Ir a la página of
manuales de instrucciones parecidos
-
Router
Draytek Vigor2920Vn
370 páginas -
Router
Draytek Vigor 2760n
36 páginas 2.18 mb -
Router
Draytek Vigor2850n
387 páginas 7.99 mb -
Router
Draytek Vigor 2200X
140 páginas -
Router
Draytek Vigor2120n-plus
539 páginas -
Router
Draytek Vigor 2200E
139 páginas -
Router
Draytek VIGOR 2950G
24 páginas -
Router
Draytek Vigor 2820
269 páginas 5.33 mb
Buen manual de instrucciones
Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Draytek Vigor2950i. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Draytek Vigor2950i o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.
¿Qué es un manual de instrucciones?
El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Draytek Vigor2950i se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.
Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Draytek Vigor2950i, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.
Entonces, ¿qué debe contener el manual de instrucciones perfecto?
Sobre todo, un manual de instrucciones Draytek Vigor2950i debe contener:
- información acerca de las especificaciones técnicas del dispositivo Draytek Vigor2950i
- nombre de fabricante y año de fabricación del dispositivo Draytek Vigor2950i
- condiciones de uso, configuración y mantenimiento del dispositivo Draytek Vigor2950i
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas
¿Por qué no leemos los manuales de instrucciones?
Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Draytek Vigor2950i no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Draytek Vigor2950i y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Draytek en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Draytek Vigor2950i, como se suele hacer teniendo una versión en papel.
¿Por qué vale la pena leer los manuales de instrucciones?
Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Draytek Vigor2950i, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.
Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Draytek Vigor2950i. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.
Índice de manuales de instrucciones
-
Página 1
[...]
-
Página 2
Vigor2950 Series User’s Guide ii[...]
-
Página 3
Vigor2950 Series User’s Guide iii Vigor2950 Series Dual-WAN SSL VPN Appliance User’s Guide Version: 4.1 Date: 30/10 /200 9 Copyright 2009 All rights reserve d. This publication contains information th at is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval syst em, or translated into any lang u a[...]
-
Página 4
Vigor2950 Series User’s Guide iv Copyright Information Copyright Declarations Copyright 2009 All rights reserved. This pub licatio n contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language without written permission f rom the copyri ght[...]
-
Página 5
Vigor2950 Series User’s Guide v European Community Declarations Manufacturer: DrayTek Corp. Address: No. 26, Fu Shing Road, HuKou Town sh ip, HsinChu Industrial Park, Hsin-Chu, Taiwan 303 Product: Vigor2950 Ser ies Router DrayTek Corp. declares that Vigor295 0 series is in compliance with the following essential requirements and other relevant pr[...]
-
Página 6
Vigor2950 Series User’s Guide vi T T a a b b l l e e o o f f C C o o n n t t e e n n t t s s 1 Pref ace ............................................................................................................... 1 1.1 Web Conf iguration Bu ttons Explanation ................................................................................. 1 1.[...]
-
Página 7
Vigor2950 Series User’s Guide vii 3.4.2 Genera l Setup ............................................................................................................ ..... 53 3.4.3 Filter Setup ............................................................................................................. ........ 54 3.4.4 DoS Defense ................[...]
-
Página 8
Vigor2950 Series User’s Guide viii 3.12.5 WDS..................................................................................................................... ....... 159 3.12.6 AP Di scovery ............................................................................................................ .. 161 3.12.7 Stat ion List ...............[...]
-
Página 9
Vigor2950 Series User’s Guide ix 5 T rouble Shoot ing ........................................................................................... 229 5.1 Checking If the Hardware S tatus Is OK or No t.................................................................... 229 5.2 Checking If the Network Connection Settings on Y our Computer Is OK or [...]
-
Página 10
[...]
-
Página 11
Vigor2950 Series User’s Guide 1 1 P P r r e e f f a a c c e e The Vigor2950 series router provides Dual-WAN interface (which is a configuration second WAN) for Internet access to make the Internet connection more reliable. The wireless LAN supports more secure features and the transmission speed is up to 108Mbps (SuperG TM ). Object-oriented fire[...]
-
Página 12
Vigor2950 Series User’s Guide 2 1 1 . . 2 2 . . 1 1 F F o o r r V V i i g g o o r r 2 2 9 9 5 5 0 0 LED Status Explanation Blinking The router is powere d on and running no rm ally. ACT (Activity) Off The router is powe red off. DMZ On DMZ Host is specified in cert ain site. Monitor On LAN traffic monitor is active. On The VPN tun nel is launc he[...]
-
Página 13
Vigor2950 Series User’s Guide 3 1 1 . . 2 2 . . 2 2 F F o o r r V V i i g g o o r r 2 2 9 9 5 5 0 0 G G LED Status Explanation Blinking The router is powere d on and running no rm ally. ACT (Activity) Off The router is p owered off. DMZ On DMZ Host is specified in certain site. Monitor On LAN traffic monitor is active. On The VPN tun nel is launc[...]
-
Página 14
Vigor2950 Series User’s Guide 4 1 1 . . 2 2 . . 3 3 F F o o r r V V i i g g o o r r 2 2 9 9 5 5 0 0 i i LED Status Explanation Blinking The router is powe re d on and runnin g no rm ally. ACT (Activity) Off The router is powe red off. DMZ On DMZ Host is specified in cert ain site. Monitor On LAN traffic monitor is active. On The VPN t unnel is l [...]
-
Página 15
Vigor2950 Series User’s Guide 5 1 1 . . 2 2 . . 4 4 F F o o r r V V i i g g o o r r 2 2 9 9 5 5 0 0 G G i i LED Status Explanation Blinking The router is powere d on and running no rm ally. ACT (Activity) Off The router is p owered off. DMZ On DMZ Host is specified in certain site. Monitor On LAN traffic monitor is active. On The VPN tun nel is l[...]
-
Página 16
Vigor2950 Series User’s Guide 6 1 1 . . 3 3 H H a a r r d d w w a a r r e e I I n n s s t t a a l l l l a a t t i i o o n n Before starting to configure the router, you have to connect your devices correctly. 1. Connect the power cord to the router’s power port on the rear panel, and the ot her side into a wall outlet. 2. Power on the device by[...]
-
Página 17
Vigor2950 Series User’s Guide 7 2 C C o o n n f f i i g g u u r r i i n n g g B B a a s s i i c c S S e e t t t t i i n n g g s s For use the router properly, it is necessary for you to change the password of web configuration for security and adjust primary basic settings. This chapter explains how to setup a password fo r an administrator and h[...]
-
Página 18
Vigor2950 Series User’s Guide 8 3. Now, the Main Screen will pop up. Home Page for Vigor2950 Series 4. 4Go to System Maintenance page and choose Administrator Password . 5. Enter the login password (the defa ult is blank) on the field of Old Password . Type a new one in the field of New Password and retype it on the field of Confirm Password . Th[...]
-
Página 19
Vigor2950 Series User’s Guide 9 2 2 . . 2 2 Q Q u u i i c c k k S S t t a a r r t t W W i i z z a a r r d d If your router can be under an environment with high speed NAT, the configuration provide here can help you to deploy and use the router quickl y. The first screen of Quick Start Wizard is entering login password. After ty ping the password[...]
-
Página 20
Vigor2950 Series User’s Guide 10 In the Quick Start Wizard , you can configure the router to access the Internet with different protocol/modes such as PPPoE , PPTP , L2TP , Static IP or DHCP . The router supports the DSL WAN interface for Internet access. 2 2 . . 2 2 . . 1 1 P P P P P P o o E E PPPoE stands for Point-to-Point Protocol over Ethern[...]
-
Página 21
Vigor2950 Series User’s Guide 11 Password Assign a valid password provided by the ISP. Confirm Password Retype the password to confirm it. Click Next for viewing summary of such connection. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this protocol will be shown.[...]
-
Página 22
Vigor2950 Series User’s Guide 12 2 2 . . 2 2 . . 2 2 P P P P T T P P Click PPTP as the protocol. Type in all the information that your ISP provides for this protocol. Click Next for viewing summary of such connection. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this protocol will be shown.[...]
-
Página 23
Vigor2950 Series User’s Guide 13 2 2 . . 2 2 . . 3 3 L L 2 2 T T P P Click L2TP as the protocol. Type in all the information that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page.[...]
-
Página 24
Vigor2950 Series User’s Guide 14 2 2 . . 2 2 . . 4 4 S S t t a a t t i i c c I I P P Click Static IP as the protocol. Type in all the inform ation that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the [...]
-
Página 25
Vigor2950 Series User’s Guide 15 2 2 . . 2 2 . . 5 5 D D H H C C P P Click DHCP as the protocol. Type in all the information that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this [...]
-
Página 26
Vigor2950 Series User’s Guide 16 2 2 . . 3 3 O O n n l l i i n n e e S S t t a a t t u u s s The online status shows the system status, W AN status, ADSL Information and other status related to this router within one page. If you select PPPoE/PPTP as the protocol , you will find out a link of Dial PPPoE or Drop PPPoE in the Online Status web page[...]
-
Página 27
Vigor2950 Series User’s Guide 17 Online status for DHCP Detailed explanation is shown below: Primary DNS Display the IP address of the primary DNS. Secondary DNS Display the IP address of the secondary DNS. LAN Status IP Address Display the IP address of the LAN interface. TX Packets Display the total transmitted packets at the LAN interface. RX [...]
-
Página 28
Vigor2950 Series User’s Guide 18 Drop B1/B2 Allows you to drop B1 or B2 connection. Note: The words in green mean that th e WAN connection of that interface (WAN1/WAN2) is ready for accessing Internet; the words in red mean that the WAN connection of that interface (W AN1/WAN2) is not ready for accessing Internet. 2 2 . . 4 4 S S a a v v i i n n [...]
-
Página 29
Vigor2950 Series User’s Guide 19 3 A A d d v v a a n n c c e e d d W W e e b b C C o o n n f f i i g g u u r r a a t t i i o o n n After finished basic configuration of the router, you can access Internet with ease. For the people who want to adjust more setting for suitin g his/her request, please refer to this chapter for getting detailed infor[...]
-
Página 30
Vigor2950 Series User’s Guide 20 Below shows the menu items for Internet Access. 3 3 . . 1 1 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p This section will introduce some general settings of Internet and explain the connection modes for WAN1 and WAN2 in details. This router supports dual WAN function. It allows users to access Internet[...]
