list dial in settings of the specified profile net It means to list Network Settings of the specified profile index It means the index number of the profile Available index numbers 1 32 Example Example vpn list 32 all Common Settings Profile Name Profile Status Disable Netbios Naming Packet Pass Call Direction Both Idle Timeout 300 PING to keep al...

Страница 621: ...iption Parameter Description PPTP IPSec L2TP There are four types to be selected on off on enable VPN remote setting off disable VPN remote setting Example Example vpn remote PPTP on Set PPTP VPN Service On Please restart the router Telnet Command Telnet Command vpn 2ndsubnet vpn 2ndsubnet This command allows users to enable second subnet IP as VPN server IP vpn 2ndsubnet on vpn 2ndsubnet off Synt...

Страница 622: ...Vigor2762 Series User s Guide 612 ...

Страница 623: ...ve In active Dialout_Index GRE_MyIP GRE_PeerIP Logical_Traffic vpn trunk An_Gre GreIPsecAnalyze ON OFF Syntax Description Syntax Description Parameter Description show_usable Display a list of LAN to LAN dial out profiles backup add del name Member 1 Member 2 Set multiple VPN tunnels LAN to LAN profiles as backup tunnel add del Add or delete a profile for used in VPN Trunk name Specify the name of...

Страница 624: ... the algorithm with fastest mode of Load Balance Most of traffics will be led to the channel with the fastest connection name Specify the name of the VPN trunk bind usage BindIndex Display detailed information for VPN Load Balance Tunnel Bind BindIndex Indicate the index number of the tunnle bind bind show LoadBalanceName Display the bind information for VPN Load Balance profile LoadBalanceName ty...

Страница 625: ...Frag ON means to bind the fragmented packet OFF means not to care It is the default setting SetGre show Dialout_Index Display the GRE over IPSec settings in specified LAN to LAN profile Dialout_Index Index number of the LAN to LAN dial out profile SetGre Active In active Dialout_Index GRE _MyIP GRE_PeerIP Logica l_Traffic Active In active Specify the action y means active n means inactive Dialout_...

Страница 626: ... 10 2 Binding Dest IP 192 168 99 1 192 168 99 254 Binding Dest Port 1 65535 Binding Fragmented NO Binding Protocol ANY Protocol Telnet Command Telnet Command vpn NetBios vpn NetBios This command allows users to enable or disable NetBios for Remote Access User Accounts or LAN to LAN Profile vpn NetBios set H2l L2l index Block Pass Syntax Description Syntax Description Parameter Description H2l L2l ...

Страница 627: ... set as 1360 bytes set Use it to specify the connection type and value of MSS connection type 1 4 represent various type 1 PPTP 2 L2TP 3 IPSec 4 L2TP over IPSec TCP maximum segment size range Each type has different segment size range PPTP 1 1412 L2TP 1 1408 IPSec 1 1381 L2TP over IPSec 1 1361 Example Example vpn mss set 1 1400 VPN TCP maximum segment size MSS PPTP 1400 L2TP 1360 IPSec 1360 L2TP o...

Страница 628: ...Multicast Packets The default is Block Example Example vpn Multicast set L2l 1 Pass Lan to Lan Profile Index 1 Status Block Pass PASS Telnet Command Telnet Command vpn pass2nd vpn pass2nd This command allows users to determine if the packets coming from the second subnet passing through current used VPN tunnel vpn pass2nd on vpn pass2nd off Syntax Description Syntax Description Parameter Descripti...

Страница 629: ... Syntax Description Parameter Description i value Specify the index number of VPN profile E 0 1 Enable or disable the IPsec with the same subnet 1 enable 0 disable e value Translate specified LAN to virtual subnet 1 LAN1 2 LAN2 3 LAN3 I xxx xxx xxx xxx Set the virtual subnet e g 172 16 3 250 v Display current status of virtual subnet Example Example vpn sameS i 1 e 1 E 1 e 1 I 10 10 10 0 o add vpn...

Страница 630: ...an mtu value wan mtu2 value Syntax Description Syntax Description Parameter Description value It means the number of MTU for PPP The available range is from 1000 to 1500 For Static IP DHCP the maximum number will be 1500 For PPPoE the maximum number will be 1492 For PPTP L2TP the maximum number will be 1460 Example Example wan mtu 1100 wan mtu Static IP DHCP Max MSS 1500 PPPoE Max MSS 1492 PPTP L2...

