Draytek VigorPro 5510 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Draytek VigorPro 5510. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Draytek VigorPro 5510 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Draytek VigorPro 5510 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation Draytek VigorPro 5510 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Draytek VigorPro 5510
- nom du fabricant et année de fabrication Draytek VigorPro 5510
- instructions d'utilisation, de réglage et d’entretien de l'équipement Draytek VigorPro 5510
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Draytek VigorPro 5510 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Draytek VigorPro 5510 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Draytek en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Draytek VigorPro 5510, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Draytek VigorPro 5510, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Draytek VigorPro 5510. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    [...]

  • Page 2

    VigorPro5510 Series User’s Guide ii V V i i g g o o r r P P r r o o 5 5 5 5 1 1 0 0 S S e e r r i i e e s s U U n n i i f f i i e e d d T T h h r r e e a a t t M M a a n n a a g g e e m m e e n n t t U U s s e e r r ’ ’ s s G G u u i i d d e e Version: 2.1 Firmware: V3.3.4 Date: 08/06/2010 Copyright 2010 All rights reserve d. This publication[...]

  • Page 3

    VigorPro5510 Series User’s Guide iii[...]

  • Page 4

    VigorPro5510 Series User’s Guide iv Safety Instructions and Approval Safety Instructions z Read the installation guide tho roughly before you set up the router. z The router is a complicat ed electronic unit that may be repaired only be authorized a nd qualified personnel . Do not t ry to open or repair t he router yourself. z Do not place the ro[...]

  • Page 5

    VigorPro5510 Series User’s Guide v European Community Declarations Manufacturer: DrayTek Corp. Address: No. 26, Fu Shing Road, HuKou Town ship, HsinChu Industrial Park, Hsin-Chu, Taiwan 303 Product: VigorPro 5510 DrayTek Corp. declar es that VigorPro 5510 Series is in compl iance with the following essential r equirements and other relevant provi[...]

  • Page 6

    VigorPro5510 Series User’s Guide vi T T a a b b l l e e o o f f C C o o n n t t e e n n t t s s 1 Pref ace ............................................................................................................... 1 1.1 Web Conf iguration Bu ttons Explanation ................................................................................. 1[...]

  • Page 7

    VigorPro5510 Series User’s Guide vii 3.4.1 Basics for Fire wall...................................................................................................... ..... 64 3.4.2 Genera l Setup ............................................................................................................ ..... 66 3.4.3 Filter Setup ...............[...]

  • Page 8

    VigorPro5510 Series User’s Guide viii 3.12.1 Basic Concept ........................................................................................................... .. 185 3.12.2 Genera l Setup ........................................................................................................... .. 185 3.12.3 Dial to a Single ISP/Dial to D[...]

  • Page 9

    VigorPro5510 Series User’s Guide ix 4.2 Creating and Activating an Account from Router W eb Configur ator ................................... 249 4.3 Registering Y our Vigor R outer ............................................................................................ 25 4 4.4 Activating Anti-Virus/Anti-In trusion/Anti-S pam/ WCF Serv ice .[...]

  • Page 10

    [...]

  • Page 11

    VigorPro5510 Series User’s Guide 1 1 P P r r e e f f a a c c e e VigorPro 5510 is a UTM router with dual-WAN interface. It provides policy-based load-balance, fail-over and BoD (Bandwidth on Demand), also it integrates IP layer QoS, NAT session/bandwidth management to help u sers control works well with large bandwidth. By adopting hardware-based[...]

  • Page 12

    VigorPro5510 Series User’s Guide 2 1 1 . . 2 2 L L E E D D I I n n d d i i c c a a t t o o r r s s a a n n d d C C o o n n n n e e c c t t o o r r s s Before you use the Vigor router, please ge t acquainted with the LED indicators and connectors first. 1 1 . . 2 2 . . 1 1 F F o o r r V V i i g g o o r r P P r r o o 5 5 5 5 1 1 0 0 LED Status Expl[...]

  • Page 13

    VigorPro5510 Series User’s Guide 3 WAN(1/2) Con necter for remote netw orked devices . LAN/Monitor Connecter for local networked devices. LAN (1-4) Connecter for local networked devices. USB Connecter for a USB device. Connecter for a power co rd with 100- 240VAC (inlet) . Power Switch. “1” is ON; “0” is OFF.[...]

  • Page 14

    VigorPro5510 Series User’s Guide 4 1 1 . . 2 2 . . 2 2 F F o o r r V V i i g g o o r r P P r r o o 5 5 5 5 1 1 0 0 G G i i LED Status Explanation Blinking The router is powere d on and running normall y. ACT (Activity) Off The router is powe red off. IDP (Intrusi on Detection and Prevention) On (Yellow) The anti-intrusion function is enabled. Vir[...]

  • Page 15

    VigorPro5510 Series User’s Guide 5 configuration. ISDN Connecter for ISDN lin e. WAN(1/2) Con necter for remote netw orked devices . LAN/Monitor Connecter for local networked devices. LAN (1-4) Connecter for local networked devices. USB Connecter for a USB device. Connecter for a power co rd with 100- 240VAC (inlet) . Power Switch. “1” is ON;[...]

  • Page 16

    VigorPro5510 Series User’s Guide 6 1 1 . . 3 3 H H a a r r d d w w a a r r e e I I n n s s t t a a l l l l a a t t i i o o n n Before starting to configure the router, you have to connect your devices correctly. 1. Connect a cable Modem/DSL Modem/Media Converter (depends on your requirem ent) to any WAN port of router with Ethernet cable (RJ-45).[...]

  • Page 17

    VigorPro5510 Series User’s Guide 7 1 1 . . 4 4 P P r r i i n n t t e e r r I I n n s s t t a a l l l l a a t t i i o o n n You can install a printer onto the router for sharing printing. All the PCs connected this router can print documents via the router. The exam ple provided here is made based on Windows XP/2000. For Windows 98/SE, please visi[...]

  • Page 18

    VigorPro5510 Series User’s Guide 8 3. Open File->Add a New Computer . A welcome dialog will appear. Please click Next . 4. Click Local printer attached to this computer and click Next. 5. In this dialog, choose Create a new port Type of port and use the drop down list to select Standard TCP/IP Port . Click Next .[...]

  • Page 19

    VigorPro5510 Series User’s Guide 9 6. In the following dialog, type 192.168.1.1 (router’s LAN IP) in the field of Printer Name or IP Address and type IP_192.168.1.1 as the port nam e. T hen, click Next . 7. Click Standard and choose Generic Network Card. 8. Then, in the following dialog, click Finish .[...]

  • Page 20

    VigorPro5510 Series User’s Guide 10 9. Now, your system will ask you to choose right name of the printer that you installed onto the router. Such step can make correct driver loaded onto your PC. When you finish the selection, click Next . 10. For the final stage, you need to go back to Control Panel-> Printers and edit the property of the new[...]

  • Page 21

    VigorPro5510 Series User’s Guide 11 Note 1: Some printers with the fax/scanning or other a dditional fun ctions are not supported. If you do not know whether your printer is supported or not, please visit www.draytek.com to find out the printer list. Open Support >FAQ ; find out the link of Printer Server and click it; then click the What type[...]

  • Page 22

    VigorPro5510 Series User’s Guide 12 This page is left blank.[...]

  • Page 23

    VigorPro5510 Series User’s Guide 13 2 C C o o n n f f i i g g u u r r i i n n g g B B a a s s i i c c S S e e t t t t i i n n g g s s For use the router properly, it is necessary for you to change the password of web configuration for security and adjust primary basic settings. This chapter explains how to setup a password fo r an administrator a[...]

  • Page 24

    VigorPro5510 Series User’s Guide 14 3. Now, the Main Screen will pop up. Note: The home page will change slightly in accordance with the router you have. 4. Go to System Maintenance page and choose Administrator Password . 5. Enter the login password (the defa ult is blank) on the field of Old Password . Type a new one in the field of New Passwor[...]

  • Page 25

    VigorPro5510 Series User’s Guide 15 2 2 . . 2 2 Q Q u u i i c c k k S S t t a a r r t t W W i i z z a a r r d d If your router can be under an environment with high speed NAT, the configuration provide here can help you to deploy and use the router quickl y. The first screen of Quick Start Wizard is entering login password. After ty ping the pass[...]

  • Page 26

    VigorPro5510 Series User’s Guide 16 In the Quick Start Wizard , you can configure the router to access the Internet with different protocol/modes such as PPPoE , PPTP , Static IP or DHCP . The router supports the DSL WAN interface for Internet access. 2 2 . . 2 2 . . 1 1 P P P P P P o o E E PPPoE stands for Point-to-Point Protocol over Ethernet .[...]

  • Page 27

    VigorPro5510 Series User’s Guide 17 Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this protocol will be shown.[...]

  • Page 28

    VigorPro5510 Series User’s Guide 18 2 2 . . 2 2 . . 2 2 P P P P T T P P Click PPTP as the protocol. Type in all the information that your ISP provides for this protocol. Click Next for viewing summary of such connection. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this protocol will be shown.[...]

  • Page 29

    VigorPro5510 Series User’s Guide 19 2 2 . . 2 2 . . 3 3 S S t t a a t t i i c c I I P P Click Static IP as the protocol. Type in all the inform ation that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, t[...]

  • Page 30

    VigorPro5510 Series User’s Guide 20 2 2 . . 2 2 . . 4 4 D D H H C C P P Click DHCP as the protocol. Type in all the information that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of th[...]

  • Page 31

    VigorPro5510 Series User’s Guide 21 2 2 . . 3 3 S S e e r r v v i i c c e e A A c c t t i i v v a a t t i i o o n n W W i i z z a a r r d d 1. Open Service Activation Wizard. 2. The screen of Service Activation Wizard will be shown as follows. Choose the one you need and click Next . In this case, we choose to activate free trail edition. Free tr[...]

  • Page 32

    VigorPro5510 Series User’s Guide 22 3. In the following page, you can activate the AV/AI, AS and/or Web content filter service at the same time or individually. When you finish the selecti on, please click Next . 4. Setting confirmation page will be displayed as follows, please click Next . 5. Wait for a moment till the following page appears. Wh[...]

  • Page 33

    VigorPro5510 Series User’s Guide 23 6. Now, the web page will display the service(s) with valid time that you have activated according to your selection(s). 7. Open Defense configuration >>Activation to check the services status.[...]

  • Page 34

    VigorPro5510 Series User’s Guide 24 If you need to extend the license valid time, you can also use the Service Activation Wizard again to reach your goal by click i ng the radio button of Formal edition with license key and clicking Next.[...]

  • Page 35

    VigorPro5510 Series User’s Guide 25 2 2 . . 4 4 O O n n l l i i n n e e S S t t a a t t u u s s The online status shows the system status, W AN status, ADSL Information and other status related to this router within one page. If you select PPPoE/PPTP as the protocol , you will find out a link of Dial PPPoE/PPPoA or Drop PPPoE/PPPoA in the Online [...]

  • Page 36

    VigorPro5510 Series User’s Guide 26 Online status for DHCP Detailed explanation is shown below: Primary DNS Displays the IP address of the primary DNS. Secondary DNS Displays the IP address of the secondary DNS. LAN Status IP Address Displays the IP address of the LAN interface. TX Packets Displays the total transmitted packets at the LAN interfa[...]

  • Page 37

    VigorPro5510 Series User’s Guide 27 2 2 . . 5 5 S S a a v v i i n n g g C C o o n n f f i i g g u u r r a a t t i i o o n n Each time you click OK on the web page for saving the configurati on, you can find messages showing the system interaction with you. Ready indicates the system is ready for you to input settings. Settings Saved means your se[...]

  • Page 38

    VigorPro5510 Series User’s Guide 28[...]

  • Page 39

    VigorPro5510 Series User’s Guide 29 3 A A d d v v a a n n c c e e d d W W e e b b C C o o n n f f i i g g u u r r a a t t i i o o n n After finished basic configuration of the router, you can access Internet with ease. For the people who want to adjust more setting for suitin g his/her request, please refer to this chapter for getting detailed in[...]

  • Page 40

    VigorPro5510 Series User’s Guide 30 3 3 . . 1 1 . . 2 2 N N e e t t w w o o r r k k C C o o n n n n e e c c t t i i o o n n b b y y 3 3 G G U U S S B B M M o o d d e e m m For 3G mobile communication through Access Point is popular more and more, VigorPro5510 adds the function of 3G networ k conn ection for such purpose. By connecting 3G USB Mode[...]

  • Page 41

    VigorPro5510 Series User’s Guide 31 Enable Choose Yes to invoke the settings for this WAN interface. Choose No to disable the settings for this WAN interface. Display Name Type the description for the WAN1/WAN2 interface. Physical Mode For WAN1, the physical connection is done and fixed through Ethernet port; yet the physical connection for WAN2 [...]