-
Página 31
Vigor2950 Series User’s Guide 21 Physical Type You can change the physical type for WAN2 or choose Auto negotiation for determined by the system. Load Balance Mode If you know the practical bandwidth for your WAN interface, please choose the setting of According to Line Speed . Otherwise, please choose Auto Weigh to let the router reach the best [...]
-
Página 32
Vigor2950 Series User’s Guide 22 3 3 . . 1 1 . . 3 3 I I n n t t e e r r n n e e t t A A c c c c e e s s s s For the router supports dual WAN function, the users can set different WAN settings (for WAN1/WAN2) for Internet Access. Due to di fferent physical mode for WAN1 and WAN2, the Access Mode for these two connections also varies slightly. Ind[...]
-
Página 33
Vigor2950 Series User’s Guide 23 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P o o E E To use PPPoE as the accessing protocol of the internet, please choose Internet Acce ss fro m WAN menu. Then, select PPPoE mode for WAN2. The following web page will be shown. PPPoE Client Mode Click Enable for activating this function. If [...]
-
Página 34
Vigor2950 Series User’s Guide 24 Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (Time to Live) – Display value for your reference. TTL value is set by telnet command. PPP/MP Setup PPP Authentication – Select PAP only or PAP or CHAP for PPP. Idle Timeout – Set the timeout f[...]
-
Página 35
Vigor2950 Series User’s Guide 25 D D e e t t a a i i l l s s P P a a g g e e f f o o r r S S t t a a t t i i c c o o r r D D y y n n a a m m i i c c I I P P For static IP mode, you usually receive a fixe d public IP address or a public subnet, nam ely multiple public IP addresses from your DSL or Cable ISP service providers. In most cases, a Cabl[...]
-
Página 36
Vigor2950 Series User’s Guide 26 PING Interval - Enter the interval for the system to execute the PING operation. WAN Connection Detection Such function allows you to veri fy whether network connection is alive or not through ARP Detect or Ping Detect. Mode – Choose ARP Detect or Ping Detect for the system to execute for WAN detection. Ping IP [...]
-
Página 37
Vigor2950 Series User’s Guide 27 Gateway IP Address : Type the gateway IP address. Default MAC Address : Click this radio button to use default MAC address for the router. Specify a MAC Address : Some Cable service providers specify a specific MAC address for access authentication. In such cases y ou need to click the Specify a MAC Address and en[...]
-
Página 38
Vigor2950 Series User’s Guide 28 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P T T P P / / L L 2 2 T T P P To use PPTP/L2TP as the accessing protocol of the internet, please choose Internet Access from WAN menu. Then, select PPTP/L2TP mode for WAN2/WAN2. The following web page will be shown. PPTP/L2TP Client Mode Click Enable PP[...]
-
Página 39
Vigor2950 Series User’s Guide 29 MTU Mean maximum transmission unit of one packet. The default value is 1442. PPP Setup PPP Authentication - Select PAP only or PAP or CHAP for PPP . Idle Timeout - Set the timeout for breaking down the Internet after passing through the time without any action. This setting is active only when the Active on demand[...]
-
Página 40
Vigor2950 Series User’s Guide 30 IP Address – Type the IP address. Subnet Mask – Type the subnet mask. 3 3 . . 1 1 . . 4 4 L L o o a a d d - - B B a a l l a a n n c c e e P P o o l l i i c c y y This router supports the function of load balanc ing. It can assign traffic with protocol t ype, IP address for specific host, a subnet of hosts, and[...]
-
Página 41
Vigor2950 Series User’s Guide 31 Dest Port End Display the IP address for the end of the destination port. Move UP/Move Down Use Up or Down link to move the order of the polic y. Click Index 1 to access into the following page for configuring load-balance policy. Enable Check this box to enable this policy. Protocol Use the drop-down menu to choo[...]
-
Página 42
Vigor2950 Series User’s Guide 32 Dest Port End Type the destination port end for the destination IP. If this field is blank, it means that all the destination ports will be passed through the WAN interface. 3 3 . . 2 2 L L A A N N Local Area Network (LAN) is a group of subnets regulated and ruled by router . The design of network structure is rel[...]
-
Página 43
Vigor2950 Series User’s Guide 33 W W h h a a t t i i s s R R o o u u t t i i n n g g I I n n f f o o r r m m a a t t i i o o n n P P r r o o t t o o c c o o l l ( ( R R I I P P ) ) V igor router will exchange routing informati on with neighboring routers using the RIP to accomplish IP routing. This allows users to cha nge the information of the r[...]
-
Página 44
Vigor2950 Series User’s Guide 34 3 3 . . 2 2 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p This page provides you the general settings for LAN. Click LAN to open the LAN settings page and choose General Setup . 1st IP Address T ype in private IP address for connecting to a local private network (Default: 192.168.1.1). 1st Subnet Mask T [...]
-
Página 45
Vigor2950 Series User’s Guide 35 S tart IP Address: Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses. If the 2nd IP address of your router is 220.1 35.240.1, the starting IP address must be 220.135.240.2 or greater , but smaller than 220.135.240. 254. IP Pool Counts: Enter the number of IP addresses[...]
-
Página 46
Vigor2950 Series User’s Guide 36 of the router , which means the router is the default gateway . DHCP Server IP Addr ess for Relay Agent - Set the IP address of the DHCP server you are going to use so the Relay Agent can help to forward the DHCP request to the DHCP server . DNS Server Configuration DNS stands for Domain Name System. Every Interne[...]
-
Página 47
Vigor2950 Series User’s Guide 37 Index The number (1 to 10) unde r Index allows you to open next page to set up static route. Destination Address Display the destination address of the static route. Status Display the status of the static route. Viewing Routing Table Display the routing table for your reference. A A d d d d S S t t a a t t i i c [...]
-
Página 48
Vigor2950 Series User’s Guide 38 Note : There are two reasons that we have to apply RIP Protocol Control on 1st Subnet. The f irst is that the LAN inte rface can exchange RI P packets with the neighboring routers via the 1st subnet (192. 168.1.0/24). The second is that those hosts on the internal private subnets (e x. 192.168.10.0/24) can access [...]
-
Página 49
Vigor2950 Series User’s Guide 39 3 3 . . 2 2 . . 4 4 V V L L A A N N PCs connected to Ethernet ports of the router can be divided into different groups and formed VLAN. PCs under the same groups can share each other information through the router and will not be peeked by other groups. Note: This menu is available for the router without wireless [...]
-
Página 50
Vigor2950 Series User’s Guide 40 3 3 . . 2 2 . . 5 5 B B i i n n d d I I P P t t o o M M A A C C This function is used to bind the IP and MAC address in LAN to have a strengthen control i n network. When this functi on is enabled, all the assigne d IP and MAC address binding together cannot be changed. If you modified the binding IP or MAC addres[...]
-
Página 51
Vigor2950 Series User’s Guide 41 Add It allows you to add the one you choose from the ARP table or the IP/MAC address typed in Add and Edit to the table of IP Bind List . Edit It allows you to edit and modify the selected IP address and MAC address that you create before. Delete You can remove any item listed in IP Bind List . Simply click and se[...]
-
Página 52
Vigor2950 Series User’s Guide 42 3 3 . . 3 3 . . 1 1 P P o o r r t t R R e e d d i i r r e e c c t t i i o o n n Port Redirection is usually set up for server related service inside the local network (LAN), such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP address for each server and this public IP addre[...]
-
Página 53
Vigor2950 Series User’s Guide 43 Enable Check this box to enable such port redirection setting. Mode Two options (Single and Range) are provided here for you to choose. To set a range for the specific service, select Range . In Range mode, if the public port (s tart port and end port) and the starting IP of private IP had been entered, the system[...]
-
Página 54
Vigor2950 Series User’s Guide 44 3 3 . . 3 3 . . 2 2 D D M M Z Z H H o o s s t t As mentioned above, Port Redirection can redirect incoming TCP/UDP or othe r traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (A H), do not travel on a fixed por[...]
-
Página 55
Vigor2950 Series User’s Guide 45 For WAN 1 WAN Selection In WAN 1, DMZ host can be specified with Private IP or Active True IP . Choose the one you want. Private IP Enter the private IP address of the DMZ host, or click Choose PC to select one. It will be available when you choose Private IP as the WAN interface. MAC Address of the True IP DMZ Ho[...]
-
Página 56
Vigor2950 Series User’s Guide 46 save the setting. For WAN 2 Click WAN2 tab to open the following page: Enable Check to enable the DMZ Host function. Private IP Enter the private IP address of the DMZ host, or click Choose PC to select one. Choose PC Click this button and then a window will autom atically pop up, as depicted below. The window con[...]
-
Página 57
Vigor2950 Series User’s Guide 47 save the setting. Note: If you previously have set up WAN Alias in Internet Access>>PPPoE/Static IP/PPTP, you will find them in Aux. WAN IP list for your selection.[...]
-
Página 58
Vigor2950 Series User’s Guide 48 3 3 . . 3 3 . . 3 3 O O p p e e n n P P o o r r t t s s Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2 P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application [...]
-
Página 59
Vigor2950 Series User’s Guide 49 Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. WAN Interface Specify the WAN interface that will be used for this entry. WAN IP Such drop down list will be shown only if you have entered other WAN IP address in WAN IP Alias window. Choose one of them [...]
-
Página 60
Vigor2950 Series User’s Guide 50 3 3 . . 3 3 . . 4 4 A A d d d d r r e e s s s s M M a a p p p p i i n n g g This page is used to map specific pr ivate IP to specific WAN IP alias. If you have "a group of IP Addresses" and want to apply to the router, please use WAN IP alias function to record these IPs first. Th en, use address mapping[...]
-
Página 61
Vigor2950 Series User’s Guide 51 Protocol Specify the transport layer protocol. It could be TCP , UDP , or ALL for selection. WAN Interface Specify the WAN interface that will be used for this entry. WAN IP Select an IP address (the selections provided here are set in IP Alias List of Network >>WAN interface). Local host can use this IP to [...]
-
Página 62
Vigor2950 Series User’s Guide 52 The following illustrations are flow charts e xplaining how router will treat incoming traffic and outgoing traffic respectively. S S t t a a t t e e f f u u l l P P a a c c k k e e t t I I n n s s p p e e c c t t i i o o n n ( ( S S P P I I ) ) Stateful inspection is a firewall architecture that works at the netw[...]