Страница 631: ...llows you to enable or disable the function of WAN forwarding The packets are allowed to be transmitted between different WANs wan forward on wan forward off Syntax Description Syntax Description Parameter Description on off It means to enable or disable WAN forward Example Example wan forward WAN forwarding is Disable wan forward on WAN forwarding is enable Telnet Command Telnet Command wan statu...

Страница 632: ...ect wan1 target ip addr wan detect wan1 ttl 1 255 wan detect status Syntax Description Syntax Description Parameter Description on It means to enable ping detection The IP address of the target shall be set off It means to enable ARP detection default always_on disable link detect always connected only support static IP target It means to set the ping target ip addr It means the IP address used fo...

Страница 633: ...ance Example Example wan lb status WAN1 on WAN2 on WAN3 on WAN4 on WAN5 on WAN6 on WAN7 on Telnet Command Telnet Command wan wan mvlan mvlan This command allows you to configure multi VLAN for WAN and LAN It supports pure bridge mode modem mode between Ethernet WAN and LAN port 2 4 wan mvlan pvc_no status save enable disable on off clear tag tag_no service type vlan priority px Keep Tag Syntax Des...

Страница 634: ...mple Example PVC 7 will map to LAN port 2 3 4 in bridge mode service type is Normal No tag added wan mvlan 7 on p2 p3 p4 PVC Bridge p1 p2 p3 p4 p5 p6 Service Type Tag Priority Keep Tag 7 ON 0 0 1 1 0 0 Normal 0 OFF 0 OFF Telnet Command Telnet Command wan wan multifno multifno This command allows you to specify a channel in Multi PVC VLAN to make bridge connection to a specified WAN interface wan m...

Страница 635: ...face 1 means WAN1 2 means WAN2 value It means the number to be tagged on packets The range of the value is between 32 4095 enable disable It means to enable or disable the WAN interface for VLAN pri value It means to set priority of data transmission via 802 1q The range of the value is between 0 7 stat It means to display the table of WAN VLAN status Example Example wan vlan stat Interface Pri Ta...

Страница 636: ...thly periodic none Specify the calculation mode monthly periodically or none for WAN budget psday th day in periodic It is used only when mode is set with periodic Specify the order of today in the cycle E g wan budget wan 5 psday It means today is the 5th day in the billing cycle action action bitmap Determine the action to be performed when it reaches the WAN budget limit action bitmap Type a to...

Страница 637: ...ery The user can specify an IPv6 target to ping and find the suitable MTU size of the WAN interface Syntax Syntax wan detect_mtu6 w number i IPv6 address s base_size Syntax Description Syntax Description Parameter Description w number Specify the WAN interface number Type the number of WAN interface 1 WAN1 2 WAN2 and etc I IPv6 address Specify the IPv6 target to detect It must be an IPv6 IP addres...

Страница 638: ...http www draytek com Profile 1 enable OK Applied LAN interfaces OK Applied WLAN interfaces OK Redirect to URL mode OK Telnet Command Telnet Command wl acl wl acl This command allows the user to configure wireless access control settings Syntax Syntax wl acl enable ssid1 ssid2 ssid3 ssid4 wl acl disable ssid1 ssid2 ssid3 ssid4 wl acl add MAC ssid1 ssid2 ssid3 ssid4 isolate wl acl del MAC wl acl mod...

Страница 639: ...de ssid1 none ssid2 none ssid3 none ssid4 none wl acl add 00 50 70 ff 12 70 Set Done wl acl add 00 50 70 ff 12 70 ssid1 ssid2 isolate Set Done wl acl show Enable Mac Address Filter ssid1 dis ssid2 dis ssid3 dis ssid4 dis MAC Address Filter Index Attribute MAC Address Associated SSIDs 0 00 50 70 ff 12 70 ssid1 ssid2 ssid3 ssid4 1 s 00 50 70 ff 12 70 ssid1 ssid2 s Isolate the station from LAN Telnet...

Страница 640: ...he funciton ssid ssid_num enable ssid_name hidden_ssid It means to set the name of the SSID hide the SSID if required ssid_num Type 1 2 3 or 4 to specify SSID1 SSID2 SSID3 or SSID4 ssid_name Give a name for the specified SSID hidden_ssid Type 0 to hide the SSID or 1 to display the SSID Security SSID_NUMBER mode key index It means to configure security settings for the wirelesss connection SSID_NUM...