  • Page 42

    VigorPro5510 Series User’s Guide 32 Load Balance Mode If you know the practical bandwidth for your WAN interface, please choose the setting of According to Line Speed . Otherwise, please choose Auto Weigh to let the router reach the best load balance. Line Speed If your choose According to Line Speed as the Load Balance Mode , please type the lin[...]

  • Page 43

    VigorPro5510 Series User’s Guide 33 3 3 . . 1 1 . . 4 4 I I n n t t e e r r n n e e t t A A c c c c e e s s s s For the router supports dual WAN function, the users can set different WAN settings (for WAN1/WAN2) for Internet Access. Due to di fferent physical mode for WAN1 and WAN2, the Access Mode for these two connections also varies slightly. [...]

  • Page 44

    VigorPro5510 Series User’s Guide 34 accessing the page to configure the settings. There are three acces s modes provided for PPPoE, Static or Dynamic IP and PPTP. Details Page This button will open different web page according to the access mode that you choose in WAN1 or WAN2. D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P o[...]

  • Page 45

    VigorPro5510 Series User’s Guide 35 in Application >> Schedule web page and you can use the number that you have set in that web page. ISDN Dial Backup Setup This setting is available for the routers supporting ISDN function only. Before utilizing the ISDN dial backup feature, you must create a dial backup profile first. Please click Intern[...]

  • Page 46

    VigorPro5510 Series User’s Guide 36 Fixed IP – Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address . Default MAC Address – You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC Address for the router. Specify a MAC Address – Type the MAC address f or the router [...]

  • Page 47

    VigorPro5510 Series User’s Guide 37 Static or Dynamic IP (DHCP Client) Click Enable for activating this function. If you click Disable , this function will be closed and all the settings that you adjusted in this page will be invalid. ISDN Dial Backup Setup This setting is available for the routers supporting ISDN function only. Before utilizing [...]

  • Page 48

    VigorPro5510 Series User’s Guide 38 Connection because some ISPs will drop connections if there is no traffic within certain periods of time. Check Enable PING to keep alive box to activate this function. PING to the IP - If you enable the PING function, please specify the IP address for the system to PING it for keeping alive. PING Interval - En[...]

  • Page 49

    VigorPro5510 Series User’s Guide 39 Specify an IP address – Click this radio button to specify some data if you want to use Static IP m ode. IP Address : Type the IP address. Subnet Mask : Type the subnet mask. Gateway IP Address : Type the gateway IP address. Default MAC Address : Click this radio button to use default MAC address for the rout[...]

  • Page 50

    VigorPro5510 Series User’s Guide 40 This setting is available for i model only. Due to the absence of the ISDN in terface in some models, the ISDN dial backup feature and its associated setup options are not available to them. Please refer to the previous part for further information. None - Disable the backup function. Packet Trigger - The backu[...]

  • Page 51

    VigorPro5510 Series User’s Guide 41 Default MAC Address – Click this radio button to use default MAC address for the router. Specify a MAC Address - Some Cable service providers specify a specific MAC address for access authentication. In such cases y ou need to click the Specify a MAC Address and enter the MAC address in the MAC Address field.[...]

  • Page 52

    VigorPro5510 Series User’s Guide 42 Index (1-15) Set the PCs on LAN to work at certain time interval only. You may choose up to 4 schedules out of the 15 sc hedules pre-defined in Applications >> Schedule setup. The default setting of this field is blank and the function will always work. 3 3 . . 1 1 . . 5 5 L L o o a a d d - - B B a a l l [...]

  • Page 53

    VigorPro5510 Series User’s Guide 43 WAN Use the drop-down menu to change the WAN interface for such index. Src IP Start Displays the IP address for the start of the source IP. Src IP End Displays the IP address for the end of the source IP. Dest IP Start Displays the IP address for the start of the destination IP. Dest IP End Displays the IP addr[...]

  • Page 54

    VigorPro5510 Series User’s Guide 44 You can check the box of Auto failover to other WAN to m ake a backup WAN connection if the selected WAN interface fails to connect to Internet. Src IP Start Type the source IP start for the specified WAN interface. Src IP End Type the source IP end for the specified WAN interface. If this field is blank, it me[...]

  • Page 55

    VigorPro5510 Series User’s Guide 45 3 3 . . 2 2 L L A A N N Local Area Network (LAN) is a group of subnets regulated and ruled by router . The design of network structure is related to what t ype of public IP addresses coming from your ISP . Note : VLAN menu item is only available for V igorPro 5510. 3 3 . . 2 2 . . 1 1 B B a a s s i i c c s s o [...]

  • Page 56

    VigorPro5510 Series User’s Guide 46 W W h h a a t t i i s s R R o o u u t t i i n n g g I I n n f f o o r r m m a a t t i i o o n n P P r r o o t t o o c c o o l l ( ( R R I I P P ) ) V igor router will exchange routing informati on with neighboring routers using the RIP to accomplish IP routing. This allows users to cha nge the information of th[...]

  • Page 57

    VigorPro5510 Series User’s Guide 47 3 3 . . 2 2 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p This page provides you the general settings for LAN. Click LAN to open the LAN settings page and choose General Setup . 1st IP Address T ype in private IP address for connecting to a local private network (Default: 192.168.1.1). 1st Subnet Mask[...]

  • Page 58

    VigorPro5510 Series User’s Guide 48 S tart IP Address: Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses. If the 2nd IP address of your router is 220.1 35.240.1, the starting IP address must be 220.135.240.2 or greater , but smaller than 220.135.240. 254. IP Pool Counts: Enter the number of IP addres[...]

  • Page 59

    VigorPro5510 Series User’s Guide 49 DHCP Se rver IP Address for Relay Agent - Set the IP address of the DHCP server you are going to use so the Relay Agent can help to forward the DHCP request to the DHCP server . DNS Server Configuration DNS stands for Domain Name System. Every Internet host must have a unique IP address, also they may have a hu[...]

  • Page 60

    VigorPro5510 Series User’s Guide 50 3 3 . . 2 2 . . 3 3 S S t t a a t t i i c c R R o o u u t t e e Go to LAN to open setting page and choose Static Route . Index The number (1 to 32) unde r Index allows you to open next page to set up static route. Destination Address Displays the destination address of the static route. Status Displays the stat[...]

  • Page 61

    VigorPro5510 Series User’s Guide 51 Before setting Static Route, user A can not talk to user B for Router A can only forward recognized packets to its default gateway Main Router . Go to LAN page and click General Setup , select 1st Subnet as the RIP Protocol Contr ol. Then click the OK button. Note: There are two reasons that we have to appl y R[...]

  • Page 62

    VigorPro5510 Series User’s Guide 52 2. Return to St a t i c R o u t e Setup page. Click on another Index Number to add another static route as show below , which regulates a ll packets destined to 21 1.100.88.0 will be forwarded to 192.168.1.3. 3. Go to Diagnostics and choose Routing T able to verify current routing table. 3 3 . . 2 2 . . 4 4 V V[...]

  • Page 63

    VigorPro5510 Series User’s Guide 53 2. After checking the box to enable VLAN func tion, you will check the table according to the needs as shown below. T o remove VLAN, uncheck the needed box and click OK to save the results. 3 3 . . 2 2 . . 5 5 B B i i n n d d I I P P t t o o M M A A C C This function is used to bind the IP and MAC address in LA[...]

  • Page 64

    VigorPro5510 Series User’s Guide 54 Enable Click this radio button t o invoke this function. However, IP/MAC which is not listed in IP Bind List also can connect to Internet. Disable Click this radio button to disable this function. All the settings on this page will be invalid. Strict Bind Click this radio button t o block the connection of the [...]

  • Page 65

    VigorPro5510 Series User’s Guide 55 Note: Before you select Strict Bind , you have to bind one set of IP/MAC address for one PC. If not, no one of the PCs can access into Internet. And the web configurator of the router might not be accessed. 3 3 . . 3 3 N N A A T T Usually, the router serves as an NAT (Network Address Translation) router. NAT is[...]

  • Page 66

    VigorPro5510 Series User’s Guide 56 The port redirection can only apply to incoming traffic. To use this function, please go to NAT page and choose Port Redirection web page. The Port Redirection Table provides 20 port-m apping entries for the internal hosts. Press any number under Index to access into next page for configuring port redirection.[...]

  • Page 67

    VigorPro5510 Series User’s Guide 57 Enable Check this box to enable such port redirection setting. Mode Two options (Single and Range) are provided here for you to choose. To set a range for the specific service, select Range . In Range mode, if the public port (s tart port and end port) and the starting IP of private IP had been entered, the sys[...]

  • Page 68

    VigorPro5510 Series User’s Guide 58 Y ou then will access the admin screen of by suffixing the IP address with 8080, e.g., http://192.168.1.1:8080 instead of port 80.[...]

  • Page 69

    VigorPro5510 Series User’s Guide 59 3 3 . . 3 3 . . 2 2 D D M M Z Z H H o o s s t t As mentioned above, Port Redirection can redirect incoming TCP/UDP or othe r traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (A H), do not travel on a fixed [...]

  • Page 70

    VigorPro5510 Series User’s Guide 60 WAN1 This page allows you to configure Private IP or Active True IP as DMZ host. WAN2 This page allows you to configure Private IP as DMZ host. Private IP If you choose Private IP as DMZ host, you can type a private IP in this box or use Choose PC button to cho ose the one you want. MAC Address of the True…. [...]

  • Page 71

    VigorPro5510 Series User’s Guide 61 3 3 . . 3 3 . . 3 3 O O p p e e n n P P o o r r t t s s Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2 P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the applicati[...]

  • Page 72

    VigorPro5510 Series User’s Guide 62 Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. WAN Interface Specify the WAN interface that will be used for this entry. Local Computer Enter the private IP address of the local host or click Choose PC to select one. Choose PC Click this button and[...]

  • Page 73

    VigorPro5510 Series User’s Guide 63 Protocol Display the protocol used for this address mapping. Public IP Display the public IP address se lected for this entry, e.g., 172.16.3.102. Private IP Display the private IP set for this address mapping, e.g., 192.168.1.10 Mask Display the subnet mask selected for this address mapping. Status Display the[...]

  • Page 74

    VigorPro5510 Series User’s Guide 64 the IP Alias List, the Public IP setting will be empty in this field. When you click Apply , a message will appear to inform you. Private IP Assign an IP address (e.g., 192. 168.1.10) or a subnet to be compared with the Public IP address for incoming packets. Subnet Mask Select a value of subnet m ask for priva[...]

  • Page 75

    VigorPro5510 Series User’s Guide 65 S S t t a a t t e e f f u u l l P P a a c c k k e e t t I I n n s s p p e e c c t t i i o o n n ( ( S S P P I I ) ) Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy static packet filtering, which examines a p acket based on the information in its header, stateful ins[...]

  • Page 76

    VigorPro5510 Series User’s Guide 66 1. SYN flood attack 2. UDP flood attack 3. ICMP flood attack 4. TCP Flag scan 5. Trace route 6. IP options 7. Unknown pr otocol 8. Land attack 9. Smurf attack 10. SYN f ragment 11. ICMP fra gment 12. Tear dro p attack 13. Fraggle attack 14. Ping of Death attack 15. TCP/UDP port scan A A n n t t i i - - V V i i [...]

  • Page 77

    VigorPro5510 Series User’s Guide 67 Call Filter Check Enable to activate the Call Filter function. Assign a start filter set for the Call Filter. Data Filter Check Enable to activate the Data Filter function. Assign a start filter set for the Data Filter. Filter Select Pass or Block for the packets that do not match with the filter rules. IM/P2P [...]

  • Page 78

    VigorPro5510 Series User’s Guide 68 Filter web page first. For troubleshoot ing needs, you can specify to record information for W eb Content Filter by checking the Log box. It will be sent to Syslog server . Please ref er to section 3.13.4 Syslog/Mail Alert for more detailed information. Anti-V irus Select one of the anti-virus profile settings [...]

  • Page 79

    VigorPro5510 Series User’s Guide 69 Advance Setting Click Edit to open the following window . However , it is strongly r ecommended to use the default settings here. Codepage - This function is used to com p are the characters among dif ferent languages. Choose correct codepage can help the system obtaining correct ASCII after decoding data from [...]

  • Page 80

    VigorPro5510 Series User’s Guide 70 for the router to verify if the re transmitted data is the same as the old one. Advertisement Enable – Check this box to disp lay the words – [Powered by Draytek] on the unreachable web page S trict Security Checking For the sake of security , you might want the router executing strict security checking for[...]

  • Page 81

    VigorPro5510 Series User’s Guide 71 3 3 . . 4 4 . . 3 3 F F i i l l t t e e r r S S e e t t u u p p Click Firewall and click Filter Setup to open the setup page. To edit or add a filter, click on the set numbe r to edit the individual set. The following page will be shown. Each filter set contains up to 7 rules. Click on the rule num ber button t[...]

  • Page 82

    VigorPro5510 Series User’s Guide 72 Check to enable the Filter Rule Check this box to enable the filter rule. Comments Enter filter set comments/description. Maximum length is 14- character long. Index (1-15) Set PCs on LAN to work at certain time interval only. You may choose up to 4 schedules out of the 15 sc hedules pre-defined in Applications[...]

  • Page 83

    VigorPro5510 Series User’s Guide 73 To set the IP address manually, please choose Any Address/Single Address/Range Address/Subnet Address as the Address Ty pe and type them in this dialog. In addition, if you want to use the IP range from defined groups or objects, please choose Group and Objects as the Address Type. From the IP Group drop down l[...]

  • Page 84

    VigorPro5510 Series User’s Guide 74 choose Group and Objects as the Service Type. Protocol - Specify the protocol(s) which this filter rule will apply to. Source/Destination Port - (=) – when the first and last value are the same, it indicates one port; when the first and last valu es are different, it indicates a range for the port and availab[...]

  • Page 85

    [...]

  • Page 86

    VigorPro5510 Series User’s Guide 76 default value for this setting is ANSI 1252 Latin I. If you do not choose any codepage, no decoding job of URL will be processed. Please use the drop-down list to choose a codepage. If you do not have any idea of choosing suitable codepage, please open Syslog. From Codepage Information of Setup dialog, you will[...]

  • Page 87

    VigorPro5510 Series User’s Guide 77 E E x x a a m m p p l l e e As stated before, all the traffic will be separate d and arbitrated using on of two IP filters: call filter or data filter. You may preset 12 call filters and data filters in Filter Setup and even link them in a serial manner. Each filter set is composed by 7 filter rules, which can [...]

  • Page 88

    VigorPro5510 Series User’s Guide 78 3 3 . . 4 4 . . 4 4 D D o o S S D D e e f f e e n n s s e e As a sub-functionality of IP Filter/Firewall, th ere are 15 types of detect/defense function in the DoS Defense setup. The DoS Defense functionality is disabled for default. Click Firewall and click DoS Defense to open the setup page. Enable Dos Defens[...]

  • Page 89

    VigorPro5510 Series User’s Guide 79 Enable PortScan detection Port Scan attacks the Vigor router by sending lots of packets to many ports in an attempt to find ignorant services would respond. Check the box to activate the Port Scan detection. Whenever detecting this malicious exploration behavior by monitoring the port-scanning Threshold rate, t[...]

  • Page 90

    VigorPro5510 Series User’s Guide 80 Block Unknown Protocol Check the box to activate the Block Unknown Protocol function. Individual IP packet has a protocol field in the datagram header to indicate the protocol type running over the upper layer. However, the protocol types greater than 100 are reserved and undefined at this time. Therefore, the [...]

  • Page 91

    VigorPro5510 Series User’s Guide 81 3 3 . . 5 5 O O b b j j e e c c t t s s S S e e t t t t i i n n g g s s For IPs in a range, service ports in a limited ra nge and keywords usually will be applied for configuring router’s settings , we can define them with objects and bind them with groups for using conveniently. Later, we can select that obj[...]

  • Page 92

    VigorPro5510 Series User’s Guide 82 3 3 . . 5 5 . . 1 1 I I P P O O b b j j e e c c t t You can set up to 192 sets of IP Objects with different conditions. Set to Factory Default Clear all profiles. Click the number under Index co lumn for settings in detail. Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose a[...]

  • Page 93

    VigorPro5510 Series User’s Guide 83 Address Type Determine the address type for the IP address. Select Single Address if this object contains one IP address only. Select Range Address if this object contains several IPs within a range. Select Subnet Address if this object contains one subnet for IP address. Select Any Address if this object conta[...]

  • Page 94

    VigorPro5510 Series User’s Guide 84 3 3 . . 5 5 . . 2 2 I I P P G G r r o o u u p p This page allows you to bind several IP objects into one IP group. Set to Factory Default Clear all profiles. Click the number under Index colu mn for settings in detail. Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose WAN, L[...]

  • Page 95

    VigorPro5510 Series User’s Guide 85 3 3 . . 5 5 . . 3 3 S S e e r r v v i i c c e e T T y y p p e e O O b b j j e e c c t t You can set up to 96 sets of Service Type Objects with different conditions. Set to Factory Default Clear all profiles. Click the number under Index co lumn for settings in detail. Name Type a name for this profile. Protocol[...]

  • Page 96

    VigorPro5510 Series User’s Guide 86 all the ports except the port defined here; when th e first and last values are different, it indicates that all the ports except the range defined here are available for this service type. (>) – the port number greater than this value is available. (<) – the port number less than this value is availa[...]

  • Page 97

    VigorPro5510 Series User’s Guide 87 Name Type a name for this profile. Available Service Type Objects You can add IP objects from IP Object page. All the available IP objects will be shown in this box. Selected Service Type Objects Click button to add the selected IP objects in this box. 3 3 . . 5 5 . . 5 5 K K e e y y w w o o r r d d O O b b j j[...]

  • Page 98

    VigorPro5510 Series User’s Guide 88 Name Type a name for this profile, e.g., game. Contents Type the content for such profile. For example, type gambling as Contents. When you browse th e webp age, the page with gambling information will be watched out and be passed/blocked based on the configuration on Firewall settings. 3 3 . . 5 5 . . 6 6 K K [...]

  • Page 99

    VigorPro5510 Series User’s Guide 89 Name Type a name for this group. Available Keyword Objects You can gather keyword objects from Keyword Object page within one keyword group. All the available Keyword objects that you have created will be shown in this box. Selected Keyword Objects Click button to add the selected Keyword objects in this box. 3[...]

  • Page 100

    VigorPro5510 Series User’s Guide 90 Profile Name Type a name for this profile. Type a name for such profile and check all the items of file extension that will be processed in the router. Finally, click OK to save this profile.[...]

  • Page 101

    VigorPro5510 Series User’s Guide 91 3 3 . . 5 5 . . 8 8 I I M M O O b b j j e e c c t t This page allows you to set 32 profiles for In stant Messenger. These profiles will be applied in Firewall>>IM/P2P Filter Profile for filtering. Set to Factory Default Clear all profiles. Click the number under Profile column for conf iguration in detail[...]

  • Page 102

    VigorPro5510 Series User’s Guide 92 Profile Name Type a name for this profile. Type a name for such profile and check all the ite ms that not allowed to be used in the host. Finally, click OK to save this profile.[...]

  • Page 103

    VigorPro5510 Series User’s Guide 93 3 3 . . 5 5 . . 9 9 P P 2 2 P P O O b b j j e e c c t t This page allows you to set 32 profiles for p eer-to-peer application. These profiles will be applied in Firewall>>IM/P2P Filter Profile for filtering. Set to Factory Default Clear all profiles. Click the number under Profile column for conf iguratio[...]

  • Page 104

    VigorPro5510 Series User’s Guide 94 Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK to save this profile. 3 3 . . 5 5 . . 1 1 0 0 M M i i s s c c O O b b j j e e c c t t This page allows you to set 32 profiles for mi scellaneous applications. These profiles will be applied in Fir[...]

  • Page 105

    VigorPro5510 Series User’s Guide 95 Profile Name Type a name for this profile. Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK to save this profile. 3 3 . . 6 6 C C S S M M CSM is an abbreviation of Content Security Management which is used to control IM/P2P usage, filter the web[...]

  • Page 106

    VigorPro5510 Series User’s Guide 96 On the other hand, Vigor router can prevent user from accidentally downloading malicious codes from web pages. It’s very common that malicious codes conceal in the executable objects, such as ActiveX, Java Applet, compre ssed files, and other executable files. Once downloading these types of files from websit[...]

  • Page 107

    VigorPro5510 Series User’s Guide 97 3 3 . . 6 6 . . 1 1 A A P P P P E E n n f f o o r r c c e e m m e e n n t t P P r r o o f f i i l l e e You can define policy profiles for IM (Inst ant Messenger)/P2P (Peer to Peer)/Protocol application. This page allows you to set 32 profiles for different requirements. The APP Enforcement Profile will be appl[...]

  • Page 108

    VigorPro5510 Series User’s Guide 98 full or partial matched with a keyword, th e Vigor router will block the associated HTTP connection. For example, if you add key words such as “s ex”, Vigor router will limit web access to web sites or web pages such as “www.sex.com ”, ”www.backdoor.net/images/sex/p_386.html”. Or you may simply spec[...]

  • Page 109

    VigorPro5510 Series User’s Guide 99 configuration set in this page for URL Access Control and Web Feature will be inactive. Both:Block –The router will block all the packages that match with the conditions specified in URL Access Control and Web Feature below. When you choose this setting, both configuration set in this page for URL Access Cont[...]

  • Page 110

    VigorPro5510 Series User’s Guide 100 Group/Object Selections – The Vigor router provides several frames for users to define ke ywords and each frame supports multiple keywords. The keyword could be a noun, a partial noun, or a complete URL string. Multiple keywords within a frame are separated by space, comma, or semi colon. In addition, the ma[...]

  • Page 111

    VigorPro5510 Series User’s Guide 101 provide the blocking mechanism that filters out the multimedia files downloading from web pages. Upload – Check the box to reject any file upload job. File Extension Profile – Choose one of the profiles that you configured in Object Setting>> File Extension Objects previously for passing or blocking [...]

  • Page 112

    VigorPro5510 Series User’s Guide 102 Activate Click it to access into MyVigor for activating WCF service. Setup Query Server It is recommend for you to use th e default setting, auto-selected. You need to specify a server for categorize searching when you type URL in browser based on the web content filter profile. Setup Test Server It is recomme[...]

  • Page 113

    VigorPro5510 Series User’s Guide 103 processing rate combining the feature of L1 and L2. Eight profiles are provided here as Web content filters. Simply click the index number under Profile to open the following web page. The items listed in Categories will be changed according to the different service providers. If you have and activate another [...]

  • Page 114

    VigorPro5510 Series User’s Guide 104 Log None – There is no log file will be recorded for this profile. Pass – Only the log about Pass w ill be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. White/Black List Enable – Activate white/black[...]

  • Page 115

    VigorPro5510 Series User’s Guide 105 3 3 . . 7 7 D D e e f f e e n n s s e e C C o o n n f f i i g g u u r r a a t t i i o o n n This menu allows you to set profiles for, activate and upgrade the service of Anti-Intrusion/Anti-Virus in your system. 3 3 . . 7 7 . . 1 1 A A n n t t i i - - I I n n t t r r u u s s i i o o n n Anti-Intrusion allows y[...]

  • Page 116

    VigorPro5510 Series User’s Guide 106 Anti-Intrusion Control Setup This field will display the signature version of this router. The default signature version is “ basic ”. In this version, you can modify the settings for Anti-Intrusion rules in Defense Configuration>>Anti-Intrusion >>Advanced Setup page. However, if you restart/re[...]

  • Page 117

    VigorPro5510 Series User’s Guide 107 Enable Reset procession Click this radio button to break down the communication between your computer and specific link which might have intrusion actions. 3 3 . . 7 7 . . 1 1 . . 2 2 A A d d v v a a n n c c e e d d S S e e t t u u p p This page lists all the available types and allo ws you to adjust the rule [...]

  • Page 118

    VigorPro5510 Series User’s Guide 108 Enable Check to enable this rule. If you uncheck this box, th e corresponding settings for the rule will not be executed. SID The number for each anti-intrusion rule is displayed in this field. Name A brief description name for the an ti-intrusion rule is shown in this field. Click the name link to access into[...]

  • Page 119

    VigorPro5510 Series User’s Guide 109 Page Type the page number in this field (if there is more than one page of anti-virus detail view displayed on this page). Then click Go to the specified page. Or you can click ⏐ >, >>, << or > ⏐ button on the right side of the Go button to access to the home/previous/next/end page. 3 3 .[...]

  • Page 120

    VigorPro5510 Series User’s Guide 110 Profile Name T y pe a name for the profile. Protocol Currently , only the files transmitted through the protocols listed in this page including SMTP , POP3 , IMAP , HTTP and FTP will be scanned by this router . Action Choose the action that you want to apply to the proto cols of each operation. Pass - Detect i[...]

  • Page 121

    VigorPro5510 Series User’s Guide 111 Detect Macro Attachment The file with macro attachment will be passed/destro yed/reset under different protocols. The system will detect it automatically if you set corresponding configuration here. Detect Encrypted Zipped Files The file zipped with encryption will be detected and then be passed/destroyed/rese[...]

  • Page 122

    VigorPro5510 Series User’s Guide 112 SID/NAME To find the specific type of anti-virus, you can type its SID number or name in this field if you know, and then c lick Search . The system will locate that rule for you. Search Click this button to find out all the virus rules related to the SID/NAME that you entered. The page of the searching result[...]

  • Page 123

    VigorPro5510 Series User’s Guide 113 NAME A brief description name for the anti-virus rule is shown in this field. Click the name link to access into VigorPro website for checking the detailed info rmation for the specified anti-virus. SID The number for each anti-virus rule is displayed in this field. Page Type the page number in this field (if [...]

  • Page 124

    VigorPro5510 Series User’s Guide 114 Click any number link to open the confi guration page. Below is the page of File Filter Profile . The priority of each entry is determined by the index number. That is, the entry of Index 1 has the highest priority in file name filtering; the entry of Index 32 has the lowest priority in filtering. Profile Name[...]

  • Page 125

    VigorPro5510 Series User’s Guide 115 found by the router system. Non-Scan – The file will not be scanned and will not be processed by using general rules set in Anti-V irus profile. Scan – Just scan the file with name specified here which is found by the router system, and be processed by using general rules set in Anti-V irus profile. Profil[...]

  • Page 126

    VigorPro5510 Series User’s Guide 116 3 3 . . 7 7 . . 3 3 A A n n t t i i - - S S p p a a m m Many people suffer with unwanted mails comi ng from everywhere. Such device offers a mechanism, named Anti-Spam, to do basi c scanning for filtering unnecessary mails and sorting the mails. To activate function of Anti-Spam, you have to configure profile([...]

  • Page 127

    VigorPro5510 Series User’s Guide 117 Profile Name Type a name for such profile setting. Choose Protocol to Scan Spam Spam files usually come with protocol o f SMTP or POP3. Please check the box that you want to avoid. It would be better to check both protocols. In addition, you can check Log All Mail Events to send record of all mail events to sy[...]

  • Page 128

    VigorPro5510 Series User’s Guide 118 emails coming from the sender, or for the emails sending out from the receiver, or for the subject with the keyword selected here. Group/Object Selections – Choose a suitable group or object for passing or blocking. Click Edit to open the following dialog. The keyword/group that you have set on Object Settin[...]

  • Page 129

    VigorPro5510 Series User’s Guide 119 shown as “***SPAM*** license page” in your mail box. Such tag can help users to identify which mail is useful or useless quickly. Reset – Choose this action to disconnect the network. It is mainly applied on SMTP server. Log - Check the box to have the process record stated on Syslog. Message - Type word[...]

  • Page 130

    VigorPro5510 Series User’s Guide 120 White List Timeout (sec) Type the timeout for mail checking with white list. Set Click to save and invoke the timer setting. 3 3 . . 7 7 . . 4 4 A A c c t t i i v v a a t t i i o o n n f f o o r r A A n n t t i i - - I I n n t t r r u u s s i i o o n n / / A A n n t t i i - - V V i i r r u u s s / / A A n n t [...]

  • Page 131

    VigorPro5510 Series User’s Guide 121[...]

  • Page 132

    VigorPro5510 Series User’s Guide 122 3 3 . . 7 7 . . 5 5 A A I I / / A A V V A A u u t t o o B B l l o o c c k k This page can determine the block standard for data transmission based on the AI/AV auto block setting . In another word, when the host is att acked over the count num ber set here, the system will block the data transmission fro m the[...]

  • Page 133

    VigorPro5510 Series User’s Guide 123 Time Interval – type the time for the system to wait and execute the action of blocking, Limitation List This field displays the information for specific limitation. Specific Limitation Users can specify clients on LAN and let the router count AI/AV event in certain range by specifying start IP, end IP, AI c[...]

  • Page 134

    [...]

  • Page 135

    VigorPro5510 Series User’s Guide 125 Signature authentication/downl oad message It displays the message of signature authentication or download procedure. Upgrade Manually The buttons in this field are only available when you finished the registration and activation for new account and your router. If not, these buttons do not have any effect eve[...]

  • Page 136

    VigorPro5510 Series User’s Guide 126 Upgrade Automatically Specify certain time for execu ting the upgrade automatically. Remember to check the Scheduled Update box to activate the time settings. Every – It means the downloading procedure will be executed automatically whenever passi ng through the time (hours and minutes) that you set here. Da[...]

  • Page 137

    VigorPro5510 Series User’s Guide 127 Below shows an example with DT-KL signature used. 3 3 . . 7 7 . . 7 7 S S t t a a t t u u s s This field will shows the status for the license, start date and expire date for Anti-Intrusion/Anti-Virus service. If your account or router is still not activated, the word Not Activated will be displayed here to in[...]

  • Page 138

    VigorPro5510 Series User’s Guide 128 Below is a sample page with valid license. 3 3 . . 8 8 B B a a n n d d w w i i d d t t h h M M a a n n a a g g e e m m e e n n t t Below shows the menu items for Bandwidth Management. 3 3 . . 8 8 . . 1 1 S S e e s s s s i i o o n n s s L L i i m m i i t t A PC with private IP address can access to the Internet[...]

  • Page 139

    VigorPro5510 Series User’s Guide 129 To activate the function of limit session, simply click Enable and set the default session limit. Enable Click this button to activate the function of limit session. Disable Click this button to close the function of limit session. Default session limit Defines the default session number used for each co mpute[...]

  • Page 140

    VigorPro5510 Series User’s Guide 130 In the Bandwidth Management menu, click Bandwidth Limit to open the web page. To activate the function of limit bandwidth, simply click Enable and set the default upstream and downstream limit. Enable Click this button to activate the function of limit bandwidth. Apply to 2 nd Subnet – if bandwidth limit fun[...]

  • Page 141

    VigorPro5510 Series User’s Guide 131 limit and RX limit. TX limit Define the limitation for the speed of the upstream. If you do not set the limit in this field, the system will use the default speed for the specific limitation you set for each index. RX limit Define the limitation for the speed of the downstream. If you do not set the limit in t[...]

  • Page 142

    VigorPro5510 Series User’s Guide 132 DS node in these domains will perform the priority treatment. This is called per-hop-behavior (PHB). The definition of PHB includes Expedite d Forwarding (EF), Assured Forwarding (AF), and Best Effort (BE). AF defines the four classes of delivery (or forwarding) classes and three levels of drop precedence in e[...]

  • Page 143

    VigorPro5510 Series User’s Guide 133 Enable the QoS Control The factory default for this setting is checked. Please also define which traffic the QoS Control settings will apply to. IN- apply to incoming traffic only. OUT- apply to outgoing traffic only. BOTH- apply to both incoming and outgoing traffic. Check this box and click OK , then click S[...]

  • Page 144

    VigorPro5510 Series User’s Guide 134 Limited_bandwidth Ratio The ratio typed here is reserved for limited bandwidth of UDP application. Online Statistics Display an online statistics for quality of service for your reference. This link will be seen only if you click OK in WAN1/WAN2 General Setup web page and click Setup again (for WAN1/WAN2) on t[...]

  • Page 145

    VigorPro5510 Series User’s Guide 135 For adding a new rule, click Add to open the following page. ACT Check this box to invoke these settings. Local Address Click the Edit button to set the local IP address (on LAN) for the rule. Remote Address Click the Edit button to set the remote IP address (on LAN/WAN) for the rule. Edit It allows you to edi[...]

  • Page 146

    VigorPro5510 Series User’s Guide 136 E E d d i i t t t t h h e e S S e e r r v v i i c c e e T T y y p p e e f f o o r r C C l l a a s s s s R R u u l l e e To add a new service type, edit or delete an existed service type, please click the Edit link under Service Type field. After you click the Edit link, you will see the following page.[...]

  • Page 147

    VigorPro5510 Series User’s Guide 137 For adding a new service type, click Add to open the following pag e. Service Name Type in a new service for your request. Service Type Choose the type (TCP, UDP or TCP/UDP) for the new service. Port Configuration Click Single or Range . If you select Range, you have to t ype in the starting port number and th[...]

  • Page 148

    VigorPro5510 Series User’s Guide 138 3 3 . . 9 9 A A p p p p l l i i c c a a t t i i o o n n s s Below shows the menu items for Applications. 3 3 . . 9 9 . . 1 1 D D y y n n a a m m i i c c D D N N S S The ISP often provides you with a dynamic IP address when you c onnect to the Internet via your ISP. It means that the public IP address assigned [...]

  • Page 149

    VigorPro5510 Series User’s Guide 139 Domain Name Display the domain name that you set on the setting page of DDNS setup. Active Display if this account is active or inactive. View Log Display DDNS log status. Force Update Force the router updates its information to DDNS server. 3. Select Index number 1 to add an account for the router. Check Enab[...]

  • Page 150

    VigorPro5510 Series User’s Guide 140 4. Click OK button to activate the settings. You will see your setting has been saved. The W ildcard and Backup MX features are not supported for all Dynamic DNS providers. Y ou could get m ore detailed in formation from their websites. Disable the Function and Clear all Dynamic DNS Accounts In the DDNS setup [...]

  • Page 151

    VigorPro5510 Series User’s Guide 141 Enable Schedule Setup Check to enable the schedule. Start Date (yyyy-mm-dd) Specify the starting date of the schedule. Start Time (hh:mm) Specify the starting time of the schedule. Duration Time (hh:mm) Specify the duration (or period) for the schedule. Action Specify which action Call Schedule should apply du[...]

  • Page 152

    VigorPro5510 Series User’s Guide 142 3. Configure the For ce Down from 18:00 to next day 9:00 for whole week. 4. Assign these two profiles to the PPPoE In ternet access profile. Now , the PPPoE Internet connection will follow the schedule order to perform For ce On or Force Down action according to the time plan that has been pre-defined in the s[...]

  • Page 153

    VigorPro5510 Series User’s Guide 143 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Confirm Shared Secret Re-type the Shared Secret for confirmation. Common Name Identifier Type or edit the common name identifier fo[...]

  • Page 154

    VigorPro5510 Series User’s Guide 144 3 3 . . 9 9 . . 4 4 U U P P n n P P The UPnP (Universal Plug and Play) protocol is supported to bring to network connected devices the ease of installation and configurati on which is already available for directly connected PC peripherals with the existing Windows 'Plug and Play' system. For NAT rou[...]

  • Page 155

    VigorPro5510 Series User’s Guide 145 The reminder as regards concern about Firewall and UPnP Can't work with Firewall Software Enabling firewall applications on your P C may cause the UPnP function not working properly. This is because these applicati ons will block the accessing ability of some network ports. Security Considerations Activat[...]

  • Page 156

    VigorPro5510 Series User’s Guide 146 3 3 . . 9 9 . . 5 5 I I G G M M P P IGMP is the abbreviation of Internet Group Management Protocol . It is a communication protocol which is mainly used for managing the membership of Internet Protocol m ulticast groups. For invoking IGM P Snooping function, you have to check the Enable IGMP Proxy box first fo[...]

  • Page 157

    VigorPro5510 Series User’s Guide 147 Wake by Two types provide for you to wake up the binded IP. If you choose Wake by MAC Address, you have to type the correct MAC address of the host in MAC Address boxes. If you choose Wake by IP Address, you have to choose the correct IP address. IP Address The IP addresses that have been configured in LAN>[...]

  • Page 158

    VigorPro5510 Series User’s Guide 148 3 3 . . 1 1 0 0 V V P P N N a a n n d d R R e e m m o o t t e e A A c c c c e e s s s s A Virtual Private Network (VPN) is the extension of a private network that encompasses links across shared or public networks like th e Internet. In short, by VPN technology, you can send data between two computers across a[...]

  • Page 159

    VigorPro5510 Series User’s Guide 149 3 3 . . 1 1 0 0 . . 2 2 P P P P P P G G e e n n e e r r a a l l S S e e t t u u p p This submenu only applies to PPP-related VPN connections, such as PPTP, L2TP, L2TP over IPSec. Dial-In PPP Authentication PAP Only Select this option to force the router to authenticate dial-in users with the PAP protocol. PAP [...]

  • Page 160

    VigorPro5510 Series User’s Guide 150 should choose an IP address from the local private network. For example, if the local private network is 192.168.1.0/2 55.255.255.0, y ou could choose 192.168.1.200 as the Start IP Address. But, you have to notice that the first two IP addresses of 192.168.1. 200 and 192.168.1.201 are reserved for ISDN remote [...]

  • Page 161

    VigorPro5510 Series User’s Guide 151 IKE Authentication Method This usually applies to those are remote dial-in user or node (LAN-to-LAN) which uses dynamic IP address and IPSec-related VPN connections such as L2TP over IPSec and IPSec tunnel. Certificate for Dial-in – Choose the local certificate that generated or imported on Certificate Manag[...]

  • Page 162

    VigorPro5510 Series User’s Guide 152 Click each index to edit one peer digital certificate. There are three security levels of digital signature authentication: Fill each necessary fi eld to authenticate the remote peer. The following explanation will guide you to fill all the necessary fields. Profile Name Type in a name in this file. Accept Any[...]

  • Page 163

    VigorPro5510 Series User’s Guide 153 3 3 . . 1 1 0 0 . . 5 5 R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r You can manage remote access by maintaining a table of remote user profile, so that users can be authenticated to dial-in via ISDN or build the VPN connection. You may set parameters including specified connection p eer[...]

  • Page 164

    VigorPro5510 Series User’s Guide 154 Enable this account Check the box to enable this function. Idle Timeout- If the dial-in user is idle over the limitation of the timer, the router will drop this connection. By default, the Idle Timeout is set to 300 seconds. ISDN Allow the remote ISDN dial-in connection. You can further set up Callback functio[...]

  • Page 165

    VigorPro5510 Series User’s Guide 155 Nice to Have - Apply the IPSec policy first, if it is applicable during negotiation. Otherwise, the dial-in VPN connection becomes one pure L2TP connection. Must - Specify the IPSec policy to be definitely applied on the L2TP connection. SSL Tunnel It allows the remote dial-in user to make an SSL VPN Tunnel co[...]

  • Page 166

    VigorPro5510 Series User’s Guide 156 SSL VPN Set SSL Web Proxy - It allows the remote dial-in user to access internal web over SSL VPN, suitable for the application through web only (e.g., HTTP). Click SSL VPN>> SSL Web Proxy to set profiles. If you haven’t set any SSL VPN web proxy profiles, you will see a link here. Click this link to a[...]

  • Page 167

    VigorPro5510 Series User’s Guide 157 with or without IPSec policy above. IKE Authentication Method This group of fields is applicable for IPSec Tunnels and L2TP with IPSec Policy when you specify the IP address of the remote node. The only exception is Digital Signature (X.509) can be set when you select IPSec tunnel either with or without specif[...]

  • Page 168

    VigorPro5510 Series User’s Guide 158 3 3 . . 1 1 0 0 . . 6 6 L L A A N N t t o o L L A A N N Here you can manage LAN-to-LAN connections by maintaining a table of connection profiles. You may set parameters including sp ecified connection direction (dial-in or dial-out), connection peer ID, connection ty pe (VPN connection - including PPT P, IPSec[...]

  • Page 169

    VigorPro5510 Series User’s Guide 159 Profile Name Specify a name for the profile of the LAN-to-LAN connection. Enable this profile Check here to activate this profile. VPN Connection Through Use the drop down menu to choose a proper WAN interface for this profile. This setting is useful for dial-out only. WAN1 First - While connecting, the router[...]

  • Page 170

    VigorPro5510 Series User’s Guide 160 as the first channel for VPN connection. If WAN1 fails, the router will use another WAN interface instead. WAN1 Only - While connecting, the router will use WAN1 as the only channel for VPN connection. WAN2 First - While connecting, the router will use WAN2 as the first channel for VPN connection. If WAN2 fail[...]

  • Page 171

    VigorPro5510 Series User’s Guide 161 You should set up Link Type and identity like User Nam e and Password for the authentication of remote server. You can further set up Callback (CBCP) function below. This feature is useful for i model only. PPTP Build a PPTP VPN connection to the server through the Internet. You should set the identity like Us[...]

  • Page 172

    VigorPro5510 Series User’s Guide 162 set to Yes to improve bandwidth utilization. IKE Authentication Method This group of fields is applicable for IPSec Tunnels and L2TP with IPSec Policy. Pre-Shared Key -Input 1-63 characters as pre-shared key. Digital Signature (X.509) – This setting will be available when IPSec Tunnel is selected. Click this[...]

  • Page 173

    VigorPro5510 Series User’s Guide 163 IKE phase 1 mode - Select from Main mode and Aggressive mode. The ultimate outcome is to exchange security proposals to create a protected secure channel. Main mode is more secure than Aggressive mode since more exchanges are done in a secure channel to set up the IPSec session. However, the Aggressive mode is[...]

  • Page 174

    VigorPro5510 Series User’s Guide 164 remote peer requires the Vigor router to callback, the local ISDN number will be provided to the remote peer. Check here to allow the Vigor router to send the ISDN number to the remote router. This feature is useful for i model only. Allowed Dial-In Type Determine the dial-in connection with different types. I[...]

  • Page 175

    VigorPro5510 Series User’s Guide 165 IPSec Tunnel Allow the remote dial-in user to trigger an IPSec VPN connection through Internet. L2TP Allow the remote dial-in user to make a L2TP VPN connection through the Internet. You can select to use L2TP alone or with IPSec. Select from below: None- Do not apply the IPSec policy. Accordingly, the VPN con[...]

  • Page 176

    VigorPro5510 Series User’s Guide 166 High- Encapsulating Security Payload (ESP) means payload (data) will be encrypted and authenticated. You may select encryption algorithm from Data Encryption Standard (DES), Triple DES (3DES), and AES. Callback Function The callback function provides a callback service only for the ISDN LAN-to-LAN connection ([...]

  • Page 177

    VigorPro5510 Series User’s Guide 167 Gateway PPP IP address from the remote router during the IPCP negotiation phase. If the PPP IP address is fixed by remote side, specify the fixed IP address here. Do not change the default value if you do not select ISDN, PPTP or L2TP. Remote Network IP/ Remote Network Mask Add a static route to direct all tra[...]

  • Page 178

    VigorPro5510 Series User’s Guide 168 ¾ VPN TRUNK-VPN Backup mechanism is co mpliant with all WAN modes (single/multi) ¾ Dial-out connection types contain IPSec, PPTP, L2TP, L2TP over IPSec and ISDN (depends on hardware specification) ¾ The web page is simple to understand and easy to configure ¾ Fully compliant with VPN Server LAN Side Single[...]

  • Page 179

    VigorPro5510 Series User’s Guide 169 Backup Profile List Set to Factory Default - Click to clear all VPN TRUNK-VPN Backup mechanism profile. No- The order of VPN TRUNK-VPN Backup mechanism profile. Status (on Backup Profile field) - “v” means such profile is enabled; ”x” means such profile is disabled. Name (on Backup Profile field) - Dis[...]

  • Page 180

    VigorPro5510 Series User’s Guide 170 profile (or more) created in this page Detailed information for this dialog, see later section - Advanced Load Balance and Backup . Load Balance Profile List Set to Factory Default - Click to clear all VPN TRUNK-VPN Load Balance mechanism profile. No - The order of VPN TRUNK-VPN Load Balance mechanism profile.[...]

  • Page 181

    VigorPro5510 Series User’s Guide 171 Detailed information for this dialog, see later section - Advanced Load Balance and Backup . General Setup Status - After choosing one of the profile listed above, please click Enable to activate this profile. If you click Disable , the selected or current used VP N TRUNK-Backup/Load Balance mechanism profile [...]

  • Page 182

    VigorPro5510 Series User’s Guide 172 in red. VPN TRUNK – VPN Load Balance mechanism profile will be locked. The profiles in LAN-to-LAN will be displayed in blue. Edit Click this button to save the changes to the Status (Enable or Disable), profile name, member1 or member2. Delete Click this button to delete the selected VPN TRUNK profile. The c[...]

  • Page 183

    VigorPro5510 Series User’s Guide 173 4. Take a look for LAN-to-LAN profiles. Index 1 is chosen as Member1; index 2 is chosen as Member2. For such reason, LAN-to-LAN profiles of 1 and 2 will be expressed in red to indicate that they are fixed. If you delete the VPN TRUNK – VPN Backup/Load Balance mechanism profile, the selected LAN-to-LAN profil[...]

  • Page 184

    VigorPro5510 Series User’s Guide 174 3. Later, on peer side (as VPN Client): please type 192.168.50.100 in the field of My GRE IP and type IP address of the server (192.168.50.200) in the field of Peer GRE IP. A A d d v v a a n n c c e e d d L L o o a a d d B B a a l l a a n n c c e e a a n n d d B B a a c c k k u u p p After setting profiles for[...]

  • Page 185

    VigorPro5510 Series User’s Guide 175 balance of packet transmission with flexible rate. It can be divided into Auto Weighted and According to Speed Ratio. Auto Weighted can detect the device speed (10Mbps/100Mbps) and switch w ith fixed value ratio (3:7) for packet transmission. If the transmission rate for packets on both sides of the tunnels is[...]

  • Page 186

    VigorPro5510 Series User’s Guide 176 binding tunnel table can be established. TCP/UPD means when the source IP, destinati on IP, destination port and fragment conditions match with the settings specified here and TCP/UDP Service Port also fits the number here, such binding tunnel table can be established. ICMP m e ans when the source IP, destinat[...]

  • Page 187

    VigorPro5510 Series User’s Guide 177 NO for Binding Fragmented. If you choose NO for Binding Fragmented, please choose TCP/UDP, IGMP/ICMP or Other as Binding Protocol. Advanced Backup Profile Name List the backup profile name. ERD Mode ERD means “Environment Recovers Detection”. Normal – choose this mode to make all dial-out VPN TRUNK backu[...]

  • Page 188

    VigorPro5510 Series User’s Guide 178 3 3 . . 1 1 0 0 . . 8 8 C C o o n n n n e e c c t t i i o o n n M M a a n n a a g g e e m m e e n n t t You can find the summary table of all VPN connections. You may disconnect any VPN connection by clicking Drop button. You m ay also aggressively Dial-out by using Dial-out Tool and clicking Dial button. Dial[...]

  • Page 189

    VigorPro5510 Series User’s Guide 179 3 3 . . 1 1 1 1 C C e e r r t t i i f f i i c c a a t t e e M M a a n n a a g g e e m m e e n n t t A digital certificate works as an electronic ID, which is issued by a certification authority (CA). It contains information such as your name, a serial number, expiration dates etc., and the digital signature of[...]

  • Page 190

    VigorPro5510 Series User’s Guide 180 Note: Please be noted that “Common Name” must be configured with rotuer’s WAN IP or domain name. After clicking GENERATE , the generated information w ill be displayed on the window below: IMPORT Vigor router allows you to generate a certificate request and submit it the CA server, then import it as “L[...]

  • Page 191

    VigorPro5510 Series User’s Guide 181 Upload Local Certificate It allows users to import the certificate which is generated by vigor router and signed by CA server. If you have done well in certificate generation, the Status of the certificate will be shown as “ OK ”. Upload PKCS12 Certificate It allows users to import the certificate whose ex[...]

  • Page 192

    VigorPro5510 Series User’s Guide 182 Note: You have to copy the certificate request information from above window. Next, access your CA server and enter the page of certificate request, copy the information into it and submit a request. A new certificate will be issued to you by the CA server. You can save it.[...]

  • Page 193

    VigorPro5510 Series User’s Guide 183 3 3 . . 1 1 1 1 . . 2 2 T T r r u u s s t t e e d d C C A A C C e e r r t t i i f f i i c c a a t t e e Trusted CA certificate lists three sets of trusted CA certificate. To import a pre-saved trusted CA certificate, please click IMPORT to open the following window. Use Browse… to find out the saved text fil[...]

  • Page 194

    VigorPro5510 Series User’s Guide 184 3 3 . . 1 1 1 1 . . 3 3 C C e e r r t t i i f f i i c c a a t t e e B B a a c c k k u u p p Local certificate and Trusted CA certificate for this router can be saved within one file. Please click Backup on the following screen to save them . If you want to set encryption password for these certificates, please[...]

  • Page 195

    VigorPro5510 Series User’s Guide 185 3 3 . . 1 1 2 2 I I S S D D N N 3 3 . . 1 1 2 2 . . 1 1 B B a a s s i i c c C C o o n n c c e e p p t t ISDN means integrated services digital network that is an international communications standard for sending voice, video, and data over digit al telephone lines or normal telephone wires. Below shows the men[...]

  • Page 196

    VigorPro5510 Series User’s Guide 186 ISP Access Setup ISP Name - Enter your ISP name such as Seednet, Hinet and so on. Dial Number - Enter the ISDN access number provided by your ISP. Username - Enter the username provided by your ISP. Password - Enter the password provided by your ISP. Require ISP Callback (CBCP) - If your ISP supports the callb[...]

  • Page 197

    VigorPro5510 Series User’s Guide 187 Method (IPCP) most ISPs provide a dynamic IP address for the router when it connects to the ISP. If your ISP provides a fixed IP address, check Yes and enter the IP address in the field of Fixed IP Address . Select Dialing to Dual ISPs if you have more than one ISP. You will be able to dial to both ISPs at the[...]

  • Page 198

    VigorPro5510 Series User’s Guide 188 Primary ISP Setup ISP Name - Enter your ISP name. Dial Number - Enter the ISDN access number provided by your ISP. Username - Enter the username provided by your ISP. Password - Enter the password provided by your ISP. IP Address Assignment Method (IPCP) for primary ISP setup In most environments, you should n[...]

  • Page 199

    VigorPro5510 Series User’s Guide 189 3 3 . . 1 1 2 2 . . 4 4 V V i i r r t t u u a a l l T T A A Vi r t u a l T A means the local hosts or PCs in th e network that uses popular CAPI-based software such as R VS-COM or BVRP to acces s the router as a local ISDN T A fo r sending or receiving F A X messages over the ISDN line. Basically , it is a cli[...]

  • Page 200

    VigorPro5510 Series User’s Guide 190 Before describing the configuration of Virtua l TA in the Vigor routers, please heed the following limitations. z The Virtual TA client only supports Microsoft TM Windows 98/SE/2000/XP platforms. z The Virtual TA client only supports the CA PI 2.0 protocol and has no built-in FAX engine. z One ISDN BRI interfa[...]

  • Page 201

    VigorPro5510 Series User’s Guide 191 text is RED, it means the client has lost the connection to the server . This tim e, please check the physical Ethernet connection. C C o o n n f f i i g g u u r r e e a a V V i i r r t t u u a a l l T T A A C C l l i i e e n n t t / / S S e e r r v v e e r r Since the V irtual T A application is a client/ ser[...]

  • Page 202

    VigorPro5510 Series User’s Guide 192 Click the V irtual T A Login tab to launch the login box. Enter the Username/Password and then click OK . Aft er a short time, the VT icon text will turn green. M M S S N N C C o o n n f f i i g g u u r r a a t t i i o o n n If you have applied to an MSN number service, th e V irtual T A server can assign whic[...]

  • Page 203

    VigorPro5510 Series User’s Guide 193 Call Control Setup Dial Retry - It specifies the dial retry counts per triggered packet. A triggered packet is th e packet whose destination is outside the local network. The default setting is no dial retry. If set to 5, for each triggered packet, the router will dial 5 times until it is connected to the ISP [...]

  • Page 204

    VigorPro5510 Series User’s Guide 194 Idle Timeout - Because our IDSN link type is Dial On Demand , the connection will be initiated only when needed. Bandwidth-On-Demand (BOD) Setup Bandwidth-On-Demand is for Multiple-Link PPP (ML-PPP or MP). The parameters are only applied when you set the Link Type to Dialup BOD . The ISDN usually use one B ch[...]

  • Page 205

    VigorPro5510 Series User’s Guide 195 S S e e c c u u r r i i t t y y O O v v e e r r v v i i e e w w Real-time Hardware Encryption: Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest pr otection to your data without influencing user experience. Complete Security Standard Selection: To ensure the security an[...]

  • Page 206

    VigorPro5510 Series User’s Guide 196 Example 2 Example 3 Separate the Wireless and the Wired LAN- WLAN Isolation enables you to isolate your wireless LAN from wired LAN for either quarantine or limit access reasons. To isolate means neither of the parties can access each othe r. To elaborate an example for business use, you may set up a wireless [...]

  • Page 207

    VigorPro5510 Series User’s Guide 197 3 3 . . 1 1 3 3 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p By clicking the General Settings , a new web page will appear so that you could configure the SSID and the wireless channel. Please refer to the following figure for more information. Enable Wireless LAN Check the box to enable wireless fu[...]

  • Page 208

    VigorPro5510 Series User’s Guide 198 selected channel is under serious interference. Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN. Depending on the wireless utility, the user may only see the information except SSID or just cannot see any thing about Vigor wirel[...]

  • Page 209

    VigorPro5510 Series User’s Guide 199 3 3 . . 1 1 3 3 . . 3 3 S S e e c c u u r r i i t t y y By clicking the Security Settings , a new web page will appear so that you could configure the settings of WEP and WPA. Mode There are several modes provided for you to choose. Disable - Turn off the encryption mechanism. WEP Only - Accepts only WEP clien[...]

  • Page 210

    VigorPro5510 Series User’s Guide 200 WPA/PSK Only - Accepts WPA clients and the encryption key should be entered in PSK. Remem ber to select WPA type to define either Mixed or WPA2 only in the field below. WPA/802.1x Only - Accept WPA clients with 802.1x authentication. Remember to select WPA type to define either Mixed or WPA2 only in the field [...]

  • Page 211

    VigorPro5510 Series User’s Guide 201 3 3 . . 1 1 3 3 . . 4 4 A A c c c c e e s s s s C C o o n n t t r r o o l l For additional security of wireless access, the Access Control facility allows you to restrict the network access right by controlling the wire less LAN MAC address of client. Only the valid MAC address that has been configured can acc[...]

  • Page 212

    VigorPro5510 Series User’s Guide 202 Add Add a new MAC address into the list. Delete Delete the selected MAC address in the list. Edit Edit the selected MAC address in the list. Cancel Give up the access control set up. OK Click it to save the access control list. Clear All Clean all entries in the MAC address list . 3 3 . . 1 1 3 3 . . 5 5 W W D[...]

  • Page 213

    VigorPro5510 Series User’s Guide 203 The major difference between these two modes is that: while in Repeater mode, the packets received from one peer AP can be repeated to another peer AP through WDS links. Yet in Bridge mode, packets received from a WDS link will only be for warded to local wired or wireless hosts. In other words, only Repeater [...]

  • Page 214

    VigorPro5510 Series User’s Guide 204 Mode Choose the mode for WDS setting. Disable mode will not invoke any WDS setting. Bridge mode is designed to fulfill the first type of application. Repeater mode is for the second one. Security There are three ty pes for security, Disable , WEP and Pre-shared key . The setting you choose here will make the f[...]

  • Page 215

    VigorPro5510 Series User’s Guide 205 Pre-shared Key Type 8 ~ 63 ASCII characters or 64 hexadecimal digits leading by “0x”. Bridge If you choose Bridge as the connecting mode, please type in the peer MAC address in these fields. Six peer MAC addresses are allowed to be entered in this page at one time. Yet please disable the unused link to get[...]

  • Page 216

    VigorPro5510 Series User’s Guide 206 3 3 . . 1 1 3 3 . . 6 6 A A P P D D i i s s c c o o v v e e r r y y Vigor router can scan all regulatory channels and find working APs in the neighborhood. Based on the scanning result, users will know whic h channel is clean for usage. Also, it can be used to facilitate finding an AP for a WDS link. Notice th[...]

  • Page 217

    VigorPro5510 Series User’s Guide 207 3 3 . . 1 1 3 3 . . 7 7 S S t t a a t t i i o o n n L L i i s s t t Station List provides the knowledge of connecting wire less clients now along with its status code. There is a code summary belo w for explanation. For convenient Access C ontrol , you can select a WLAN station and click Add to Access Control [...]

  • Page 218

    VigorPro5510 Series User’s Guide 208 3 3 . . 1 1 3 3 . . 8 8 S S t t a a t t i i o o n n R R a a t t e e C C o o n n t t r r o o l l This page allows you to contro l the upload and download rate of each wireless client (station) and SSID1-4. Please check the box of Enab le to invoke this setting. The range for the rate is between 100 ~ 100,000 kb[...]

  • Page 219

    VigorPro5510 Series User’s Guide 209 3 3 . . 1 1 4 4 . . 1 1 W W i i r r e e d d V V L L A A N N PCs connected to Ethernet ports of the router can be divided into different groups and formed VLAN. PCs under the same groups can share each other information through the router and will not be peeked by other groups. The VLAN >> Wired VLAN allo[...]

  • Page 220

    VigorPro5510 Series User’s Guide 210 3 3 . . 1 1 4 4 . . 2 2 W W i i r r e e l l e e s s s s V V L L A A N N PCs (equipped with wireless network cards) connected to the router through wireless interface can be divided into different groups and f o rmed W_VLAN. PCs under the same groups can share each other information through the router and will [...]

  • Page 221

    VigorPro5510 Series User’s Guide 211 Enable Check this box to invoke wireless VLAN function. Login ID Type Login ID for different groups of W _VLAN with 1 to 11 characters. Password Type password for different groups of W_VLAN with 1 to 11 characters. Details Click this button to set additional attributes settings for W_VLAN. Activated Date – U[...]

  • Page 222

    VigorPro5510 Series User’s Guide 212 H H o o w w c c a a n n y y o o u u ( ( w w i i r r e e l l e e s s s s c c l l i i e e n n t t ) ) a a c c c c e e s s s s i i n n t t o o I I n n t t e e r r n n e e t t ? ? After finishing the configuration of wireless VLAN, the wireless clients connecting to this router must do the following steps to acces[...]

  • Page 223

    VigorPro5510 Series User’s Guide 213 5. You can go to Diagnostics>>Wireless VLAN Online Station for viewing the connection status whenever you want. 3 3 . . 1 1 4 4 . . 3 3 V V L L A A N N C C r r o o s s s s S S e e t t u u p p This function allows the router to integr ate VLAN and W_VLAN for managing different computers (notebooks). See t[...]

  • Page 224

    VigorPro5510 Series User’s Guide 214 Enable Check this box to invoke VLAN Cross Setup function. VLAN0-3 It represents the groups of virtual LAN connected by Ethernet interface. W_VLAN0-15 It represents the groups of wireless VLAN communicated by wireless interface.[...]

  • Page 225

    VigorPro5510 Series User’s Guide 215 3 3 . . 1 1 4 4 . . 4 4 W W i i r r e e l l e e s s s s R R a a t t e e C C o o n n t t r r o o l l Rate Control manages the transmission rate of data in and out throu gh the router. You can also manage the in/out rate of each wireless VLAN. Go to VLAN menu and select Wireless Rate Control . The following page[...]

  • Page 226

    VigorPro5510 Series User’s Guide 216 3 3 . . 1 1 5 5 S S S S L L V V P P N N An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. There are two benefits that SSL VPN provides: ¾ It is not necessary for users to preinstall VPN client software for executing SSL VPN connection. ¾ [...]

  • Page 227

    VigorPro5510 Series User’s Guide 217 3 3 . . 1 1 5 5 . . 2 2 S S S S L L W W e e b b P P r r o o x x y y SSL Web Proxy will allow the remote users to access the internal web sites over SSL. It is used to access web servers on LAN side from browser. With such function, user(s) or administrator (s) can register and access the sp ecified web server [...]

  • Page 228

    VigorPro5510 Series User’s Guide 218 corresponding IP address in this field. Such field must match with URL setting. Access Method There are three modes for you to choose. Disable – the profile will be inactive. If you choose Disable , all the web proxy profile appeared under VPN remote dial-in web page will disappear. Secured Port Redirection [...]

  • Page 229

    VigorPro5510 Series User’s Guide 219 Enable Application Service Check this box to enable this application. Application Name Type the profile name for the application. Application Use the drop down list to choose an application applied to this profile. Different application type will lead different web pages. Refer to the following: z Virtual Netw[...]

  • Page 230

    VigorPro5510 Series User’s Guide 220 z Remote Desktop Protocol - Choose this item for accessing and controlling a remote PC through RDP protocol. IP Address Type the IP address for this protocol. Port Specify the port used for this protocol. The default setting is 3389. Screen Size Chose the screen size for such application. z Samba Application -[...]

  • Page 231

    VigorPro5510 Series User’s Guide 221 You can find out the link of Set SSL Web Proxy on the profile setting page. If you haven’t set any SSL Web Proxy Profile in SSL VPN>> SSL Web Proxy web page, there is no check box but a link appeared below. However, if you have set several SSL Web Proxy Profiles in SSL VPN>> SSL Web Proxy web pag[...]

  • Page 232

    VigorPro5510 Series User’s Guide 222 3 3 . . 1 1 5 5 . . 5 5 O O n n l l i i n n e e U U s s e e r r S S t t a a t t u u s s If you have finished the configuration of SSL Web Proxy (server), users can find out corresponding settings when they access in to Draytek SSL VPN portal interface. Next, users can open SSL VPN>> Online Status to view[...]

  • Page 233

    VigorPro5510 Series User’s Guide 223 3 3 . . 1 1 6 6 S S y y s s t t e e m m M M a a i i n n t t e e n n a a n n c c e e For the system setup, there are several items that you have to know the way of configuration: Status, Administrator Password, Configuration Backup, Syslog, Time setup, Reboot System, Firmware Upgrade. Below shows the menu items[...]

  • Page 234

    VigorPro5510 Series User’s Guide 224 LAN --- MAC Address Display the MAC address of the LAN Interface. 1 st IP Address Display the IP address of the LAN interface. 1 st Subnet Mask Display the subnet mask address of the LAN interface. DHCP Server Display the current status of DHCP server of the LAN interface. DNS Display the assigned IP address o[...]

  • Page 235

    VigorPro5510 Series User’s Guide 225 ACS Server Such data must be typed according to the ACS (Auto Configuration Server) you want to link. Please refer to VigorACS user’s manual for detailed information. URL - Type the URL for VigorACS server. If the connected CPE needs to be authenticated, please set URL as the following and type username and [...]

  • Page 236

    VigorPro5510 Series User’s Guide 226 Enable/Disable – Sometimes, port conflict might be occurred. To solve such problem, you might want to change port number for CPE. Please click Enable and change the port number. Periodic Inform Settings Disable – The system will not send inform message to ACS server. Enable – The system will send inform [...]

  • Page 237

    VigorPro5510 Series User’s Guide 227 When you click OK , the login window will appear. Please use the new password to access into the web configurator again. 3 3 . . 1 1 6 6 . . 4 4 C C o o n n f f i i g g u u r r a a t t i i o o n n B B a a c c k k u u p p B B a a c c k k u u p p t t h h e e C C o o n n f f i i g g u u r r a a t t i i o o n n Fo[...]

  • Page 238

    VigorPro5510 Series User’s Guide 228 4. Click Save button, the configuration will download a utomatically to your computer as a file named config.cfg . The above example is using W indows platform for demonstrating examples. The Mac or Linux platform will appear dif ferent windows, but the backup function is still available. Note: Backup for Cert[...]

  • Page 239

    VigorPro5510 Series User’s Guide 229 SysLog Access Setup Enable (Syslog Access…) Check “ Enable ” to activate function of syslog. Router Name Assign a name for the router. Server IP Address The IP address of the Syslog server. Destination Port Assign a port for the Syslog protocol. Enable syslog message Check the box listed on this web page[...]

  • Page 240

    VigorPro5510 Series User’s Guide 230 also acts as Sender address while Vigor router sends out the alert e-mails. Authentication Check this box to activate this function while using e-mail application. User Name Type the user name for authentication. Password Type the password for authentication. Enable E-Mail Alert Check the box to send alert mes[...]

  • Page 241

    VigorPro5510 Series User’s Guide 231 3 3 . . 1 1 6 6 . . 6 6 T T i i m m e e a a n n d d D D a a t t e e It allows you to specify where the time of the router should be inquired from. Current System Time Click Inquire Time to get the current time. Use Browser Time Select this option to use the browser time from the remote administrator PC host as[...]

  • Page 242

    VigorPro5510 Series User’s Guide 232 3 3 . . 1 1 6 6 . . 7 7 M M a a n n a a g g e e m m e e n n t t This page allows you to manage the setti ngs for access control, access list, port setup, and SNMP setup. For example, as to management ac cess control, the port number is used to send/receive SIP message for building a session. The default value [...]

  • Page 243

    VigorPro5510 Series User’s Guide 233 Set Community Set community by typing a proper nam e. The default setting is private. Manager Host IP Set one host as the manager to execute SNMP function. Please type in IP address to specify certain host. Trap Community Set trap community by typing a proper name . The default setting is public. Notification [...]

  • Page 244

    VigorPro5510 Series User’s Guide 234 3 3 . . 1 1 6 6 . . 9 9 F F i i r r m m w w a a r r e e U U p p g g r r a a d d e e Before upgrading your router firmware, you need to i nstall the Router Tools. The Firmware Upgrade Utility is included in the tools. The following web page will guide you to upgrade firmware by using an exam ple. Note that this[...]

  • Page 245

    VigorPro5510 Series User’s Guide 235 3 3 . . 1 1 7 7 D D i i a a g g n n o o s s t t i i c c s s Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router. Below shows the menu items for Diagnostics. 3 3 . . 1 1 7 7 . . 1 1 D D i i a a l l - - o o u u t t T T r r i i g g g g e e r r Click Diagnostics and click Dial[...]

  • Page 246

    VigorPro5510 Series User’s Guide 236 3 3 . . 1 1 7 7 . . 2 2 R R o o u u t t i i n n g g T T a a b b l l e e Click Diagnostics and click Routing Table to open t he web page. Refresh Click it to reload the page. 3 3 . . 1 1 7 7 . . 3 3 A A R R P P C C a a c c h h e e T T a a b b l l e e Click Diagnostics and click ARP Cache Table to view the conte[...]

  • Page 247

    VigorPro5510 Series User’s Guide 237 3 3 . . 1 1 7 7 . . 4 4 D D H H C C P P T T a a b b l l e e The facility provides information on IP address as signments. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click DHCP Table to open the web page. Index It displa ys the connection[...]

  • Page 248

    VigorPro5510 Series User’s Guide 238 Peer IP :Port It indicates the destination IP address an d port of remote host. Interface It indicates the interface of the WAN connection. Refresh Click it to reload the page. 3 3 . . 1 1 7 7 . . 6 6 W W i i r r e e l l e e s s s s V V L L A A N N O O n n l l i i n n e e S S t t a a t t i i o o n n T T a a b [...]

  • Page 249

    VigorPro5510 Series User’s Guide 239 LAN Security Monitor Check this box to enable this function. Refresh Seconds Use the drop down list to choose the time interval of refreshing data flow that will be done by the system automatically. Refresh Click this link to refr esh this page manually. Index Display the number of the data flow. IP Address Di[...]

  • Page 250

    VigorPro5510 Series User’s Guide 240 Unblock – the device with the IP address will be blocked in five minutes. The remaining time will be shown on the session column. Current /Peak/Speed Current means current transmission rate and receiving rate for WAN1/WAN2. Peak means the highest peak value detected by the router in data transmission. Speed [...]

  • Page 251

    VigorPro5510 Series User’s Guide 241 The horizontal axis represents time. Yet the vertical axis has different meanings. For WAN1/WAN2 Bandwidth chart, the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past. For Sessions chart, the numbers displayed on vertical axis represent the numbers of[...]

  • Page 252

    VigorPro5510 Series User’s Guide 242 Ping to Use the drop down list to choose the destination that you want to ping. IP Address Type in the IP address of the Host/IP that you want to ping. Run Click this button to start the ping work. The result will be displayed on the screen. Clear Click this link to remove the result on the window. 3 3 . . 1 1[...]

  • Page 253

    VigorPro5510 Series User’s Guide 243 Run Click this button to start route tracing work. Clear Click this link to remove the result on the window. 3 3 . . 1 1 7 7 . . 1 1 1 1 A A V V / / A A I I T T o o p p 1 1 0 0 This page provides information for the Top 1 0 of Anti-Virus and Anti-Intrusion signatures used frequently.[...]

  • Page 254

    VigorPro5510 Series User’s Guide 244 3 3 . . 1 1 7 7 . . 1 1 2 2 W W e e b b F F i i r r e e w w a a l l l l S S y y s s l l o o g g This page displays the time and message fo r firewall settings. You can check Enable Web Firewall Syslog and choose the display mode you want. Later, the event of firewall will be shown for your reference.[...]

  • Page 255

    VigorPro5510 Series User’s Guide 245 4 R R e e g g i i s s t t r r a a t t i i o o n n f f o o r r t t h h e e R R o o u u t t e e r r To use the anti-intrusion, anti-virus, anti-spam and WCF features of VigorPro series router, you have to create a new account, finish the registration for that account by using the router and complete the registra[...]

  • Page 256

    VigorPro5510 Series User’s Guide 246 2. Check to confirm that you accept the Agreement and click Accept . 3. Type your personal information in this page and then click Continue .[...]

  • Page 257

    VigorPro5510 Series User’s Guide 247 4. Choose proper selection for your computer and click Continue . 5. Now you have created an account successfully. Click START. 6. Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor.draytek.com .[...]

  • Page 258

    VigorPro5510 Series User’s Guide 248 7. Click the Activate my Account link to enable the account that you created. The following screen will be shown to verify th e register process is finished. Please click Login . 8. When you see the following page, please type in the account and password (that you just created) in the fields of UserName and Pa[...]

  • Page 259

    VigorPro5510 Series User’s Guide 249 4 4 . . 2 2 C C r r e e a a t t i i n n g g a a n n d d A A c c t t i i v v a a t t i i n n g g a a n n A A c c c c o o u u n n t t f f r r o o m m R R o o u u t t e e r r W W e e b b C C o o n n f f i i g g u u r r a a t t o o r r You can also create and register a new account from the web configurator of the[...]

  • Page 260

    VigorPro5510 Series User’s Guide 250 4. Click the Activate link. A login page for MyVigor web site will pop up automatically. 5. Click the link of Create an account now . 6. Check to confirm that you accept the Agreement and click Accept .[...]

  • Page 261

    VigorPro5510 Series User’s Guide 251 7. Type your personal information in this page and then click Continue . 8. Choose proper selection for your computer and click Continue .[...]

  • Page 262

    VigorPro5510 Series User’s Guide 252 9. Now you have created an account successfully. Click START. 10. Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor.draytek.com . 11. Click the Activate my Account link to enable the account that you created. The following screen will be shown to verify th e reg[...]

  • Page 263

    VigorPro5510 Series User’s Guide 253 12. When you see the following page, please type in the account and password (that you just created) in the fields of UserName and Password . 13. Now, click Login . Your account has been activated. You can access into MyVigor server to activate the service (e.g., WCF) that you want.  DrayTek will maintain a[...]

  • Page 264

    VigorPro5510 Series User’s Guide 254 4 4 . . 3 3 R R e e g g i i s s t t e e r r i i n n g g Y Y o o u u r r V V i i g g o o r r R R o o u u t t e e r r You have activated the new account for the router. Now, it is the time for you to register your vigor router. Open Defense Configuration >>Activation. Registering Vigor router should be don[...]

  • Page 265

    VigorPro5510 Series User’s Guide 255 4. A Login page will be shown on the screen. Please type the account and password that you created previously. And click Login . 5. The following page will be displayed after you logging in VigorPro server. From this page, please click Add .[...]

  • Page 266

    VigorPro5510 Series User’s Guide 256 6. When the following page appears, please type in Nick Nam e (for the router) and choose the right purchase date from the popup calendar (it appears when you click on the box of Purchase Date). 7. After adding the basic information for the router, please click Submit . 8. Now, your router information has been[...]

  • Page 267

    VigorPro5510 Series User’s Guide 257 9. Now, you have finished the procedure for registering your router. 4 4 . . 4 4 A A c c t t i i v v a a t t i i n n g g A A n n t t i i - - V V i i r r u u s s / / A A n n t t i i - - I I n n t t r r u u s s i i o o n n / / A A n n t t i i - - S S p p a a m m / / W W C C F F S S e e r r v v i i c c e e After [...]

  • Page 268

    VigorPro5510 Series User’s Guide 258 4. A Login page will be shown on the screen. Please type the account and password that you created previously. And click Login . 5. On the web page of My Product , you can find a list of the devices that you add with the above steps. Currently, you just have added VigorPro 5510. Please click the serial number [...]

  • Page 269

    VigorPro5510 Series User’s Guide 259 6. From the Device’s Service section, click the Trial button for AI-AV (Anti-Intrusion & Anti-Virus) service with provider DT-DT . Rename It allows you to change the account name. Delete It allows you to delete account name used currently. Transfer It allows you to transfer the VigorPro device together w[...]

  • Page 270

    VigorPro5510 Series User’s Guide 260 7. In the following page, check the box of “ I have read and accept the above Agreement ”. The system will find out the date for you to activate this version of service. Then, click Next . Note: DT-DT means you can acquire the anti-intrusion and anti-virus services from DrayTek Corporation. 8. When this pa[...]

  • Page 271

    VigorPro5510 Series User’s Guide 261 (Above figure supposes you have not activat ed Anti-Spam and Web Content Filte r yet. ) 10. Click Close . 11. Open Defense Configuration>>Activation page of the router’s web configurator. The start date and expire date for th e license are shown in this page. 12. Click Activate to access into VigorPro [...]

  • Page 272

    VigorPro5510 Series User’s Guide 262 4 4 . . 4 4 . . 2 2 F F o o r r A A n n t t i i - - S S p p a a m m S S e e r r v v i i c c e e Please follow the steps below to activat e Anti-Spam Service for your system. G G e e t t t t i i n n g g 3 3 0 0 D D a a y y s s o o f f F F r r e e e e C C h h a a r r g g e e 1. Open a web browser on your PC and [...]

  • Page 273

    VigorPro5510 Series User’s Guide 263 4. A Login page will be shown on the screen. Please type the account and password that you created previously. And click Login . 5. On the web page of My Product, click the Trial button for AS (Anti-Spam) service.[...]

  • Page 274

    VigorPro5510 Series User’s Guide 264 6. In this page, check the box of “ I have read and accept the above Agreement ”. The system will find out the date for you to activate this version of service. Then, click Next . Note: CTCH means you can acquire anti-spam service from Commtouch. 7. When this page appears, click Register . 8. Next, the Dra[...]

  • Page 275

    VigorPro5510 Series User’s Guide 265 9. Click Close . 10. Open Defense Configuration>>Activation page of the router’s web configurator. The start date and expire date for th e license are shown in this page. Now, you have finished all the procedure for activating Anti-Spam service for your router. Note: You are allowed to use this version[...]

  • Page 276

    VigorPro5510 Series User’s Guide 266 4 4 . . 4 4 . . 3 3 F F o o r r W W C C F F ( ( W W e e b b C C o o n n t t e e n n t t F F i i l l t t e e r r ) ) S S e e r r v v i i c c e e Please follow the steps below to activate WCF Service for your system. 1. Open a web browser on your PC and type http://192. 168.1.1. A pop-up window will open to ask [...]

  • Page 277

    VigorPro5510 Series User’s Guide 267 4. A Login page will be shown on the screen. Please type the account and password that you created previously. And click Login . 5. On the web page of My Product, click the Trial button for WCF (Web Content Filter) service.[...]

  • Page 278

    VigorPro5510 Series User’s Guide 268 6. In this page, check the box of “ I have read and accept the above Agreement ”. The system will find out the date for you to activate this version of service. Then, click Next . 7. When this page appears, click Register . 8. Next, the DrayTek Service Activation scr een will be shown as the following.[...]

  • Page 279

    VigorPro5510 Series User’s Guide 269 9. Click Close . 10. Open Defense Configuration>>Activation page of the router’s web configurator. The start date and expire date for th e license are shown in this page. Now, you have finished all the procedure for activating WCF service for your router. Note: You are allowed to use this version (with[...]

  • Page 280

    VigorPro5510 Series User’s Guide 270 4 4 . . 5 5 B B a a c c k k u u p p a a n n d d U U p p g g r r a a d d e e S S i i g g n n a a t t u u r r e e f f o o r r A A n n t t i i - - I I n n t t r r u u s s i i o o n n / / A A n n t t i i - - V V i i r r u u s s You can get the most updated signature fro m DrayTek’s server if the license key of a[...]

  • Page 281

    VigorPro5510 Series User’s Guide 271 T T i i m m e e f f o o r r I I m m p p o o r r t t Backup files can be imported whenever you want . T o use a saved signature information, please click Import . In addition, users can specify certain time for executing the upgrade automatically by the router. Remember to check the Schedule Update box and clic[...]

  • Page 282

    VigorPro5510 Series User’s Guide 272 B. For specified filter rule (there are twelve filte r sets in Firewall, and each set is allo wed to set seven filter rules), please check the box of Enable for Anti-Intrusion and choose proper action (profile) from the drop down list of Anti- Virus/Anti-Spam/Web Content Filter. Next, click OK to finish the pr[...]

  • Page 283

    VigorPro5510 Series User’s Guide 273 5 A A p p p p l l i i c c a a t t i i o o n n a a n n d d E E x x a a m m p p l l e e s s 5 5 . . 1 1 C C r r e e a a t t e e a a L L A A N N - - t t o o - - L L A A N N C C o o n n n n e e c c t t i i o o n n B B e e t t w w e e e e n n R R e e m m o o t t e e O O f f f f i i c c e e a a n n d d H H e e a a d[...]

  • Page 284

    VigorPro5510 Series User’s Guide 274 For using IPSec -based service, such as IPSec or L2 TP with IPSec Policy, you have to set general settings in IPSec General Setup , such as the pre-shared key that both parties have known. 3. Go to LAN-to-LAN . Click on one index number to edit a profile. 4. Set Common Settings as shown below. You should enabl[...]

  • Page 285

    VigorPro5510 Series User’s Guide 275 If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, PPP Authen tication and VJ Compression for this Dial-Out connection. 6. Set Dial-In settings to as shown below to allow Router B dial-in to build VPN connection. If an IPSec-based service i s selected[...]

  • Page 286

    VigorPro5510 Series User’s Guide 276 If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Com p ression for this Dial-In connection. 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router A can direct the packets destined to the remote network to Rout[...]

  • Page 287

    VigorPro5510 Series User’s Guide 277 2. Then, for using PPP based services, such as PPTP, L2TP, you have to set general settings in PPP General Setup . For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IPSec General Setup , such as the pre-shared key that both parties have known. 3. Go to [...]

  • Page 288

    VigorPro5510 Series User’s Guide 278 connection. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, PPP Authen tication and VJ Compression for this Dial-Out connection. 6. Set Dial-In settings to as shown below to allow Router A dial-in to build VPN connection. If an IPSec-based service [...]

  • Page 289

    VigorPro5510 Series User’s Guide 279 If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Com p ression for this Dial-In connection. 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router B can direct the packets des tined to the remote network to Rou[...]

  • Page 290

    VigorPro5510 Series User’s Guide 280 5 5 . . 2 2 C C r r e e a a t t e e a a R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r C C o o n n n n e e c c t t i i o o n n B B e e t t w w e e e e n n t t h h e e T T e e l l e e w w o o r r k k e e r r a a n n d d H H e e a a d d q q u u a a r r t t e e r r The other common case is th[...]

  • Page 291

    VigorPro5510 Series User’s Guide 281 3. Go to Remote Dial-In Users . Click on one index number to edit a profile. 4. Set Dial-In settings to as shown below to allow the remote user dial-in to build VPN connection. If an IPSec service is selected, you may further specify the remote peer IP Address, IKE Authentication Method and IPSec Security Meth[...]

  • Page 292

    VigorPro5510 Series User’s Guide 282 Settings in the remote host: 1. For Win98/ME, you may use "Dial-up Networking" to create the PPTP tunnel to Vigor router. For Win2000/XP, please use "Network and Dial-up connections" or “Smart VPN Client”, complimentary software to help you create PPTP, L2TP, and L2TP over IPSec tunnel.[...]

  • Page 293

    VigorPro5510 Series User’s Guide 283 If an IPSec-based service is selected as shown below, You may further specify the method you use to get IP, the security method, and authentication method. If the Pre-Shared Key is selected, it should be consistent with the one set in VPN router. If a PPP-based service is selected, you should fu rther specify [...]

  • Page 294

    VigorPro5510 Series User’s Guide 284 4. Click Connect button to build connection. When the connection is successful, you will find a green light on the right down corner. 5 5 . . 3 3 Q Q o o S S S S e e t t t t i i n n g g E E x x a a m m p p l l e e Assume a teleworker someti mes works at hom e and takes care of children. When working time, he w[...]

  • Page 295

    VigorPro5510 Series User’s Guide 285 Note: The rate of outbound/inbound m ust be smaller than the real bandwidth to ensure correct calculation of QoS. It is suggested to se t the bandwidth value for inbound/outbound as 80% - 85% of ph ysical network speed provided by ISP to maximize the QoS performance. 4. Return to previous page. Enter th e Name[...]

  • Page 296

    VigorPro5510 Series User’s Guide 286 8. Check Enable UDP Band width Control on the bott o m to prevent enormous UDP traffic of V oIP influent other application, and click OK. 9. If the worker has connected to the headquart er using host to host VPN tunnel. (Please refer to Chapter 3 VPN for detail instruction), he m ay set up an index for it. Ent[...]

  • Page 297

    VigorPro5510 Series User’s Guide 287 11. First, check the ACT box. Then click Edit of Local Address to set a worker ’ s subnet address. Click Edit of Remote Address to set headquarter ’ s subnet address. Leave other fields and click OK . 5 5 . . 4 4 L L A A N N – – C C r r e e a a t t e e d d b b y y U U s s i i n n g g N N A A T T An exa[...]

  • Page 298

    VigorPro5510 Series User’s Guide 288 T o use another DHCP server in the network rather than the built-in one of V igor Router , you have to change the settings as show below . Y ou can just set the settings wrapped inside the red rectangles to fit the request of NA T usage.[...]

  • Page 299

    VigorPro5510 Series User’s Guide 289 5 5 . . 5 5 U U p p g g r r a a d d e e F F i i r r m m w w a a r r e e f f o o r r Y Y o o u u r r R R o o u u t t e e r r Before upgrading your router firmware, you need to i nstall the Router Tools. The Firmware Upgrade Utility is included in the tools. 1. Go to www.draytek.com . 2. Access into Support >[...]

  • Page 300

    VigorPro5510 Series User’s Guide 290 5. Double click on the icon of router tool. The setup wizard will appear. 6. Follow the onscreen instructions to install the tool. Finally, click Finish to end the installation. 7. From the Start menu, open Programs and choose Router Tools XXX >> Firmware Upgrade Utility . 8. Type in your router IP, usua[...]

  • Page 301

    VigorPro5510 Series User’s Guide 291 10. Click Send . Now the firmware update is finished.[...]

  • Page 302

    VigorPro5510 Series User’s Guide 292 5 5 . . 6 6 R R e e q q u u e e s s t t a a c c e e r r t t i i f f i i c c a a t t e e f f r r o o m m a a C C A A s s e e r r v v e e r r o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r 1. Go to Certificate Management and choose Local Certificate .[...]

  • Page 303

    VigorPro5510 Series User’s Guide 293 2. You can click GENERATE button to start to edit a certificate request. Enter the information in the certificate request. 3. Copy and save the X509 Local Certificate Requet as a text file and save it for later use.[...]

  • Page 304

    VigorPro5510 Series User’s Guide 294 4. Connect to CA server via web browser. Follo w the instruction to subm it the request. Below we take a Windows 2000 CA server for example. Select Request a Certificate . Select Advanced request . Select Submit a certificate request a base64 encoded PKCS #10 file or a renewal request using a base64 encoded PK[...]

  • Page 305

    VigorPro5510 Series User’s Guide 295 Then you have done the request and the ser ver now issues you a certificate. Select Base 64 encoded certificate and Download CA certificate . Now you should get a certificate (.cer file) and save it. 5. Back to Vigor router, go to Local Certificate . Click IMPORT button to open next page. 6. Browse the file to[...]

  • Page 306

    VigorPro5510 Series User’s Guide 296 7. When the file is imported successfu lly, the following dialog will appear. 8. You may review the detail informati on of the certificate by clicking View button.[...]

  • Page 307

    VigorPro5510 Series User’s Guide 297 5 5 . . 7 7 R R e e q q u u e e s s t t a a C C A A C C e e r r t t i i f f i i c c a a t t e e a a n n d d S S e e t t a a s s T T r r u u s s t t e e d d o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r 1. Use web browser connecting to the CA server that you would like to retrieve its CA c[...]

  • Page 308

    VigorPro5510 Series User’s Guide 298 2. In Choose file to download , click CA Certificate Current and Base 64 encoded, and Download CA certificate to save the .cer. file. 3. Back to Vigor router, go to Trusted CA Certificate . Click IMPORT button and browse the file to import the certificate (.cer file) into Vigor router. When finished, click ref[...]

  • Page 309

    VigorPro5510 Series User’s Guide 299 6 T T r r o o u u b b l l e e S S h h o o o o t t i i n n g g This section will guide you to solve abnormal s ituations if you cannot access into the Internet after installing the router and finishing the web configuration. Please follow sections below to check your basic installation status stage by stage. z [...]

  • Page 310

    VigorPro5510 Series User’s Guide 300 F F o o r r W W i i n n d d o o w w s s  The example is based on Windows XP. As to the exam ples for other operation systems, please refer to the sim ilar steps or find support notes in www.draytek.com . 1. Go to Control Panel and then double-click on Network Connection s. 2. Right-click on Local Area Conne[...]

  • Page 311

    VigorPro5510 Series User’s Guide 301 4. Select Obtain an IP address automatically and Obtain DNS server address automatically. F F o o r r M M a a c c O O s s 1. Double click on the current used MacOs on the desktop. 2. Open the Application folder and get into Network . 3. On the Network screen, select Using DHCP from the drop down list of Config[...]

  • Page 312

    VigorPro5510 Series User’s Guide 302 6 6 . . 3 3 P P i i n n g g i i n n g g t t h h e e R R o o u u t t e e r r f f r r o o m m Y Y o o u u r r C C o o m m p p u u t t e e r r The default gateway IP address of the router is 192.168.1.1. For so me reason, you might need to use “ping” command to check the link status of the router. The most im[...]

  • Page 313

    VigorPro5510 Series User’s Guide 303 6 6 . . 4 4 C C h h e e c c k k i i n n g g I I f f t t h h e e I I S S P P S S e e t t t t i i n n g g s s a a r r e e O O K K o o r r N N o o t t Click WAN>> Internet Access and then check whether the ISP settings are set correctly. Click Details Page of WAN1/WAN2 to review the settings that you config[...]

  • Page 314

    VigorPro5510 Series User’s Guide 304 F F o o r r S S t t a a t t i i c c / / D D y y n n a a m m i i c c I I P P U U s s e e r r s s 1. Check if the Enable option is selected. 2. Check if IP address, Subnet Mask and Gateway are entered with correct values that you got from your ISP . F F o o r r P P P P T T P P U U s s e e r r s s 1. Check if the[...]