-
Página 63
Vigor2950 Series User’s Guide 53 The below shows the attack types that DoS/DDoS defense function can detect: 1. SYN flood attack 2. UDP flood attack 3. ICMP flood attack 4. Port Scan attack 5. IP options 6. Land attack 7. Smurf attack 8. Trace route 9. SYN fragm ent 10. Fraggle attack 11. TCP flag scan 12. Tear dro p attack 13. Ping of Death atta[...]
-
Página 64
Vigor2950 Series User’s Guide 54 APP Enforcement Select one of the APP Enforcement Pr ofile settings (created in CSM>> APP Enfor cement Profile ) for appl ying with this router . Please set at least one profile for choosing in CSM>> APP Enforcement Pr ofile web page first. For troubleshooting needs, you can specify to record informati[...]
-
Página 65
Vigor2950 Series User’s Guide 55 Move Up/Down Use Up or Down link to m ove the order of the filter rules. Next Filter Set Set the link to the next filter set to be executed after the current filter run. Do not make a loop with many filter sets. To edit Filter Rule , click the Filter Rule index button to enter the Filter Rule setup page. Check to [...]
-
Página 66
Vigor2950 Series User’s Guide 56 To set the IP address manually, please choose Any Address/Single Address/Range Address/Subnet Address as the Address Ty pe and type them in this dialog. In addition, if you want to use the IP range from defined groups or objects, please choose Group and Objects as the Address Type. From the IP Group drop down list[...]
-
Página 67
Vigor2950 Series User’s Guide 57 choose Group and Objects as the Service Type. Protocol - Specify the protocol(s) which this filter rule will apply to. Source/Destination Port - (=) – when the first and last value are the same, it indicates one port; when the first and last valu es are different, it indicates a range for the port and available [...]
-
Página 68
Vigor2950 Series User’s Guide 58 E E x x a a m m p p l l e e As stated before, all the traffic will be separate d and arbitrated using on of two IP filters: call filter or data filter. You may preset 12 call filters and data filters in Filter Setup and even link them in a serial manner. Each filter set is composed by 7 filter rules, which can be [...]
-
Página 69
Vigor2950 Series User’s Guide 59 3 3 . . 4 4 . . 4 4 D D o o S S D D e e f f e e n n s s e e As a sub-functionality of IP Filter/Firewall, th ere are 15 types of detect/ defense function in the DoS Defense setup. The DoS Defense functionality is disabled for default. Click Firewall and click DoS Defense to open the setup page. Enable Dos Defense [...]
-
Página 70
Vigor2950 Series User’s Guide 60 port-scanning Threshold rate, the Vigor router will send out a warning. By default, the Vigor router sets the threshold as 150 packets per second. Block IP options Check the box to activate the Block IP options function. The Vigor router will ignore any IP packets with IP option field in the datagram header. The r[...]
-
Página 71
Vigor2950 Series User’s Guide 61 SYN packets with the identical source and destination addresses, as well as the port number to victims. Block Unknown Protocol Check the box to activate the Block Unknown Protocol function. Individual IP packet has a protocol field in the datagram header to indicate the protocol type running over the upper layer. [...]
-
Página 72
Vigor2950 Series User’s Guide 62 3 3 . . 5 5 O O b b j j e e c c t t s s S S e e t t t t i i n n g g s s For IPs in a range and service ports in a limited range usually will be applied in configuri ng router’s settings, therefore we can define them with objects and bind them with groups for using conveniently. Later, we can select that object/g[...]
-
Página 73
Vigor2950 Series User’s Guide 63 Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose a proper interface (WAN, LAN or Any). For example, the Direction setting in Edit Filter Rule will ask you specify IP or IP range for WAN or LAN or any IP address. If you choose LAN as the Interface here, and choose LAN as the di[...]
-
Página 74
Vigor2950 Series User’s Guide 64 3 3 . . 5 5 . . 2 2 I I P P G G r r o o u u p p This page allows you to bind several IP objects into one IP group. Set to Factory Default Clear all profiles. Click the number under Index colu mn for settings in detail. Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose WAN, LAN [...]
-
Página 75
Vigor2950 Series User’s Guide 65 3 3 . . 5 5 . . 3 3 S S e e r r v v i i c c e e T T y y p p e e O O b b j j e e c c t t You can set up to 96 sets of Service Type Objects with different conditions. Set to Factory Default Clear all profiles. Click the number under Index co lumn for settings in detail. Name Type a name for this profile. Protocol Sp[...]
-
Página 76
Vigor2950 Series User’s Guide 66 (!=) – when the first and last value are the same, it indicates all the ports except the port defined here; when th e first and last values are different, it indicates that all the ports except the range defined here are available for this service type. (>) – the port number greater than this value is avail[...]
-
Página 77
Vigor2950 Series User’s Guide 67 Name Type a name for this profile. Available Service Type Objects You can add IP objects from IP Objects page. All the available IP objects will be shown in this box. Selected Service Type Objects Click >> button to add the selected IP objects in this box. 3 3 . . 5 5 . . 5 5 I I M M O O b b j j e e c c t t [...]
-
Página 78
Vigor2950 Series User’s Guide 68 Profile Name Type a name for this profile. Type a name for such profile and check all the ite ms that not allowed to be used in the host. Finally, click OK to save this profile.[...]
-
Página 79
Vigor2950 Series User’s Guide 69 3 3 . . 5 5 . . 6 6 P P 2 2 P P O O b b j j e e c c t t This page allows you to set 32 profiles for p eer-to-peer application. These profiles will be applied in CSM>>APP Enforcement Profile for filtering. Set to Factory Default Clear all profiles. Click the number under Profile column for conf iguration in d[...]
-
Página 80
Vigor2950 Series User’s Guide 70 Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK to save this profile. 3 3 . . 5 5 . . 7 7 P P r r o o t t o o c c o o l l O O b b j j e e c c t t This page allows you to set 32 profiles for applications in protocol communication. These profiles wi[...]
-
Página 81
Vigor2950 Series User’s Guide 71 3 3 . . 5 5 . . 8 8 M M i i s s c c O O b b j j e e c c t t This page allows you to set 32 profiles for mi scellaneous applications. These profiles will be applied in CSM>> APP Enforcement Profile for filtering. Set to Factory Default Clear all profiles. Click the number under Profile column for c onfigurati[...]
-
Página 82
Vigor2950 Series User’s Guide 72 Profile Name Type a name for this profile. Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK to save this profile. 3 3 . . 6 6 C C S S M M CSM is an abbreviation of Content Security Management which is used to control IM/P2P usage, filter the web co[...]
-
Página 83
Vigor2950 Series User’s Guide 73 checks the URL strings or some of HTTP data hiding in the pa yload of TCP packets while legacy firewall inspects packets based on the fields of TCP/IP headers only. On the other hand, Vigor router can prevent user from accidentally downloading malicious codes from web pages. It’s very common that malicious codes[...]
-
Página 84
Vigor2950 Series User’s Guide 74 3 3 . . 6 6 . . 1 1 A A P P P P E E n n f f o o r r c c e e m m e e n n t t P P r r o o f f i i l l e e You can define policy profiles for different policy of IM (Instant Messenger)/P2P (Peer to Peer) application. Such profile will be used in Firewall>>General Setup and Firewall>>Filter Setup pages. Se[...]
-
Página 85
Vigor2950 Series User’s Guide 75 3 3 . . 6 6 . . 2 2 U U R R L L C C o o n n t t e e n n t t F F i i l l t t e e r r P P r r o o f f i i l l e e Click CSM and click URL Content Filter Profile to open the profile setting page. Enable URL Access Control Check the box to activate URL Access Control. Black List (block those matching keyword) Click th[...]
-
Página 86
Vigor2950 Series User’s Guide 76 Y ou must clear your browser cache first so that the URL content filtering facility operates properly on a web page that you visited before. Enable Restrict Web Feature Check the box to activate the function. Java - Check the checkbox to activate the Block Java object function. The Vigor router will discard the Ja[...]
-
Página 87
Vigor2950 Series User’s Guide 77 3 3 . . 6 6 . . 3 3 W W e e b b C C o o n n t t e e n n t t F F i i l l t t e e r r P P r r o o f f i i l l e e We all know that the content on the Internet just like other types of media may be inappropriate sometimes. As a responsible pare nt or employer, you should protect those in your trust against the hazard[...]
-
Página 88
Vigor2950 Series User’s Guide 78 3 3 . . 7 7 B B a a n n d d w w i i d d t t h h M M a a n n a a g g e e m m e e n n t t Below shows the menu items for Bandwidth Management. 3 3 . . 7 7 . . 1 1 S S e e s s s s i i o o n n s s L L i i m m i i t t A PC with private IP address can access to the Internet via NAT router. The router will generate the r[...]
-
Página 89
Vigor2950 Series User’s Guide 79 Maximum Sessions Defines the av ailable sessi on number for each host in the specific range of IP addresses. If you do not set the session number in this field, the system will use the default session limit for the specific limitation you set for each index. Add Adds the specific session limitation onto the list a[...]
-
Página 90
Vigor2950 Series User’s Guide 80 Default TX limit Define the default speed of the upstream for each computer in LAN. Default RX limit Define the default speed of the downstream for each computer in LAN. Allow auto adjustment to make the best utilization of available bandwidth Router will detect if there is enough bandwidth remained for using acco[...]
-
Página 91
Vigor2950 Series User’s Guide 81 the overcrowded network. This is especially essen tial to those are low tolerant of loss, delay or jitter (delay variation). Another reason is due to congestions at network intersections where speeds of interconnected circuits mismatch or traffic a ggregates, packets will queue up and traffic can be throttled back[...]
-
Página 92
Vigor2950 Series User’s Guide 82 This page displays the QoS settings result of the WAN interface. Click the Setup link to access into next page for the general setup of WAN (1/2) interface. As to class rule, si mply click the Edit link to access into next for configuration. You can configure general setup for the WAN interface, edit the Class Rul[...]
-
Página 93
Vigor2950 Series User’s Guide 83 Check this box and click OK , then click Setup link again. You will see the Online Statistics link appearing on this page. Note: Before enable QoS control, you should test the real bandwidth first. QoS may not work properly if the bandwidth is not accurate. You can visit www.speedtest.net or contact with your ISP [...]
-
Página 94
Vigor2950 Series User’s Guide 84 After you click the Edit link, you will see the following page. Now you can define the name for that Class. In this case, “Test” is used as the name of Class Index #1. For adding a new rule, click Add to open the following page. ACT Check this box to invoke these settings. Local Address Click the Edit button t[...]
-
Página 95
Vigor2950 Series User’s Guide 85 Edit It allows you to edit source address information. Address Type – Determine the address type for the source address. For Single Address , you have to fill in Start IP address. For Range Address , you have to fill in Start IP address and End IP address. For Subnet Address , you have to fill in Start IP addres[...]
-
Página 96
Vigor2950 Series User’s Guide 86 After you click the Edit link, you will see the following page. For adding a new service type, click Add to open the following pag e. Service Name Type in a new service for your request. Service Type Choose the t ype (TCP, UDP or TCP/UDP) for the new service. Port Configuration Click Single or Range . If you selec[...]
-
Página 97
Vigor2950 Series User’s Guide 87 3 3 . . 8 8 A A p p p p l l i i c c a a t t i i o o n n s s Below shows the menu items for Applications. 3 3 . . 8 8 . . 1 1 D D y y n n a a m m i i c c D D N N S S The ISP often provides you with a dynamic IP address when you c onnect to the Internet via your ISP. It means that the public IP address assigned to y[...]
-
Página 98
Vigor2950 Series User’s Guide 88 Active Display if this account is active or inactive. View Log Display DDNS log status. Force Update Force the router updates its information to DDNS server. 3. Select Index number 1 to add an account for the router. Check Enable Dynamic DNS Account , and choose correct Service Provider: dyndns.org, type the regis[...]
-
Página 99
Vigor2950 Series User’s Guide 89 3 3 . . 8 8 . . 2 2 S S c c h h e e d d u u l l e e The Vigor router has a built-in real time clock which can update itself manually or automatically by means of Network Time Protocols (NTP). As a re sult, y ou can not only schedule the router to dialup to the Internet at a specified time, but also restrict Intern[...]
-
Página 100
Vigor2950 Series User’s Guide 90 Start Date (yyyy-mm-dd) Specify the starting date of the schedule. Start Time (hh:mm) Specify the starting time of the schedule. Duration Time (hh:mm) Specify the duration (or period) for the schedule. Action Specify which action Call Schedule should apply during the period of the schedule. Force On - Force the co[...]
-
Página 101
Vigor2950 Series User’s Guide 91 3 3 . . 8 8 . . 3 3 R R A A D D I I U U S S / / L L D D A A P P Remote Authentication Dial-In User Servi ce (RADIUS) is a security authentication client/server protocol that supports authenti cation, authorization and accounting, which is widely used by Internet service providers. It is the most common method of a[...]
-
Página 102
Vigor2950 Series User’s Guide 92 Common Name Identifier Type or edit the co mmon name identifier for the LDAP server. The common name identifier for most LDAP server is cn. Distinguished Name Type or edit the distinguished name used to look up e ntries on the LDAP server. 3 3 . . 8 8 . . 4 4 U U P P n n P P The UPnP (Universal Plug and Play) prot[...]
-
Página 103
Vigor2950 Series User’s Guide 93 The UPnP facility on the router enables UPnP awar e applications such as MSN Messenger to discover what are behind a NA T router . The application will also learn the external IP address and configure port mappings on the router . Subsequently , such a facility forwards packets from the external ports of the route[...]
-
Página 104
Vigor2950 Series User’s Guide 94 Wake by Two types provide for you to wake up the binded IP . If you choose Wake by MAC Address, you have to type the correct MAC address of the host in MAC Address boxes. If you choose Wake by IP Address, you have to choose the correct IP address. IP Address The IP addresses that have been configured in Firewall&g[...]
-
Página 105
Vigor2950 Series User’s Guide 95 3 3 . . 9 9 V V P P N N a a n n d d R R e e m m o o t t e e A A c c c c e e s s s s A Virtual Private Network (VPN) is the extension of a private network that encompasses links across shared or public networks like th e Internet. In short, by VPN technology, you can send data between two computers across a shared [...]
-
Página 106
Vigor2950 Series User’s Guide 96 Please choose a LAN-to-LAN Profile There are 32 VPN profiles for users to set. When you finish the mode and profile selection, please click Next to open the following page. In this page, you have to select suitable VPN type for the VPN client profile. There are six types provided here. Different type will lead to [...]
-
Página 107
Vigor2950 Series User’s Guide 97 the choices for the client profile, please click Next . You will see different configurations based on the selection(s) you made. z When you choose PPTP (None Encry ption) or PPTP (Encryption) , you will see the following graphic: z When you choose IPSec , you will see the following graphic: z When you choose L2TP[...]
-
Página 108
Vigor2950 Series User’s Guide 98 z When you choose L2TP over IPSec (Nice to Have), you will see the following graphic: z When you choose L2TP over IPSec (Must), you will see the following graphic:[...]
-
Página 109
Vigor2950 Series User’s Guide 99 Profile Name Type a name for such profile. The length of the file is limited to 10 characters. VPN Dial-Out Through Use the drop down menu to choose a proper WAN interface for this profile. This setting is useful for dial-out only. WAN1 First - While connecting, the router will use WAN1 as the first channel for VP[...]
-
Página 110
Vigor2950 Series User’s Guide 100 such as L2TP over IPSec and IPSec tunnel. Pre-Shared Key- Specify a key for IKE authentication Confirm Pre-Shared Key- Confirm the pre-shared key. Digital Signature (X.509) Check the box of Digital Signature to invoke this function. Peer ID – Select one predefined in the X.509 Peer ID Profiles (set from VPN and[...]
-
Página 111
Vigor2950 Series User’s Guide 101 Go to the VPN Connection Management Click this radio button to access VPN and Remote Access>>Connection Management for viewing VPN Connection status. Do another VPN Server Wizard Setup Click this radio button to set another profile of VPN Server through VPN Server Wizard. View more detailed configuration Cl[...]
-
Página 112
Vigor2950 Series User’s Guide 102 Selection Site to Site VPN/Remote Dial-in User – To set a LAN-to-LAN profile automatically, please choose Site to Site VPN. Remote Dial-in User –You can manage remote access by maintaining a table of remote user profile, so that users can be authenticated to dial-in via VPN connection. Please choose a LAN-to-[...]
-
Página 113
Vigor2950 Series User’s Guide 103 page. After making the choices for the server profile, please click Next . You will see different configurations based on the selection you made. z When you check PPTP/IPSec/L2TP (three types) or PPTP/IPSec (two types) or L2TP with Policy (Nice to Have/Must) , you will see the following graphic: z When you check [...]
-
Página 114
Vigor2950 Series User’s Guide 104 Profile Name Type a name for such profile. The length of the file is limited to 10 characters. User Name This field is used to authenticate for connection when you select PPTP or L2TP with or without IPSec policy above. Password This field is used to authenticate for connection when you select PPTP or L2TP with o[...]
-
Página 115
Vigor2950 Series User’s Guide 105 Remote Network IP Please type one LAN IP address (according to the real location of the remote host) for building VPN connection. Remote Network Mask Please type the network mask (according to the real location of the remote host) for building VPN connection. After finishing the configuration, please click Next. [...]
-
Página 116
Vigor2950 Series User’s Guide 106 The Vigor router will not accept the ISDN dial-in connection if the box of Enable ISDN Dial-in is not checked. 3 3 . . 9 9 . . 4 4 P P P P P P G G e e n n e e r r a a l l S S e e t t u u p p This submenu only applies to PPP-related VPN connections, such as PPTP, L2TP, L2TP over IPSec. Dial-In PPP Authentication P[...]
-
Página 117
Vigor2950 Series User’s Guide 107 use 40-bit to perform encryption prior t o using 128-bit for encryption. In other words, if 128-bit MPPE encryption method is not available, then 40-bit encryption scheme will be applied to encrypt the data. Maximum MPPE - This option indicates that the router will use the MPPE encryption scheme with maximum bits[...]
-
Página 118
Vigor2950 Series User’s Guide 108 IKE Authentication Method This usually applies to those are remote dial-in user or node (LAN-to-LAN) which uses dynamic IP address and IPSec-related VPN connections such as L2TP over IPSec and IPSec tunnel. Certificate for Dial in -When the client executes remote dial-in with IPSec mode, the router will transfer [...]
-
Página 119
Vigor2950 Series User’s Guide 109 3 3 . . 9 9 . . 6 6 I I P P S S e e c c P P e e e e r r I I d d e e n n t t i i t t y y To use digital certificate for peer authentication in either LAN-to-LAN connection or Remote User Dial-In connection, here you may edit a table of peer certificate for selection. As shown below, the router provides 200 entries[...]
-
Página 120
Vigor2950 Series User’s Guide 110 Profile Name Type in a name in this file. Accept Any Peer ID Click to accept any peer regardless of its identity. Accept Subject Alternative Name Click to check one specific field of digital signature to accept the peer with matching value. The field can be IP Address, Domain, or E-mail Address . The box under th[...]
-
Página 121
Vigor2950 Series User’s Guide 111 3 3 . . 9 9 . . 7 7 R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r You can manage remote access by maintaining a table of remote user profile, so that users can be authenticated to dial-in via ISDN or build the VPN connection. You may set parameters including specified connection peer ID, con[...]
-
Página 122
Vigor2950 Series User’s Guide 112 Enable this account Check the box to enable this function. Idle Timeout- If the dial-in user is idle over the limitation of the timer, the router will drop this connection. By default, the Idle Timeout is set to 300 seconds. ISDN Allow the remote ISDN dial-in connection. You can further set up Callback function b[...]
-
Página 123
Vigor2950 Series User’s Guide 113 SSL Tunnel It allows the remote dial-in user to make an SSL VPN Tunnel connection through Internet, suitable for the application through network accessing (e.g., PPTP/L2TP/IPSec) If you check this box, the function of SS L Tunnel for this account will be activated immediately. To check if SSL Tunnel is activated [...]
-
Página 124
Vigor2950 Series User’s Guide 114 VPN>> SSL Web Proxy to set profiles. If you have set several profiles beforehand, you can check SSL Web Proxy and choose the one(s) you need as SSL VPN. To check if SSL Web Proxy is activated or not, please open Draytek SSL VPN portal interface. From the web page, you will see the message to indicate that y[...]
-
Página 125
Vigor2950 Series User’s Guide 115 remote node. The only exception is Digital Signature (X.509) can be set when you select IPSec tunnel either with or without specify the IP address of the remote node. Pre-Shared Key - Check the box of Pre-Shared Key to invoke this function and type in the required characters (1-63) as the pre-shared key. Digital [...]
-
Página 126
Vigor2950 Series User’s Guide 116 3 3 . . 9 9 . . 8 8 L L A A N N t t o o L L A A N N Here you can manage LAN-to-LAN connections by maintaining a table of connection profiles. You may set parameters including sp ecified connection direction (dial-in or dial-out), connection peer ID, connection type (ISDN connection, VPN connection - including PPT[...]
-
Página 127
Vigor2950 Series User’s Guide 117 Profile Name Specify a name for the profile of the LAN-to-LAN connection. Enable this profile Check here to activate this profile. VPN Connection Through Use the drop down menu to choose a proper WAN interface for this profile. This setting is useful for dial-out only. WAN1 First - While connecting, the router wi[...]
-
Página 128
Vigor2950 Series User’s Guide 118 WAN2 First - While connecting, the router will use WAN2 as the first channel for VPN connection. If WAN2 fails, the router will use another WAN interface instead. WAN2 Only - While connecting, the router will use WAN2 as the only channel for VPN connection. Netbios Naming Packet Pass – click it to have an inqui[...]
-
Página 129
Vigor2950 Series User’s Guide 119 further set up Callback (CBCP) function below. This feature is useful for i model only. PPTP Build a PPTP VPN connection to the server through the Internet. You should set the identity like User Name and Password below for the authentication of remote server. IPSec Tunnel Build an IPSec VPN connection to the serv[...]
-
Página 130
Vigor2950 Series User’s Guide 120 authenticated, but not be encrypte d. By default, this option is active. High (ESP-Encapsulating Security Payload)- means payload (data) will be encrypted and authenticated. Select from below: DES without Authentication - Use DES encryption algorithm and not apply any authentication scheme. DES with Authenticatio[...]
-
Página 131
Vigor2950 Series User’s Guide 121 IKE phase 2 proposal- To propose the local available algorithms to the VPN peers, and get its feedback to find a match. Three combinations are available for both modes. We suggest you select the combination that covers the most algorithms. IKE phase 1 key lifetime- For security reason, the lifetime of key should [...]
-
Página 132
Vigor2950 Series User’s Guide 122 here to allow the Vigor router to send the ISDN number to the remote router. This feature is useful for i model only. Allowed Dial-In Type Determine the dial-in connection with different types. ISDN - Allow the remote ISDN LAN-to-LAN connection. You should set the User Name and Password of remote dial-in user bel[...]
-
Página 133
Vigor2950 Series User’s Guide 123 None - Do not apply the IPSec policy. Accordingly, the VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection. Nice to Have - Apply the IPSec policy first, if it is applicable during negotiation. Otherwise, the dial-in VPN connection becomes one pure L2TP connection. Must [...]
-
Página 134
Vigor2950 Series User’s Guide 124 Callback number -The option is for extra security. Once enabled, the router will ONLY call back to the specified Callback Number. Callback Budget (Unit: minutes) - By default, the callback function has limitation of callback period. Once the callback budget is exhausted, the function will be disabled automaticall[...]
-
Página 135
Vigor2950 Series User’s Guide 125 find there are several subnets behind the remote VPN router. RIP Direction - The option specifies the direction of RIP (Routing Information Protoc ol) packets. You can enable/disable one of direction here. Herein, we provide four options: TX/RX Both, TX Only, RX Only, and Disable. From first subnet to remote netw[...]
-
Página 136
Vigor2950 Series User’s Guide 126 ¾ Specific ERD (Environment Recovery Detecti on) mechanism which can be operated by using Telnet command V PN TRUNK-VPN Backup mechanism profile will be activated when initial connection of single VPN tunnel is off-line. Before setting VPN TRUNK -VPN Backup mechanism backup profile, please configure at least two[...]
-
Página 137
Vigor2950 Series User’s Guide 127 Backup Profile List Set to Factory Default - Click to clear all VPN TRUNK-VPN Backup mechanism profile. No - The order of VPN TRUNK-VPN Backup mechanism profile. Status (on Backup Profile field) - “v” means such profile is enabled; ”x” means such profile is disabled. Name (on Backup Profile field) - Displ[...]
-
Página 138
Vigor2950 Series User’s Guide 128 Advanced – This button is only available when there is one profile (or more) created in this page. Detailed information for this dialog, see later section - Advanced Load Balance and Backup . Load Balance Profile List Set to Factory Default - Click to clear all VPN TRUNK-VPN Load Balance mechanism profile. No -[...]
-
Página 139
Vigor2950 Series User’s Guide 129 Detailed information for this dialog, see later section - Advanced Load Balance and Backup . General Setup Status - After choosing one of the profile listed above, please click Enable to activate this profile. If you click Disable , the selected or current used VP N TRUNK-Backup/Load Balance mechanism profile wil[...]
-
Página 140
Vigor2950 Series User’s Guide 130 Delete Click this button to delete the selected VPN TRUNK profile. The corresponding members (LAN-to-LAN profiles) grouped in the deleted VPN TRUNK profile will be released and that profiles in LAN-to-LAN will be displayed in black. T T i i m m e e f f o o r r a a c c t t i i v v a a t t i i n n g g V V P P N N T[...]
-
Página 141
Vigor2950 Series User’s Guide 131 expressed in black. H H o o w w c c a a n n y y o o u u s s e e t t a a G G R R E E o o v v e e r r I I P P S S e e c c p p r r o o f f i i l l e e ? ? 1. Please go to LAN to LAN to set a profile with IPSec. 2. If the router will be used as the VPN Server (i.e., with virtual address 192.168.50.200). Please type 1[...]
-
Página 142
Vigor2950 Series User’s Guide 132 A A d d v v a a n n c c e e d d L L o o a a d d B B a a l l a a n n c c e e a a n n d d B B a a c c k k u u p p After setting profiles for load balance, you can choose any one of them and click Advance for more detailed configuration. The window s for advanced load balance and backup are different. Refer to the f[...]
-
Página 143
Vigor2950 Series User’s Guide 133 binding tunnel table. Tunnel Bind Table Index - 400 binding tunnel tables are provided by this device. Choose any one of them for such Load Balance profile. Active – In-active/Delete can delete this binding tunnel table. Active can activate this binding tunnel table. Binding Dial Out Index – Specify connectio[...]
-
Página 144
Vigor2950 Series User’s Guide 134 Detail Information This field will display detailed information for Binding Tunnel Policy. Below shows a successful binding tunnel policy for load balance: Note : To configure a successful binding tunnel, you have to: A. Type Binding Src IP range (Start and End) and Binding Des IP range (Start and End) Choose YES[...]
-
Página 145
Vigor2950 Series User’s Guide 135 periodically and type the value for it (the unit is second). If VPN server for Member 1 has completed the network connection, current VPN Tunne l backup connection will be off. Resume – when VPN connection breaks down or disconnects, Member 1 will be the top priority for the system to do VPN connection. Detail [...]
-
Página 146
Vigor2950 Series User’s Guide 136 3 3 . . 9 9 . . 1 1 0 0 C C o o n n n n e e c c t t i i o o n n M M a a n n a a g g e e m m e e n n t t You can find the summary table of all VP N connections. You may disconnect any VPN connection by clicking Drop button. You may also aggressively Dial-out by using Dial-out Tool and clicking Dial button. After a[...]
-
Página 147
Vigor2950 Series User’s Guide 137 VPN Load Balance function. Dial Click this button to execute dial out func tion under General Mode, Backup Mode or Load Balance Mode. Refresh Seconds Choose the time for refresh the dial information among 5, 10, and 30. Refresh Click this button to refresh the whole connection status. 3 3 . . 1 1 0 0 C C e e r r [...]
-
Página 148
Vigor2950 Series User’s Guide 138 GENERATE Click this button to open G enerate Certificate Signing Request window. Type in all the information that the window request such as cer tifcate name (used for identifying different certificate), subject alternative name type and relational settings for subject name. Then click GENERATE again. Note: Pleas[...]
-
Página 149
Vigor2950 Series User’s Guide 139 IMPORT Vigor router allows you to generate a certificate request and submit it the CA server, then import it as “Local Certificate”. If you have already gotten a certificate fro m a third party, you may import it directly. The supported t ypes are PKCS12 Certificate and Certificate with a private key. Click t[...]
-
Página 150
Vigor2950 Series User’s Guide 140 Upload Certificate and Private Key It is useful when users have separated certificates an d private keys. And the password is needed if the private key is encrypted. REFRESH Click this button to refresh the information listed below. View Click this button to view the detailed settings for certificate request. Not[...]
-
Página 151
Vigor2950 Series User’s Guide 141 imported will be listed on the Trusted CA Certificate window. Then click Import to use the pre-saved file. For viewing each trusted CA certificate, click View to open the certificate detail information window. If you want to delete a CA cer tificate, choose the one and click Delete to remove all the certificate i[...]
-
Página 152
Vigor2950 Series User’s Guide 142 3 3 . . 1 1 0 0 . . 3 3 C C e e r r t t i i f f i i c c a a t t e e B B a a c c k k u u p p Local certificate and Trusted CA certificate for this router can be saved within one file. Please click Backup on the following screen to save them . If you want to set encryption password for these certificates, please ty[...]
-
Página 153
Vigor2950 Series User’s Guide 143 3 3 . . 1 1 1 1 . . 2 2 G G e e n n e e r r a a l l S S e e t t t t i i n n g g s s This web page allows you to enable wireless LAN function. ISDN Port Click Enable to open the ISDN port and Disable to close it. Country Code For proper operation on your local ISDN network, you should choose the correct country co[...]
-
Página 154
Vigor2950 Series User’s Guide 144 3 3 . . 1 1 1 1 . . 3 3 D D i i a a l l t t o o a a S S i i n n g g l l e e I I S S P P / / D D i i a a l l t t o o D D u u a a l l I I S S P P s s Select Dialing to a Single ISP if you access the Internet via a single ISP. ISP Access Setup ISP Name - Enter your ISP name such as Seednet, Hinet and so on. Dial Num[...]
-
Página 155
Vigor2950 Series User’s Guide 145 IP Address Assignment Method (IPCP) In most environments, you should not change these settings as most ISPs provide a dynamic IP address for the router when it connects to the ISP. If your ISP provides a fixed IP address, check Yes and enter the IP address in the field of Fixed IP Address . Select Dialing to Dual[...]
-
Página 156
Vigor2950 Series User’s Guide 146 Primary ISP Setup ISP Name - Enter your ISP name. Dial Number - Enter the ISDN access number provided by your ISP. Username - Enter the username provided by your ISP. Password - Enter the password provided by your ISP. IP Address Assignment Method (IPCP) for primary ISP setup In most environments, you should not [...]
-
Página 157
Vigor2950 Series User’s Guide 147 3 3 . . 1 1 1 1 . . 4 4 V V i i r r t t u u a a l l T T A A Vi r t u a l T A means the local hosts or PCs in th e network that uses popular CAPI-based software such as R VS-CO M or BVRP to access the router as a local ISDN T A f o r sending or receiving F AX messages over the ISDN line. Basicall y , it is a clien[...]
-
Página 158
Vigor2950 Series User’s Guide 148 z The Virtual TA client only supports the CA PI 2.0 protocol and has no built-in FAX engine. z One ISDN BRI interface has two B channels. The maximum number of active clients is also 2. z Before you configure the V irtual T A, you must set the correct country code in ISDN Setup . Virtual TA Server Enable - Select[...]
-
Página 159
Vigor2950 Series User’s Guide 149 C C o o n n f f i i g g u u r r e e a a V V i i r r t t u u a a l l T T A A C C l l i i e e n n t t / / S S e e r r v v e e r r Since the V irtual T A application is a client/ server network model, you must configure it on both ends to run properly your V irtual T A application. By default, the V irtual T A serve[...]
-
Página 160
Vigor2950 Series User’s Guide 150 Suppose that you could assign the MSN number 123 to the client “alan”. T y pe the specified MSN number in the CAP I-based software. When the V irtual T A server sends an alert signal to the specified V irtual T A client, the CAPI-based software will also receive the action, the software will not accept the in[...]
-
Página 161
Vigor2950 Series User’s Guide 151 Note that Dialing to a Single ISP should be pre-configured properly . Basic Setup Link Type - Because ISDN has two B channels (64Kbps/per channel), you can specify whether you would like to have single B channel, two B channels or BOD (Bandwidth on Demand). Four options are available: Link Disable, Dialup 64Kbps,[...]
-
Página 162
Vigor2950 Series User’s Guide 152 3 3 . . 1 1 2 2 W W i i r r e e l l e e s s s s L L A A N N This function is used for G models only. 3 3 . . 1 1 2 2 . . 1 1 B B a a s s i i c c C C o o n n c c e e p p t t s s Over recent years, the market for wireless co mmunications has enjoyed tremendous growth. Wireless technology now reaches or is capable o[...]
-
Página 163
Vigor2950 Series User’s Guide 153 WEP (Wired Equivalent Privacy) is a legacy method to encrypt each frame transmitted via radio using either a 64-bit or 128-bit ke y. Usually access point will preset a set of four keys and it will communicate with each station using only one out of the four keys. WPA(Wi-Fi Protected Access), the most domina ting [...]
-
Página 164
Vigor2950 Series User’s Guide 154 Separate the Wireless and the Wired LAN- WLAN Isolation enables you to isolate your wireless LAN from wired LAN for either quarantine or limit access reasons. To isolate means neither of the parties can access each othe r. To elaborate an example for business use, you may set up a wireless LAN for visitors only s[...]
-
Página 165
Vigor2950 Series User’s Guide 155 11b only - The radio only supports IEE E802.11b. Index(1-15) Set the wireless LAN to work at certain time interval only. You may choose up to 4 schedules out of the 15 schedules pre-defined in Applications >> Schedule setup. The default setting of this filed is blank and the function will always work. SSID [...]
-
Página 166
Vigor2950 Series User’s Guide 156 3 3 . . 1 1 2 2 . . 3 3 S S e e c c u u r r i i t t y y By clicking the Security Settings , a new web page will appear so that you could configure the settings of WEP and WPA. Mode There are several modes provided for you to choose. Disable - Turn off the encryption mechanism. WEP Only - Accepts only WEP clients [...]
-
Página 167
Vigor2950 Series User’s Guide 157 either Mixed or WPA2 only in the field below. Since the key will be auto-negotiated during authentication, the field of key setting below will be not available for input. WPA The WPA encrypts each frame transmitted from the radio using the key, which either PSK entered manually in this field below or automaticall[...]
-
Página 168
Vigor2950 Series User’s Guide 158 3 3 . . 1 1 2 2 . . 4 4 A A c c c c e e s s s s C C o o n n t t r r o o l l For additional security of wireless access, the Access Control facility allows you to restrict the network access right by controlling the wire less LAN MAC address of client. Only the valid MAC address that has been configured can access[...]
-
Página 169
Vigor2950 Series User’s Guide 159 3 3 . . 1 1 2 2 . . 5 5 W W D D S S WDS means Wireless Distribution Syste m. It is a protocol for connecting two access points (AP) wirelessly. Usually, it can be used for the following application: y Provide bridge traffic between two LANs through the air. y Extend the coverage range of a WLAN. To meet the above[...]
-
Página 170
Vigor2950 Series User’s Guide 160 In the following examples, hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links. Howe ver, hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2. Click WDS from Wireless LAN menu. The following page will be shown. Mode Choos[...]
-
Página 171
Vigor2950 Series User’s Guide 161 Security There are three types for security, Disable , WEP and Pre-shared key . The setting you choose here will make the following WEP or Pre-shared key field valid or not. Choose one of the types for the router. WEP Check this box to use the same key set in Security Settings page. If you did not set any key in [...]
-
Página 172
Vigor2950 Series User’s Guide 162 If you want the found AP applying the WDS settings, please type in the AP’s MAC address on the bottom of the page and click Add . Later, the MAC address of the AP will be added to the page of WDS setting. 3 3 . . 1 1 2 2 . . 7 7 S S t t a a t t i i o o n n L L i i s s t t Station List provides the knowledge of [...]
-
Página 173
Vigor2950 Series User’s Guide 163 3 3 . . 1 1 2 2 . . 8 8 S S t t a a t t i i o o n n R R a a t t e e C C o o n n t t r r o o l l This page allows you to cont rol the upload and download rate of each wireless client (station). Please check the box of Enable to invoke this setting. The range for the rate is between 100 ~ 30,000 kbps. 3 3 . . 1 1 3[...]
-
Página 174
Vigor2950 Series User’s Guide 164 Enable Check this box to enable this function (for VLAN Configuration). P1 – P4 Check the box to make the com puter connecting to the port being grouped in specified VLAN. Be aware that each port can be grouped in different VLAN at the same time only if you check the box. For exam ple, if you check the boxes of[...]
-
Página 175
Vigor2950 Series User’s Guide 165 The VLAN >> Wireless VALN allows you to configure Wireless VLAN settings through wireless connection to achieve the above intention. Sim ply type Login ID and password with City and 1234 in the boxes of W_VLAN0. And t ype Login ID and password with Home and 7890 in the boxes of W_VLAN1. Users can conf igure[...]
-
Página 176
Vigor2950 Series User’s Guide 166 Details Click this button to set additional attributes settings for W_VLAN. Activated Date – Use the drop down lists to set the activated date for the wireless VLAN. The wireless VLAN function will be available when the time is arrival. Expired Date – Use the drop down lists to set the expired date for the wi[...]
-
Página 177
Vigor2950 Series User’s Guide 167 4. When the accessing is successful, the following screen will appear. Note: The floating window with connection tim e will be shown on the screen till you logout. 5. You can go to Diagnostics>>Wireless VLAN Online Station for viewing the connection status whenever you want.[...]
-
Página 178
Vigor2950 Series User’s Guide 168 3 3 . . 1 1 3 3 . . 3 3 V V L L A A N N C C r r o o s s s s S S e e t t u u p p This function allows the router to integr ate VLAN and W_VLAN for managing different computers (notebooks). See the following picture for an exam ple. With VLAN Cross Setup , notebook A/B and PCs on VLAN0 can share resources without d[...]
-
Página 179
Vigor2950 Series User’s Guide 169 Enable Check this box to invoke VLAN Cross Setup function. VLAN0-3 It represents the groups of virtual LAN connected by Ethernet interface. W_VLAN0-15 It represents the groups of wireless VLAN communicated by wireless interface. 3 3 . . 1 1 3 3 . . 4 4 W W i i r r e e l l e e s s s s R R a a t t e e C C o o n n t[...]
-
Página 180
Vigor2950 Series User’s Guide 170 3 3 . . 1 1 4 4 S S S S L L V V P P N N An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. There are two benefits that SSL VPN provides: ¾ It is not necessary for users to preinstall VPN client software for executing SSL VPN connection. ¾ The[...]
-
Página 181
Vigor2950 Series User’s Guide 171 3 3 . . 1 1 4 4 . . 2 2 S S S S L L W W e e b b P P r r o o x x y y SSL Web Proxy will allow the remote users to access the intern al web sites over SSL. Name Display the name of the profile that you create. URL Display the URL. Active Display current status (active or inactive) of such profile. Click number link[...]
-
Página 182
Vigor2950 Series User’s Guide 172 SSL – if you choose such selection, web proxy over SSL will be applied for VPN. 3 3 . . 1 1 4 4 . . 3 3 S S S S L L A A p p p p l l i i c c a a t t i i o o n n It provides a secure and flexible solution fo r network resources, including VNC (Virtual Network Computer) /RDP (Remote Desktop Protoc ol) /SAMBA, to a[...]
-
Página 183
Vigor2950 Series User’s Guide 173 Different application type will lead different web pages. Refer to the following: z Virtual Network Computing – Choose this item for accessing and controlling a remote PC through VNC protocol. IP Address Type the IP address for this protocol. Port Specify the port used for this protocol. The default setting is [...]
-
Página 184
Vigor2950 Series User’s Guide 174 z Samba Application - Any remote user can upload/download/delete certain files on a local samba server through web browser with this application Samba Path Specify the path for this application. 3 3 . . 1 1 4 4 . . 4 4 U U s s e e r r A A c c c c o o u u n n t t For SSL VPN, identity authentication and po wer man[...]
-
Página 185
Vigor2950 Series User’s Guide 175 However, if you have set several SSL Web Proxy Profiles in SSL VPN>> SSL Web Proxy web page: The SSL Web Proxy profile names will be disp layed (together with check box) as shown below.[...]
-
Página 186
Vigor2950 Series User’s Guide 176 3 3 . . 1 1 4 4 . . 5 5 O O n n l l i i n n e e U U s s e e r r S S t t a a t t u u s s If you have finished the configuration of SSL Web Proxy (server), users can find out corresponding settings when they access in to Draytek SSL VPN portal interface. Next, users can open SSL VPN>> Online Status to view lo[...]
-
Página 187
Vigor2950 Series User’s Guide 177 3 3 . . 1 1 5 5 . . 1 1 S S y y s s t t e e m m S S t t a a t t u u s s The System Status provides basic network settings of Vigor router. It includes L AN and WAN interface information. Also, you could ge t the current running firmware version or firmware related information from this presentation. Model Name Di[...]
-
Página 188
Vigor2950 Series User’s Guide 178 Wireless LAN --- MAC Address Display the MAC address of the wireless LAN. Frequency Domain It can be Europe (13 usable channels), USA (11 usable channels) etc. The available channels supported by the wireless products in different countries are various. Firmware Version It indicates information about equipped WLA[...]
-
Página 189
Vigor2950 Series User’s Guide 179 set URL as the following and type username and password for VigorACS server: http://{IP address of VigorACS}:8080/ACSServer/services/ACSServlet If the connected CPE does not need to be authenticated please set URL as the following: http://{IP address of VigorACS}:8080/ACSServer/services/UnAuthACSServ let Username[...]
-
Página 190
Vigor2950 Series User’s Guide 180 3 3 . . 1 1 5 5 . . 3 3 A A d d m m i i n n i i s s t t r r a a t t o o r r P P a a s s s s w w o o r r d d This page allows you to set new password. Old Password Type in the old password. The factory default setting for password is blank. New Password Type in new password in this filed. Confirm New Password Type[...]
-
Página 191
Vigor2950 Series User’s Guide 181 3. In Save As dialog, the default filename is config.cfg . You could gi ve it another name by yourself. 4. Click Save button, the configuration will download a utomatically to your computer as a file named config.cfg . The above example is using W indows platform for dem onstrating examples. The Mac or Linux plat[...]
-
Página 192
Vigor2950 Series User’s Guide 182 R R e e s s t t o o r r e e C C o o n n f f i i g g u u r r a a t t i i o o n n 1. Go to System Maintenance >> Configuration Backup . The following windows will be popped-up, as shown below. 2. Click Browse button to choose the correct confi guration file for uploading to the router. 3. Click Restore button[...]
-
Página 193
Vigor2950 Series User’s Guide 183 Mail To Assign a mail address for sending mails out. Return-Path Assign a path for receiving the mail from outside. Authentication Check this box to activate this function while using e-mail application. User Name Type the user name for authentication. Password Type the password for authentication. Click OK to sa[...]
-
Página 194
Vigor2950 Series User’s Guide 184 3 3 . . 1 1 5 5 . . 6 6 T T i i m m e e a a n n d d D D a a t t e e It allows you to specify where the time of the router should be inquired from. Current System Time Click Inquire Time to get the current time. Use Browser Time Select this option to use the browser time from the remote administrator PC host as ro[...]
-
Página 195
Vigor2950 Series User’s Guide 185 3 3 . . 1 1 5 5 . . 7 7 M M a a n n a a g g e e m m e e n n t t This page allows you to manage the setti ngs for access control, access list, port setup, and SMP setup. For example, as to management access control, the port number is used to send/receive SIP message for building a session. The default value is 50[...]
-
Página 196
Vigor2950 Series User’s Guide 186 Set Community Set community b y typing a proper name. The default setting is private. Manager Host IP Set one host as the manager to execute SNMP function. Please type in IP address to specify certain host. Trap Community Set trap community by typing a pr oper name. The default setting is public. Notification Hos[...]
-
Página 197
Vigor2950 Series User’s Guide 187 3 3 . . 1 1 5 5 . . 9 9 F F i i r r m m w w a a r r e e U U p p g g r r a a d d e e Before upgrading your router firmware, you need to i nstall the Router Tools. The Firmware Upgrade Utility is included in the tools. The following web page will guide you to upgrade firmware by using an exam ple. Note that this ex[...]
-
Página 198
Vigor2950 Series User’s Guide 188 3 3 . . 1 1 6 6 D D i i a a g g n n o o s s t t i i c c s s Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router. Below shows the menu items for Diagnostics. 3 3 . . 1 1 6 6 . . 1 1 D D i i a a l l - - o o u u t t T T r r i i g g g g e e r r Click Diagnostics and click Dial-ou[...]
-
Página 199
Vigor2950 Series User’s Guide 189 3 3 . . 1 1 6 6 . . 2 2 R R o o u u t t i i n n g g T T a a b b l l e e Click Diagnostics and click Routing Table to open t he web page. Refresh Click it to reload the page. 3 3 . . 1 1 6 6 . . 3 3 A A R R P P C C a a c c h h e e T T a a b b l l e e Click Diagnostics and click ARP Cache Table to view the content [...]
-
Página 200
Vigor2950 Series User’s Guide 190 3 3 . . 1 1 6 6 . . 4 4 D D H H C C P P T T a a b b l l e e The facility provides information on IP address as signments. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click DHCP Table to open the web page. Index It displays the connection ite[...]
-
Página 201
Vigor2950 Series User’s Guide 191 #Pseudo Port It indicates the temporary port of the router used for NAT. Peer IP:Port It indicates the destination IP address and port of remote host. Interface It indicates the interface of the WAN connection. Refresh Click it to reload the page. 3 3 . . 1 1 6 6 . . 6 6 W W i i r r e e l l e e s s s s V V L L A [...]
-
Página 202
Vigor2950 Series User’s Guide 192 3 3 . . 1 1 6 6 . . 7 7 D D a a t t a a F F l l o o w w M M o o n n i i t t o o r r This page displays the running procedure for the IP address monitored and refreshes the data in an interval of several seconds. The IP address listed here is configured in Bandwidth Management. You have to enable IP bandwidth limi[...]
-
Página 203
Vigor2950 Series User’s Guide 193 TX rate (kbps) Display the transmission speed of the monitored device. RX rate (kbps) Display the receiving spee d of the monitored device. Sessions Display the session number that you specified in Limit Session web page. Action Block - can prevent specified PC acce ssing into Internet within 5 minutes. Unblock ?[...]
-
Página 204
Vigor2950 Series User’s Guide 194 The horizontal axis represents time. Yet the vertical axis has different meanings. For WAN1/WAN2 Bandwidth chart, the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past. For Sessions chart, the numbers displayed on vertical axis represent the numbers of th[...]
-
Página 205
Vigor2950 Series User’s Guide 195 3 3 . . 1 1 6 6 . . 9 9 P P i i n n g g D D i i a a g g n n o o s s i i s s Click Diagnostics and click Ping Diagnosis to pen the web page. Ping through Use the drop down list to choose the WAN interface that you want to ping through or choose Unspecified to be determined by the router automatically. Ping to Use [...]
-
Página 206
Vigor2950 Series User’s Guide 196 3 3 . . 1 1 6 6 . . 1 1 0 0 T T r r a a c c e e R R o o u u t t e e Click Diagnostics and click Trace Route to open the web page. This page allows you to trace the routes from router to the host. Simply type the IP address of the host in the box and click Run . The result of route trace will be shown on the scree[...]
-
Página 207
Vigor2950 Series User’s Guide 197 3 3 . . 1 1 7 7 S S u u p p p p o o r r t t A A r r e e a a When you click the menu item under Support Area , you will be guided to visit www.draytek.com and open the corresponding pages directly. Click Support Area>>Application Note , the following web page will be displayed. Click Support Area>>FAQ [...]
-
Página 208
Vigor2950 Series User’s Guide 198[...]
-
Página 209
Vigor2950 Series User’s Guide 199 4 A A p p p p l l i i c c a a t t i i o o n n a a n n d d E E x x a a m m p p l l e e s s 4 4 . . 1 1 C C r r e e a a t t e e a a L L A A N N - - t t o o - - L L A A N N C C o o n n n n e e c c t t i i o o n n B B e e t t w w e e e e n n R R e e m m o o t t e e O O f f f f i i c c e e a a n n d d H H e e a a d d [...]
-
Página 210
Vigor2950 Series User’s Guide 200 For using IPSec -based service, such as IPSec or L2 TP with IPSec Policy, you have to set general settings in IPSec General Setup , such as the pre-shared key that both parties have known. 3. Go to LAN-to-LAN . Click on one index number to edit a profile. 4. Set Common Settings as shown below. You should enable b[...]
-
Página 211
Vigor2950 Series User’s Guide 201 connection. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, PPP Authen tication and VJ Compression for this Dial-Out connection. 6. Set Dial-In settings to as shown below to allow Router B dial-in to build VPN connection. If an IPSec-based service i s[...]
-
Página 212
Vigor2950 Series User’s Guide 202 connection. Otherwise, it will apply the settings defined in IPSec General Setup above. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Com p ression for this Dial-In connection. 7. At last, set the remote network IP/subnet in TCP/IP Network Se[...]
-
Página 213
Vigor2950 Series User’s Guide 203 Settings in Router B in the remote office: 1. Go to VPN and Remote Access and select Remote Access Cont rol to enable the necessary VPN service and click OK . 2. Then, for using PPP based services, such as PPTP, L2TP, you have to set general settings in PPP General Setup . For using IPSec-based service, such as I[...]
-
Página 214
Vigor2950 Series User’s Guide 204 3. Go to LAN-to-LAN . Click on one index number to edit a profile. 4. Set Common Settings as shown below. You should enable both of VPN connections because any one of the parties may start the VPN connection. 5. Set Dial-Out Settings as shown below to dial to connect to Router B aggressively with the selected Dia[...]
-
Página 215
Vigor2950 Series User’s Guide 205 Dial-Out connection. 6. Set Dial-In settings to as shown below to allow Router A dial-in to build VPN connection. If an IPSec-based service is selected, y ou may further specify the remote peer IP Address, IKE Authentication Method and I PSec Security Method for this Dial-In connection. Otherwise, it will apply t[...]
-
Página 216
Vigor2950 Series User’s Guide 206 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router B can direct the packets des tined to the remote network to Router A via the VPN connection.[...]
-
Página 217
Vigor2950 Series User’s Guide 207 4 4 . . 2 2 C C r r e e a a t t e e a a R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r C C o o n n n n e e c c t t i i o o n n B B e e t t w w e e e e n n t t h h e e T T e e l l e e w w o o r r k k e e r r a a n n d d H H e e a a d d q q u u a a r r t t e e r r The other common case is that [...]
-
Página 218
Vigor2950 Series User’s Guide 208 3. Go to Remote Dial-In Users . Click on one index number to edit a profile. 4. Set Dial-In settings to as shown below to allow the remote user dial-in to build VPN connection. If an IPSec-based service is sele cted, you may further specify the remote peer IP Address, IKE Authentication Method and I PSec Security[...]
-
Página 219
Vigor2950 Series User’s Guide 209 Settings in the remote host: 1. For Win98/ME, you may use "Dial-up Networking" to create the PPTP tunnel t o Vigor router. For Win2000/XP, please use "Network and Dial-up connections" or “Smart VPN Client”, complimentary software to help you create PPTP, L2TP, and L2TP over IPSec tunnel. Y[...]
-
Página 220
Vigor2950 Series User’s Guide 210 You may further specify the method you use to get IP, the security method, and authentication method. If the Pre-Shared Key is selected, it should be consistent with the one set in VPN router. If a PPP-based service is selected, you should fu rther specify the remote VPN server IP address, Username, Password, and[...]
-
Página 221
Vigor2950 Series User’s Guide 211 4. Click Connect button to build connection. When the connection is successful, you will find a green light on the right down corner. 4 4 . . 3 3 Q Q o o S S S S e e t t t t i i n n g g E E x x a a m m p p l l e e Assume a teleworker someti mes works at hom e and takes care of children. When working time, he woul[...]
-
Página 222
Vigor2950 Series User’s Guide 212 3. Enter the Name of Index Class 2 by clicking Edit link. In this index, the user will set reserve bandwidth for HTTPS. And click Basic button on the right. 4. Click Setup link for W AN1. Check Enable UDP Bandwidth Control on the bottom to prevent enormous UDP traffic of V oIP influent other application. 5. If th[...]
-
Página 223
Vigor2950 Series User’s Guide 213 4 4 . . 4 4 L L A A N N – – C C r r e e a a t t e e d d b b y y U U s s i i n n g g N N A A T T An example of default setting and the corr esponding deplo yment are shown below . The default V igor router private IP address/ Subnet Mask is 192.1 68.1.1/255.255.255.0. The built-in DHCP server is enabled so it [...]
-
Página 224
Vigor2950 Series User’s Guide 214 Y ou can just set the settings wrapped inside the red rectangles to fit the request of NA T usage.[...]
-
Página 225
Vigor2950 Series User’s Guide 215 4 4 . . 5 5 U U p p g g r r a a d d e e F F i i r r m m w w a a r r e e f f o o r r Y Y o o u u r r R R o o u u t t e e r r Before upgrading your router firmware, you need to i nstall the Router Tools. The file RTSxxx.exe will be asked to copy onto your computer. Remember the place of storing the execution file. [...]
-
Página 226
Vigor2950 Series User’s Guide 216 5. Double click on the router tool icon. The setup wizard will appear. 6. Follow the onscreen instructions to install the tool. Finally, click Finish to end the installation. 7. From the Start menu, open Programs and choose Router Tools XXX >> Firmware Upgrade Utility . 8. Type in your router IP, usually 19[...]
-
Página 227
Vigor2950 Series User’s Guide 217 10. Click Send . 11. Now the firmware update is finished. 4 4 . . 6 6 R R e e q q u u e e s s t t a a c c e e r r t t i i f f i i c c a a t t e e f f r r o o m m a a C C A A s s e e r r v v e e r r o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r[...]
-
Página 228
Vigor2950 Series User’s Guide 218 1. Go to Certificate Management and choose Local Certificate . 2. You can click GENERATE button to start to edit a certificate request. Enter the information in the certificate request. 3. Copy and save the X509 Local Certificate Requet as a text file and save it for later use.[...]
-
Página 229
Vigor2950 Series User’s Guide 219 4. Connect to CA server via web browser. Follo w the instruction to subm it the request. Below we take a Windows 2000 CA server for example. Select Request a Certificate . Select Advanced request . Select Submit a certificate request a base64 encoded PKCS #10 file or a renewal request using a base64 encoded PKCS [...]
-
Página 230
Vigor2950 Series User’s Guide 220 Then you have done the request and the ser ver now issues you a certificate. Select Base 64 encoded certificate and Download CA certificate . Now you should get a certificate (.cer file) and save it. 5. Back to Vigor router, go to Local Certificate . Click IMPORT button and browse the file to import the certifica[...]
-
Página 231
Vigor2950 Series User’s Guide 221 4 4 . . 7 7 R R e e q q u u e e s s t t a a C C A A C C e e r r t t i i f f i i c c a a t t e e a a n n d d S S e e t t a a s s T T r r u u s s t t e e d d o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r 1. Use web browser connecting to the CA server that you would like to retrieve its CA cert[...]
-
Página 232
Vigor2950 Series User’s Guide 222 2. In Choose file to download , click CA Certificate Current and Base 64 encoded, and Download CA certificate to save the .cer. file. 3. Back to Vigor router, go to Trusted CA Certificate . Click IMPORT button and browse the file to import the certificate (.cer file) into Vigor router. When finished, click refres[...]
-
Página 233
Vigor2950 Series User’s Guide 223 4 4 . . 8 8 E E R R D D M M e e c c h h a a n n i i s s m m f f o o r r V V P P N N T T R R U U N N K K To use ERD (Environment Recovery Detection) mechanism for VPN TRUNK, please follow the steps listed below: 1. Click Start >> Run and type Telnet 192.168.1.1 in the Open box as below. Note that the IP addr[...]
-
Página 234
Vigor2950 Series User’s Guide 224 When VPN connection breaks down, Member1 is a top priorit y for the system to do VPN connection again. Request Background: Some of users hope the connection can be continuous and not breaking down (maybe they will have thousa nds of orders coming within one m inute). If the network connection breaks down, the use[...]
-
Página 235
Vigor2950 Series User’s Guide 225 4 4 . . 9 9 V V P P N N L L o o a a d d B B a a l l a a n n c c e e A A p p p p l l i i c c a a t t i i o o n n Here provides two situations that you can take advantages of VPN TRUNK Load Balance profile mechanism. Example 1: A VPN TRUNK profile with member 1 (GRE over IPSec type-LAN to LAN Router Mode) and Membe[...]
-
Página 236
Vigor2950 Series User’s Guide 226 ¾ Finish Member2 LAN-to-LAN Dial out Profile with GRE over IPSec configuration. Check Enable IPSec Dial-Out function GRE over IPSec. Type 192.168.100 .100 as My GRE IP and 192.168.100.200 as Peer GRE IP. After adding VpnLB1 under VPN TRUNK Mana gement, press Advanced for Load Balance Profile List and choose suit[...]
-
Página 237
Vigor2950 Series User’s Guide 227 (3) Dialing from VPN Client site[...]
-
Página 238
Vigor2950 Series User’s Guide 228 This page is left blank.[...]
-
Página 239
Vigor2950 Series User’s Guide 229 5 T T r r o o u u b b l l e e S S h h o o o o t t i i n n g g This section will guide you to solve abnormal s ituations if you cannot access into the Internet after installing the router and finishing the web configuration. Please follow sections below to check your basic installation status stage by stage. z Che[...]
-
Página 240
Vigor2950 Series User’s Guide 230 F F o o r r W W i i n n d d o o w w s s The example is based on Windows XP. As to the examples for other operation systems, please refer to the si milar steps or find support notes in www.draytek.com . 1. Go to Control Panel and then double-click on Network Connection s. 2. Right-click on Local Area Connectio[...]
-
Página 241
Vigor2950 Series User’s Guide 231 4. Select Obtain an IP address automatically and Obtain DNS server address automatically. F F o o r r M M a a c c O O s s 1. Double click on the current used MacOs on the desktop. 2. Open the Application folder and get into Network . 3. On the Network screen, select Using DHCP from the drop down list of Configure[...]
-
Página 242
Vigor2950 Series User’s Guide 232 5 5 . . 3 3 P P i i n n g g i i n n g g t t h h e e R R o o u u t t e e r r f f r r o o m m Y Y o o u u r r C C o o m m p p u u t t e e r r The default gateway IP address of the router is 192.168.1.1. For so me reason, you might need to use “ping” command to check the link status of the router. The most impor[...]
-
Página 243
Vigor2950 Series User’s Guide 233[...]
-
Página 244
Vigor2950 Series User’s Guide 234 5 5 . . 4 4 C C h h e e c c k k i i n n g g I I f f t t h h e e I I S S P P S S e e t t t t i i n n g g s s a a r r e e O O K K o o r r N N o o t t Click WAN>> Internet Access and then check whether the ISP settings are set correctly. Click Details Page of WAN1/WAN2 to review the settings that you configure[...]
-
Página 245
Vigor2950 Series User’s Guide 235 F F o o r r P P P P T T P P / / L L 2 2 T T P P U U s s e e r r s s 1. Check if the Enable option for PPTP Link is selected. 2. Check if Server Address, Userna me, Password and WAN IP address are se t correctly (must identify with the values from your ISP).[...]
-
Página 246
Vigor2950 Series User’s Guide 236 5 5 . . 5 5 B B a a c c k k i i n n g g t t o o F F a a c c t t o o r r y y D D e e f f a a u u l l t t S S e e t t t t i i n n g g I I f f N N e e c c e e s s s s a a r r y y Sometimes, a wrong connection can be im proved by returning to the default settings. Try to reset the router by software or hardware. Warn[...]
-
Página 247
Vigor2950 Series User’s Guide 237 5 5 . . 6 6 C C o o n n t t a a c c t t i i n n g g Y Y o o u u r r D D e e a a l l e e r r If the router still cannot work correctly after trying many efforts, please contact your dealer for further help right away. For any questions, please feel free to send e-mail to support@draytek.com.[...]