Страница 641: ...id 1 enable dray SSID Enable Hide_SSID Name 1 1 0 dray Note Please restart wireless after you set the parameters wl config security 1 wpa1x Configured Wlan Security Setting SSID1 Mode wpa1x Wireless card must be reset for configurations to take effect Telnet Command wl restart Telnet Command Telnet Command wl set wl set This command allows users to configure basic wireless settings wl set SSID CHA...

Страница 642: ...nable Telnet Command Telnet Command wl iso_vpn wl iso_vpn This command allows users to activate the function of VPN isolation wl iso_vpn ssid En Syntax Description Syntax Description Parameter Description ssid It means the number of SSID 1 SSID1 2 SSID2 3 SSID3 4 SSID4 En It means to enable or disable the function of VPN isolation 0 disable 1 enable Example Example wl iso_vpn 1 on ssid 1 isolate v...

Страница 643: ...s to set WMM for wireless clients ack It means to map to the Ack policy settings of AP WMM enable It means to enable the WMM for each SSID 0 disable 1 enable Apsd value It means to enable disable the ASPD automatic power save delivery function 0 disable 1 enable show It displays current status of WMM QueIdx It means the number of the queue which the WMM settings will be applied to There are four q...

Страница 644: ...llows you to configure wireless settings wl ht bw value wl ht gi value wl ht badecline value wl ht autoba value wl ht rdg value wl ht msdu value wl ht txpower value wl ht antenna value wl ht greenfield value Syntax Description Syntax Description Parameter Description wl ht bw value The value you can type is 0 for BW_20 and 1 for BW_40 wl ht gi value The value you can type is 0 for GI_800 and 1 for...

Страница 645: ...ntax Description Syntax Description Parameter Description mode value It means to specify connection mode for WDS value Available settings are d Disable b Bridge r Repeapter security value It means to configure security mode with encrypted keys for WDS mode Available settings are disable No security wep WEP wpapsk key WPA PSK wpa2psk key WPA2 PSK key Moreover you have to add keys for wpapsk wpa2psk...

Страница 646: ... wl dual wds mac enable 1 flush It means to reset all WDS setting Example Example wl wds status Please enable WDS hello function first wl wds hello 1 Note Please restart router after you set the parameters wl wds status Telnet Command Telnet Command wl btnctl wl btnctl This command allows you to enable or disable wireless button control wl btnctl value Syntax Description Syntax Description Paramet...

Страница 647: ...ol fromWan_Setting idx ip address mask Syntax Description Syntax Description Parameter Description MAC Address It means the MAC address of the host IP address It means the LAN IP address of the host If you want to wake up LAN host by using IP address be sure that that IP address has been bound with the MAC address IP BindMAC on off any It means to enable or disable the function of WOL from WAN on ...

Страница 648: ...ress type the IP address that you want it to pass c user name c all Clear the user record user name type the user name that you want to get clear corresponding record all all of the records will be removed d Disable User management function e Enable User management function l all l userl l ip Show online user all all of the users will be displayed on the screen user name type the user name that yo...

Страница 649: ... set a user name for a profile e g n fortest p Param It means to configure user password e g p 60fortest q Param It means to set time quota 1 65535 of the user profile e g q 200 r Param It means to set data quota 1 65535 of the user profile e g r 1000 s Param It means to set schedule index sch_idex could be 1 to 15 t Param It means to enable disable time quota limitation for user profile 0 Disable...

Страница 650: ...nable w Param It means to set data quota unit MB GB setdefault Setup all of the user profiles to factory default configuration Example Example user account admin d 0 q 200 r 1000 t 1 w MB Disable the admin data quota limited Telnet Command appqos Telnet Command appqos The command is used to configure QoS for APP Syntax Syntax appqos view appqos enable 0 1 appqos traceable v e AP_INDEX CLASS d AP_I...

Страница 651: ...r Class d It means to disable QoS for application s Example Example appqos enable 1 APP QoS set to Enable appqos traceable e 68 2 TELNET ENABLED QoS Class 2 Telnet Command nand bad nand usage Telnet Command nand bad nand usage NAND usage is used to display NAND Flash usage nand bad is used to display NAND Flash bad blocks nand bad nand usage Example Example nand usage Show NAND Flash Usage Partiti...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды