Go to page of
Similar user manuals
-
Router
Draytek Vigor 2925n-Plus
48 pages -
Router
Draytek Vigor2910i
269 pages 5.76 mb -
Router
Draytek Vigor 2820n
269 pages 5.33 mb -
Router
Draytek Vigor120
94 pages -
Router
Draytek Vigor 2200E
139 pages -
Router
Draytek VigorPro 5300VSn
304 pages -
Router
Draytek Vigor 2850
28 pages -
Router
Draytek Vigor3100i
198 pages
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of Draytek Vigor3200n, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Draytek Vigor3200n one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of Draytek Vigor3200n. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of Draytek Vigor3200n should contain:
- informations concerning technical data of Draytek Vigor3200n
- name of the manufacturer and a year of construction of the Draytek Vigor3200n item
- rules of operation, control and maintenance of the Draytek Vigor3200n item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Draytek Vigor3200n alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Draytek Vigor3200n, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Draytek service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Draytek Vigor3200n.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the Draytek Vigor3200n item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
[...]
-
Page 2
Vigor3200 Series User’s Guide ii Vigor3200 Series Multi-WAN Security Router User’s Guide Version: 1.1 Firmware Version: V3.3.7 Date: 07/04/2011[...]
-
Page 3
Vigor3200 Series User’s Guide iii Copyright Information Copyright Declarations Copyright 2011 All rights reserved. This pub lication contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stor ed in a retrieval system, or translated into any language withou t written permission from the copyright[...]
-
Page 4
Vigor3200 Series User’s Guide iv European Community Declarations Manufacturer: DrayTek Corp. Address: No. 26, Fu Shing Road, HuKou Town ship, HsinChu Industrial Park, Hsin-Chu, Taiwan 303 Product: Vigor3200 Ser ies Router DrayTek Corp. declares that Vigor3200 Series of ro uters are in compliance with the following essential requirements and other[...]
-
Page 5
Vigor3200 Series User’s Guide v[...]
-
Page 6
Vigor3200 Series User’s Guide vi T T a a b b l l e e o o f f C C o o n n t t e e n n t t s s 1 Pref ace ............................................................................................................... 1 1.1 Web Conf iguration Bu ttons Explanation ................................................................................. 1 1.[...]
-
Page 7
Vigor3200 Series User’s Guide vii 3.4.1 Dynam ic DNS .............................................................................................................. ... 60 3.4.2 UPnP..................................................................................................................... .......... 62 3.5 Wirele ss LAN .................[...]
-
Page 8
Vigor3200 Series User’s Guide viii 4.6.2 IP Group ................................................................................................................. ...... 147 4.6.3 Service Type Object ..................................................................................................... 1 49 4.6.4 Service Type Grou p ..............[...]
-
Page 9
Vigor3200 Series User’s Guide ix 4.13.5 Online Us er Status...................................................................................................... 255 4.14 USB App lication ........................................................................................................... ..... 255 4.14.1 USB Gene ral Setti ngs.............[...]
-
Page 10
Vigor3200 Series User’s Guide x 6.2 Checking If the Network Connection Settings on Y our Computer Is OK or Not ................. 334 6.3 Pinging the Router fr om Y our Co mputer ............................................................................. 336 6.4 Checking If the ISP Sett ings are OK or No t .......................................[...]
-
Page 11
Vigor3200 Series User’s Guide 1 1 P P r r e e f f a a c c e e Vigor3200 Series, a broadband router, integrates IP layer QoS, NAT session/b andwidth management to help users control works well with large bandwidth. By adopting hardware-based VPN platform and hardware encryption of AES/DES/3DES, the router increases the performance of VPN greatly a[...]
-
Page 12
Vigor3200 Series User’s Guide 2 1 1 . . 2 2 L L E E D D I I n n d d i i c c a a t t o o r r s s a a n n d d C C o o n n n n e e c c t t o o r r s s Before you use the Vigor router, please get acquainted with the LED indicators and connectors first. 1 1 . . 2 2 . . 1 1 F F o o r r V V i i g g o o r r 3 3 2 2 0 0 0 0 LED Status Explanation Blinking[...]
-
Page 13
Vigor3200 Series User’s Guide 3 Interface Description Factory Reset Restore the default settings. Usage: Turn on the router (ACT LED is blinkin g). Press the hole and keep for more than 5 seconds. When you see the ACT LED begins to blink rapid ly than usual, re lease the button. Th en the router will restart with the factory default confi guratio[...]
-
Page 14
Vigor3200 Series User’s Guide 4 1 1 . . 2 2 . . 2 2 F F o o r r V V i i g g o o r r 3 3 2 2 0 0 0 0 n n LED Status Explanation Blinking The router is powere d on and running no rmally. ACT (Activity) Off The router is powe red off. On USB device is connected and ready for use. USB Blinking The data is transmitting. On Wireless access point is rea[...]
-
Page 15
Vigor3200 Series User’s Guide 5 Interface Description Wireless LAN ON/OFF/WPS Press "Wireless LAN ON/OFF/WPS" butt on once to wait for client device making net work connect ion throug h WPS. Press "Wireless LAN ON/OFF/WPS" butt on twice to enable (WLAN LED on) or disable ( WLAN LED of f) wireless co nnection. Factory Reset Res[...]
-
Page 16
Vigor3200 Series User’s Guide 6 1 1 . . 3 3 H H a a r r d d w w a a r r e e I I n n s s t t a a l l l l a a t t i i o o n n Before starting to configure the router, you have to connect your devices correctly. 1. Connect the cable Modem/DSL Modem/Media Converter to any WAN port of router with Ethernet cable (RJ-45). 2. Connect one end of an Ethern[...]
-
Page 17
Vigor3200 Series User’s Guide 7 1 1 . . 4 4 P P r r i i n n t t e e r r I I n n s s t t a a l l l l a a t t i i o o n n You can install a printer onto the router for shar ing printing. All the PCs connected this router can print documents via the router. The exam ple provided here is made based on Windows XP/2000. For Windows 98/SE/Vista, please [...]
-
Page 18
Vigor3200 Series User’s Guide 8 3. Open File->Add Printer . A welcome dialog will appear. Please click Next . 4. Click Local printer attached to this computer and click Next. 5. In this dialog, choose Create a new port Type of port and use the drop down list to select Standard TCP/IP Port . Click Next .[...]
-
Page 19
Vigor3200 Series User’s Guide 9 6. In the following dialog, type 192.168.1.1 (router’s LAN IP) in the field of Printer Name or IP Address and type IP_192.168.1.1 as the port name. Then, click Next . 7. Click Standard and choose Generic Network Card. 8. Then, in the following dialog, click Finish .[...]
-
Page 20
Vigor3200 Series User’s Guide 10 9. Now, your system will ask you to choose right na me of the printer t hat you installed onto the router. Such step can make correct driver loaded onto your PC. When you finish the selection, click Next . 10. For the final stage, you need to go back to Control Panel-> Printers and edit the property of the new [...]
-
Page 21
Vigor3200 Series User’s Guide 11 The printer can be used for printing now. Most of the printers with different manufacturers are compatible with vigor router. Note 1: Some printers with the fax/scanning or other additional fun ctions are not supported. If you do not know whether your pr inter is supported or not, please vi sit www.DrayTek.com to [...]
-
Page 22
Vigor3200 Series User’s Guide 12 This page is left blank.[...]
-
Page 23
Vigor3200 Series User’s Guide 13 2 C C o o n n f f i i g g u u r r i i n n g g B B a a s s i i c c S S e e t t t t i i n n g g s s For using the router properly, it is necessar y for you to change the password of web configuration for security and adjust primary basic settings. 2 2 . . 1 1 T T w w o o - - L L e e v v e e l l M M a a n n a a g g e[...]
-
Page 24
Vigor3200 Series User’s Guide 14 2 2 . . 3 3 C C h h a a n n g g i i n n g g P P a a s s s s w w o o r r d d No matter user mode operation or admin mode operation, please change the password for the original security of the router. 1. Open a web browser on your PC and type http://192. 168.1.1. A pop-up window will open to ask for username and pas[...]
-
Page 25
Vigor3200 Series User’s Guide 15 Main screen for user mode operation (simple configuration) Note: The home page will change slightly in accordance with the type of the router you have. 4. Go to System Maintenance page and choose Administrator Password/User Password . or 5. Enter the login password (the defa ult is blank) on the field of Old Passw[...]
-
Page 26
Vigor3200 Series User’s Guide 16 2 2 . . 4 4 Q Q u u i i c c k k S S t t a a r r t t W W i i z z a a r r d d Notice: Quick Start Wizard for user mode operation is the same as for admin mode operation. If your router can be under an environment with high speed NAT, the configuration provide here can help you to deploy and use the router quickl y. [...]
-
Page 27
Vigor3200 Series User’s Guide 17 Note: There are five WAN selections available for you to choose. In which, WAN5 is selected for 3G USB modem connection. On the next page as shown below, please select the appropriate Internet access type according to the information from your ISP. For exam ple, you should select PPPoE mode if the ISP provides you[...]
-
Page 28
Vigor3200 Series User’s Guide 18 If your ISP provides you the PPPoE connection, please select PPPoE for this router. The following page will be shown: User Name Assign a specific valid user name provided by the ISP. Password Assign a valid password provided by the ISP. Confirm Password Retype the password. Click Next for viewing summary of such c[...]
-
Page 29
Vigor3200 Series User’s Guide 19 2 2 . . 4 4 . . 2 2 P P P P T T P P / / L L 2 2 T T P P Click PPTP/L2TP as the protocol. Type in all the information that your ISP provides for this protocol. Click Next for viewing summary of such connection. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this proto[...]
-
Page 30
Vigor3200 Series User’s Guide 20 2 2 . . 4 4 . . 3 3 S S t t a a t t i i c c I I P P Click Static IP as the protocol. Type in all the inform ation that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the [...]
-
Page 31
Vigor3200 Series User’s Guide 21 2 2 . . 4 4 . . 4 4 D D H H C C P P Click DHCP as the protocol. Type in all the information that your ISP provides for this protocol. After finishing the settings in this page, click Next to see the following page. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this [...]
-
Page 32
Vigor3200 Series User’s Guide 22 2 2 . . 5 5 S S e e r r v v i i c c e e A A c c t t i i v v a a t t i i o o n n W W i i z z a a r r d d Service Activation Wizard can guide you to set WCF (Web Content Feature) with a quick and easy way. For the Service Activation Wi zard is only available for admin operation, therefore, please type “admin/admin[...]
-
Page 33
Vigor3200 Series User’s Guide 23 3. In the following page, you can activate the Web content filter service at the same tim e or individually. When you finish the selection, please click Next . 4. Setting confirmation page will be displayed as follows, please click Next . 5. Wait for a moment till the following page appears. When such page appears[...]
-
Page 34
Vigor3200 Series User’s Guide 24 6. Now, the web page will display the service th at you have activated according to your selection(s). The valid time for the free trial of these services is one month. Later, if you need to extend the licen se valid time, you can also use the Service Activation Wizard again to reach your goal by clicking the radi[...]
-
Page 35
Vigor3200 Series User’s Guide 25 2 2 . . 6 6 O O n n l l i i n n e e S S t t a a t t u u s s The online status shows the system status, WAN st atus, and other status related to this router within one page. If you select PPPoE as the protocol, you will fi nd out a link of Dial PPPoE or Drop PPPoE in the Online Status web page. Detailed explanation[...]
-
Page 36
Vigor3200 Series User’s Guide 26 Up Time Displays the total uptime of the interface. IP Displays the IP address of the WAN interface. GW IP Displays the IP address of the default gateway. TX Packets Displays the total transmitted packets at the WAN interface. TX Rate Displays the speed of transmitted octets at the WAN interface. RX Packets Displa[...]
-
Page 37
Vigor3200 Series User’s Guide 27 Click Support Area>>Product Registration , the following web page will be displayed.[...]
-
Page 38
Vigor3200 Series User’s Guide 28 This page is left blank.[...]
-
Page 39
Vigor3200 Series User’s Guide 29 3 U U s s e e r r M M o o d d e e O O p p e e r r a a t t i i o o n n This chapter will guide users to execute simple configuration t hrough u ser mode operation. As for other examples of application, please refer to chapter 5. 1. Open a web browser on your PC and type http://192. 168.1.1. The window will ask for [...]
-
Page 40
Vigor3200 Series User’s Guide 30 From 10.0.0.0 to 10.255.255.255 From 172.16.0.0 to 172.31.255.255 From 192.168.0.0 to 192.168.255.255 W W h h a a t t a a r r e e P P u u b b l l i i c c I I P P A A d d d d r r e e s s s s a a n n d d P P r r i i v v a a t t e e I I P P A A d d d d r r e e s s s s As the router plays a role to manage and further [...]
-
Page 41
Vigor3200 Series User’s Guide 31 automatically. The supported 3G USB Modem w ill be listed on DrayTek web site. Please visit www.draytek.com for more detailed information. Below shows the menu items for WAN . 3 3 . . 1 1 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p This section will introduce some ge neral settings of Internet a nd exp[...]
-
Page 42
Vigor3200 Series User’s Guide 32 WAN configuration page. Enable V means such WAN interface is enabled and ready to be used. Physical Mode / Type Display the physical mode and physical type of such WAN interface. Line Speed Display the downstream and upstream rate of such WAN interface. Active Mode Display whether such WAN inte rface is Active dev[...]
-
Page 43
Vigor3200 Series User’s Guide 33 Line Speed If your choose According to Line Speed as the Load Balance Mode , please type the line speed for downloading and uploading for such WAN inte rface. The unit is kbps. The default setting for down link and up lin k is 10000Kbps. VLAN Tag insertion Enable – Enable the function of VLAN with tag. The route[...]
-
Page 44
Vigor3200 Series User’s Guide 34 F F o o r r W W A A N N 5 5 To use 3G network connection through 3G USB Modem , please configure WAN5 interface. Enable Choose Yes to invoke the settings for this WAN interface. Choose No to disable the settings for this WAN interface. Display Name Type the description for such WAN interface. Physical Mode Display[...]
-
Page 45
Vigor3200 Series User’s Guide 35 When any WAN disconnect – WAN1 will be activated when any WAN interface disconnects. When all WAN disconnect – WAN1 will be activated when all the WAN interfaces disconnect. 3 3 . . 1 1 . . 3 3 I I n n t t e e r r n n e e t t A A c c c c e e s s s s For the router supports multi-WAN function, the users can set[...]
-
Page 46
Vigor3200 Series User’s Guide 36 Details Page for accessing the page to configure the settings. Details Page This button will open different web page according to the access mode that you choose in WAN interface D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P o o E E i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 To choose PPPoE [...]
-
Page 47
Vigor3200 Series User’s Guide 37 setting is 1442. Bridge Mode If you choose Bridged IP as the protocol, you can check this box to invoke the function. The router will work as a bridge modem. PPP/MP Setup PPP Authentication – Select PAP only or PAP or CHAP for PPP. If you want to connect to Internet all the tim e, you can check Always On . Idle [...]
-
Page 48
Vigor3200 Series User’s Guide 38 D D e e t t a a i i l l s s P P a a g g e e f f o o r r S S t t a a t t i i c c o o r r D D y y n n a a m m i i c c I I P P i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 For static IP mode, you usually receive a fixe d public IP address or a public subnet, nam ely multiple public IP addresses from your DSL or Cable [...]
-
Page 49
Vigor3200 Series User’s Guide 39 execute for WAN detection. Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (Time to Live) – Displays value for your reference. TTL value is set by telnet command. MTU It means Max Transmit Unit for packet. The default setting is 1442. RIP Protoc[...]
-
Page 50
Vigor3200 Series User’s Guide 40 assigned. Specify an IP address – Click this radio button to specify some data if you want to use Static IP m ode. IP Address : Type the IP address. Subnet Mask : Type the subnet mask. Gateway IP Address : Type the gateway IP address. Default MAC Address : Click this radio button to use default MAC address for t[...]
-
Page 51
Vigor3200 Series User’s Guide 41 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P T T P P / / L L 2 2 T T P P i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 To use PPTP/L2TP as the accessing protocol of the internet, please choose PPTP/L2TP from Internet Access menu. The following web page will be shown. PPTP/L2TP Client Mode Enable P[...]
-
Page 52
Vigor3200 Series User’s Guide 42 Fixed IP - Usually ISP dynamically assigns IP address to you each time you connect to it and request. In some case, your ISP provides service to always assign you the same IP address whenever you request. In this case, you can fill in this IP address in the Fixed IP field. Please contact your ISP before you want t[...]
-
Page 53
Vigor3200 Series User’s Guide 43 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P i i n n W W A A N N 5 5 To use PPP (for 3G USB Modem) as the accessing protocol of the internet, please choose Internet Access from WAN menu. Then, select PPP mode for WAN5. The following web page will be shown. Enable / Disable Click Enable for a[...]
-
Page 54
Vigor3200 Series User’s Guide 44 Detection is alive or not through ARP Detect or Ping Detect. Mode – Choose ARP Detect or Ping Detect for the system to execute for WAN detection. Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (Time to Live) – Displays value for your referenc[...]
-
Page 55
Vigor3200 Series User’s Guide 45 3 3 . . 1 1 . . 4 4 L L o o a a d d - - B B a a l l a a n n c c e e P P o o l l i i c c y y This router supports the function of load balanci ng. It can assign traffic with protocol type, IP address for specific host, a subnet of hosts, and port range to be allocated in WAN interface. The user can assign traffic c[...]
-
Page 56
Vigor3200 Series User’s Guide 46 Click Index 1 to access into the following page for configuring load-balance policy. Enable Check this box to enable this policy. Protocol Use the drop-down menu to choose a proper protocol for the WAN interface. Binding WAN interface Choose the WAN interface (WAN1 / WAN2 / WAN3 / WAN4 /WAN5) for binding. Auto fai[...]
-
Page 57
Vigor3200 Series User’s Guide 47 3 3 . . 2 2 L L A A N N Local Area Network (LAN) is a group of subnets regulated and ruled by router . The design of network structure is related to what type of public IP addresses coming from your ISP . 3 3 . . 2 2 . . 1 1 B B a a s s i i c c s s o o f f L L A A N N The most generic function of V igor router is [...]
-
Page 58
Vigor3200 Series User’s Guide 48 W W h h a a t t i i s s R R o o u u t t i i n n g g I I n n f f o o r r m m a a t t i i o o n n P P r r o o t t o o c c o o l l ( ( R R I I P P ) ) V igor router will exchange routing informati on with neighboring routers using the RIP to accomplish IP routing. This allows users to cha nge the information of the r[...]
-
Page 59
Vigor3200 Series User’s Guide 49 D D e e t t a a i i l l s s P P a a g g e e f f o o r r L L A A N N 1 1 IP Address T ype in private IP address for connecting to a local private network (Default: 192.168.1.1). Subnet Mask T ype in an address code that determines the size of the network. (Default: 255.255.255.0/ 24) RIP Protocol Control Disable de[...]
-
Page 60
Vigor3200 Series User’s Guide 50 50 and the maximum is 253. Gateway IP Address - Enter a value of the gateway IP address for the DHCP server . The value is usually as same as the 1st IP address of the router , which means the router is the default gateway . DHCP Se rver IP Addr ess for Relay Agent - Set the IP address of the DHCP server you are g[...]
-
Page 61
Vigor3200 Series User’s Guide 51 3 3 . . 3 3 N N A A T T Usually, the router serves as an NAT (Network Address Translation) router. NAT is a mechanism that one or more private IP a ddresses can be mapped into a single public one. Public IP address is usually assigned by your ISP, for which you may get charged. Private IP addresses are recognized [...]
-
Page 62
Vigor3200 Series User’s Guide 52 3 3 . . 3 3 . . 1 1 P P o o r r t t R R e e d d i i r r e e c c t t i i o o n n Port Redirection is usually set up for server related service inside the local network (LAN), such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP address for each server and this public IP addre[...]
-
Page 63
Vigor3200 Series User’s Guide 53 Press any number under Index to access into next page for configuring port redirection. Enable Check this box to enable such port redirection setting. Mode Two options (Single and Range) are provided here for you to choose. To set a range for the specific service, select Range . In Range mode, if the public port ([...]
-
Page 64
Vigor3200 Series User’s Guide 54 will access the admin screen of by suffixing the IP address with 8080, e.g., http://192.168.1.1:8080 instead of port 80.[...]
-
Page 65
Vigor3200 Series User’s Guide 55 3 3 . . 3 3 . . 2 2 D D M M Z Z H H o o s s t t As mentioned above, Port Redirection can redirect incoming TCP/UDP or othe r traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (A H), do not travel on a fixed por[...]
-
Page 66
Vigor3200 Series User’s Guide 56 Private IP Enter the private IP address of the DMZ host, or click Choose PC to select one. Choose PC Click this button and then a window will autom atically pop up, as depicted below. The window consists of a list of private IP addresses of all hosts in your LAN network. Select one private IP address in the list t[...]
-
Page 67
Vigor3200 Series User’s Guide 57 DMZ Host for WAN2 ~ WAN5 are slightly di fferent with WAN1. See the following figure. If you previously have set up WAN Alias for PPPoE or Static or Dynamic IP mode in WAN2/WAN3/WAN4/WAN5 interface , you will find them in Aux. WAN IP for your selection. Enable Check to enable the DMZ Host function. Private IP Ente[...]
-
Page 68
Vigor3200 Series User’s Guide 58 3 3 . . 3 3 . . 3 3 O O p p e e n n P P o o r r t t s s Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2 P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application [...]
-
Page 69
Vigor3200 Series User’s Guide 59 Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. WAN Interface Specify the WAN interface that w ill be used for this entry. Local Computer Enter the private IP address of the local host or click Choose PC to select one. Choose PC Click this button and, [...]
-
Page 70
Vigor3200 Series User’s Guide 60 3 3 . . 4 4 A A p p p p l l i i c c a a t t i i o o n n s s Below shows the menu items for Applications. 3 3 . . 4 4 . . 1 1 D D y y n n a a m m i i c c D D N N S S The ISP often provides you with a dynamic IP address when you c onnect to the Internet via your ISP. It means that the public IP address assigned to y[...]
-
Page 71
Vigor3200 Series User’s Guide 61 Active Display if this account is active or inactive. View Log Display DDNS log status. Force Update Force the router updates its information to DDNS server. 3. Select Index number 1 to add an account for the router. Check Enable Dynamic DNS Account , and choose correct Service Provider: dyn dns.org, type the regi[...]
-
Page 72
Vigor3200 Series User’s Guide 62 4. Click OK button to activate the settings. You will see your setting has been saved. Disable the Function and Clear all Dynamic DNS Accounts In the DDNS setup menu, uncheck Enable Dynamic DNS Setup , and push Clear All button to disable the function and clear all accounts from the router. Delete a Dynamic DNS Ac[...]
-
Page 73
Vigor3200 Series User’s Guide 63 The UPnP facility on the router enables UPnP aware applications such as MSN Messenger to discover what are behind a NA T router . The application will also learn the external IP address and configure port mappings on the rout er . Subse quently , such a facility forwards packets fro m the external ports of the rou[...]
-
Page 74
Vigor3200 Series User’s Guide 64 The UPnP function dynamically adds port ma ppings on behalf of some UPnP-aware applications. When the applications terminate abnormally, these mappings may not be removed. 3 3 . . 5 5 W W i i r r e e l l e e s s s s L L A A N N This function is used for “n” models. 3 3 . . 5 5 . . 1 1 B B a a s s i i c c C C o[...]
-
Page 75
Vigor3200 Series User’s Guide 65 S S e e c c u u r r i i t t y y O O v v e e r r v v i i e e w w Real-time Hardware Encryption: Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest prote ction to your data without influencing user experience. Complete Security Standard Selection: To ensure the security and pr[...]
-
Page 76
Vigor3200 Series User’s Guide 66 Manage Wireless Stations - Station List will display all the station in your wireless network and the status of their connection. Below shows the menu items for Wireless LAN. 3 3 . . 5 5 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p By clicking the General Settings , a new web page will appear so that yo[...]
-
Page 77
Vigor3200 Series User’s Guide 67 channel is under serious inte rference. If you have no idea of choosing the frequency, please select Auto to let system determine for you. Packet-OVERDRIVE This feature can enhance the performance in data transmission about 40%* more (by checking Tx Bur s t). It is active only when both sides of Access Point and S[...]
-
Page 78
Vigor3200 Series User’s Guide 68 first set of SSID will be enabled. You can hide it for your necessity. Long Preamble This option is to define the length of t he sync field in an 802.11 packet. Most modern wireless network uses short preamble with 56 bit sync field instead of long pre amble with 128 bit sync field. However, some original 11b wire[...]
-
Page 79
Vigor3200 Series User’s Guide 69 should be entered in PSK. WPA2/PSK- Accepts only WPA2 clients and the encryption key should be entered in PSK. Mixed (WPA+ WPA2)/PSK - Accepts WPA and WPA2 clients simultaneously and the encryption key should be entered in PSK. WPA The WPA encrypts each frame transmitted from the radio using the key, which either [...]
-
Page 80
Vigor3200 Series User’s Guide 70 3 3 . . 5 5 . . 4 4 A A c c c c e e s s s s C C o o n n t t r r o o l l For additional security of wireless access, the Access Control facility allows you to restrict the network access right by controlling the wire less LAN MAC address of client. Only the valid MAC address that has been configured can access the [...]
-
Page 81
Vigor3200 Series User’s Guide 71 Cancel Give up the access control set up. OK Click it to save the access control list. Clear All Clean all entries in the MAC address list. 3 3 . . 5 5 . . 5 5 S S t t a a t t i i o o n n L L i i s s t t Station List provides the knowledge of connecting wire less clients now along with its status code. There is a [...]
-
Page 82
Vigor3200 Series User’s Guide 72 3 3 . . 6 6 S S y y s s t t e e m m M M a a i i n n t t e e n n a a n n c c e e For the system setup, there are several items that you have to know the way of configuration: Status, User Password, Time setup and Reboot System. Below shows the menu items for System Maintenance. 3 3 . . 6 6 . . 1 1 S S y y s s t t e[...]
-
Page 83
Vigor3200 Series User’s Guide 73 MAC Address Display the MAC address of the wireless LAN. Frequency Domain It can be Europe (13 usable channels), USA (11 usable channels) etc. The available ch annels supported by the wireless products in different countries are various. Firmware Version It indicates information about equipped WLAN miniPCi card. T[...]
-
Page 84
Vigor3200 Series User’s Guide 74 3 3 . . 6 6 . . 3 3 T T i i m m e e a a n n d d D D a a t t e e It allows you to specify where the time of the router should be inquired from. Current System Time Click Inquire Time to get the current time. Use Browser Time Select this option to use the browser time from the remote administrator PC host as router?[...]
-
Page 85
Vigor3200 Series User’s Guide 75 Click OK . The router will take 5 seconds to reboot the system. Note: When the system pops up Reboot System web page after you configure web settings, please click OK to reboot your router for ensuring normal operation and preventing unexpected errors of the router in the future. 3 3 . . 7 7 D D i i a a g g n n o [...]
-
Page 86
Vigor3200 Series User’s Guide 76 3 3 . . 7 7 . . 2 2 T T r r a a f f f f i i c c G G r r a a p p h h Click Diagnostics and click Traffic Graph to open the web page. Choose WAN1/WAN2/WAN3/WAN4/WAN5 Bandwidth, S essions, daily or weekly for viewing different traffic graph. Click Refresh to renew the graph at any time. The following two figures disp[...]
-
Page 87
Vigor3200 Series User’s Guide 77 Ping to Use the drop down list to choose the destination that you want to ping. IP Address Type in the IP address of the Host/IP that you want to ping. Run Click this button to start the ping work. The result will be displayed on the screen. Clear Click this link to remove the result on the window. 3 3 . . 7 7 . .[...]
-
Page 88
Vigor3200 Series User’s Guide 78 Host/IP Address It indicates the IP address of the host. Run Click this button to start route tracing work. Clear Click this link to remove the result on the window. .[...]
-
Page 89
Vigor3200 Series User’s Guide 79 4 A A d d m m i i n n M M o o d d e e O O p p e e r r a a t t i i o o n n This chapter will guide users to execute adva nced (full) configuration thr ough admin mode operation. As for other examples of application, please refer to chapter 5. 1. Open a web browser on your PC and type http://192. 168.1.1. The window[...]
-
Page 90
Vigor3200 Series User’s Guide 80 W W h h a a t t a a r r e e P P u u b b l l i i c c I I P P A A d d d d r r e e s s s s a a n n d d P P r r i i v v a a t t e e I I P P A A d d d d r r e e s s s s As the router plays a role to manage and further protect its LAN, it interconnects groups of host PCs. Each of them has a private IP address assigned b[...]
-
Page 91
Vigor3200 Series User’s Guide 81 4 4 . . 1 1 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p This section will introduce some ge neral settings of Internet a nd explain the connection modes for WAN1 to WAN5 in details. There are four WAN ports (represented with WAN1, WAN2, WAN3 and WAN4 in web pages) and one USB port (represented with WAN[...]
-
Page 92
Vigor3200 Series User’s Guide 82 interface. Line Speed Display the downstream and upstream rate of such WAN interface. Active Mode Display whether such WAN inte rface is Active device or backup device. Backup WAN Display the Backup WAN interface for such WAN when it is disabled. Note: In default, each WAN is enabled. F F o o r r W W A A N N 1 1 ~[...]
-
Page 93
Vigor3200 Series User’s Guide 83 WAN interface. The unit is kbps. The default setting for down link and up link is 10000Kbps. VLAN Tag insertion Enable – Enable the function of VLAN with tag. The router will add specific VLAN number to all packets on the WAN while sending them out. Disable – Disable the function of VLAN with tag. Tag value ?[...]
-
Page 94
Vigor3200 Series User’s Guide 84 F F o o r r W W A A N N 5 5 ( ( U U S S B B ) ) To use 3G network connection through 3G USB Modem , please configure WAN5 interface. Enable Choose Yes to invoke the settings for this WAN interface. Choose No to disable the settings for this WAN interface. Display Name Type the description for such WAN interface. P[...]
-
Page 95
Vigor3200 Series User’s Guide 85 When any WAN disconnect – WAN1 will be activated when any WAN interface disconnects. When all WAN disconnect – WAN1 will be activated when all the WAN interfaces disconnect. 4 4 . . 1 1 . . 3 3 I I n n t t e e r r n n e e t t A A c c c c e e s s s s For the router supports multi-WAN function, the users can set[...]
-
Page 96
Vigor3200 Series User’s Guide 86 Details Page for accessing the page to configure the settings. Details Page This button will open different web page according to the access mode that you choose in WAN interface[...]
-
Page 97
Vigor3200 Series User’s Guide 87 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P o o E E i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 To choose PPPoE as the accessing protocol of the internet, please select PPPoE from the Internet Access menu. The following web page will be shown. PPPoE Client Mode Click Enable for activating t[...]
-
Page 98
Vigor3200 Series User’s Guide 88 MTU It means Max Transmit Unit for packet. The default setting is 1442. Bridge Mode If you choose Bridged IP as the protocol, you can check this box to invoke the function. The router will work as a bridge modem. PPP/MP Setup PPP Authentication – Select PAP only or PAP or CHAP for PPP. If you want to connect to [...]
-
Page 99
Vigor3200 Series User’s Guide 89 D D e e t t a a i i l l s s P P a a g g e e f f o o r r S S t t a a t t i i c c o o r r D D y y n n a a m m i i c c I I P P i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 For static IP mode, you usually receive a fixe d public IP address or a public subnet, nam ely multiple public IP addresses from your DSL or Cable [...]
-
Page 100
Vigor3200 Series User’s Guide 90 execute for WAN detection. Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (Time to Live) – Displays value for your reference. TTL value is set by telnet command. MTU It means Max Transmit Unit for packet. The default setting is 1442. RIP Protoc[...]
-
Page 101
Vigor3200 Series User’s Guide 91 assigned. Specify an IP address – Click this radio button to specify some data if you want to use Static IP m ode. IP Address : Type the IP address. Subnet Mask : Type the subnet mask. Gateway IP Address : Type the gateway IP address. Default MAC Address : Click this radio button to use default MAC address for t[...]
-
Page 102
Vigor3200 Series User’s Guide 92 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P T T P P / / L L 2 2 T T P P i i n n W W A A N N 1 1 ~ ~ W W A A N N 4 4 To use PPTP/L2TP as the accessing protocol of the internet, please choose PPTP/L2TP from Internet Access menu. The following web page will be shown. PPTP/L2TP Client Mode Enable P[...]
-
Page 103
Vigor3200 Series User’s Guide 93 WAN IP Alias. You can set up to 8 public IP addresses other than the current one you are using. Fixed IP - Usually ISP dynamically assigns IP address to you each time you connect to it and request. In some case, your ISP provides service to always assign you the same IP address whenever you request. In this case, [...]
-
Page 104
Vigor3200 Series User’s Guide 94 D D e e t t a a i i l l s s P P a a g g e e f f o o r r P P P P P P i i n n W W A A N N 5 5 To use PPP (for 3G USB Modem) as the accessing protocol of the internet, please choose Internet Access from WAN menu. Then, select PPP mode for WAN5. The following web page will be shown. Enable / Disable Click Enable for a[...]
-
Page 105
Vigor3200 Series User’s Guide 95 Index (1-15) in Schedule Setup You can type in four sets of time schedule for your request. All the schedules can be set previously in Application >>Schedule web page and you can use the number that you have set in that web page. WAN Connection Detection Such function allows you to ve rify whether network co[...]
-
Page 106
Vigor3200 Series User’s Guide 96 4 4 . . 1 1 . . 4 4 L L o o a a d d - - B B a a l l a a n n c c e e P P o o l l i i c c y y This router supports the function of load balanci ng. It can assign traffic with protocol type, IP address for specific host, a subnet of hosts, and port range to be allocated in WAN interface. The user can assign traffic c[...]
-
Page 107
Vigor3200 Series User’s Guide 97 Click Index 1 to access into the following page for configuring load-balance policy. Enable Check this box to enable this policy. Protocol Use the drop-down menu to choose a proper protocol for the WAN interface. Binding WAN interface Choose the WAN interface (WAN1 / WAN2 / WAN3 / WAN4 / WAN5) for binding. Auto fa[...]
-
Page 108
Vigor3200 Series User’s Guide 98 4 4 . . 2 2 L L A A N N Local Area Network (LAN) is a group of subnets regulated and ruled by router . The design of network structure is related to what type of public IP addresses coming from your ISP . 4 4 . . 2 2 . . 1 1 B B a a s s i i c c s s o o f f L L A A N N The most generic function of V igor router is [...]
-
Page 109
Vigor3200 Series User’s Guide 99 In some special case, you may have a public IP subnet from your ISP such as 220.135.240.0/24. This m eans th at you can set up a public subnet or call second subnet that each host is equipped with a public IP address. As a part of the public subnet, the V igor router will serve for IP routing to help hosts in th e[...]
-
Page 110
Vigor3200 Series User’s Guide 100 W W h h a a t t a a r r e e V V i i r r t t u u a a l l L L A A N N s s a a n n d d R R a a t t e e C C o o n n t t r r o o l l Y ou can group local hosts by physical port and create up to 4 virtual LANs. T o manage the communication between different groups, please set up rules in V irtual LAN (VL AN) function a[...]
-
Page 111
Vigor3200 Series User’s Guide 101 General Setup----- Allow to configure settings for each subnet respectively. Index Display all of the LAN items, DMZ and IP Routed Subnet. Status Check the box to enable such LAN configuration. Basically, LAN1 status is enabled in default. LAN2, LAN3, LAN4 and IP Routed Subnet can be observed by checking the box [...]
-
Page 112
Vigor3200 Series User’s Guide 102 L L A A N N 1 1 LAN1 is the default configuration for basic host connection. Network Configuration Set IP address and Subnet Mask for clients connected via LAN1. IP Address - T y pe in private IP address for connecting to a local private network (Default: 192.168.1.1). Subnet Mask - T ype in an address code that [...]
-
Page 113
Vigor3200 Series User’s Guide 103 be 192.168.1.2 or greater , but smaller than 192.168.1.254. IP Pool Counts - E nte r the maxi mu m nu mber o f PC s th at y ou want the DHCP server to assign IP addresses to. The default is 50 and the maximum is 253. Gateway IP Address - Enter a value of the gateway IP address for the DHCP server . The value is u[...]
-
Page 114
Vigor3200 Series User’s Guide 104 L L A A N N 2 2 , , L L A A N N 3 3 , , L L A A N N 4 4 With the multi-subnet feature offered by Vigor r outer, LAN2 ~ LAN4 are used for different subnets. Network Configuration Enable – enable the configuration for such LAN. Disable – disable the configuration for such LAN. For NAT Usage Click this item to i[...]
-
Page 115
Vigor3200 Series User’s Guide 105 D D M M Z Z DMZ port setting is used for connecting host in DMZ. Network Configuration Set IP address and Subnet Mask for clients connected via DMZ port. For NAT Usage IP Address - T y pe in private IP address for connecting to a local private network (Default: 192.168.9.1). Subnet Mask - T ype in an address code[...]
-
Page 116
Vigor3200 Series User’s Guide 106 I I P P R R o o u u t t e e d d S S u u b b n n e e t t V igor router can serve as a DHCP server to route the request coming from LAN PC. Network Configuration Enable – enable the configuration for such LAN. Disable – disable the configuration for such LAN. IP Address - T y pe in private IP address for connec[...]
-
Page 117
Vigor3200 Series User’s Guide 107 Use LAN Port – Any PC asked for LAN IP address assigned by the DHCP server will send the request through the LAN port of the router. Use MAC Address - IP Routed Subnet will automatically assign the subnet for incoming DHCP with listed MAC address. Only the PC which matches the MAC address added can ask for LAN [...]
-
Page 118
Vigor3200 Series User’s Guide 108 A A d d d d S S t t a a t t i i c c R R o o u u t t e e s s t t o o P P r r i i v v a a t t e e a a n n d d P P u u b b l l i i c c N N e e t t w w o o r r k k s s Here is an example of setting Static Route in Main Router so that user A and B locating in different subnet can talk to each other via th e router . A[...]
-
Page 119
Vigor3200 Series User’s Guide 109 2. Click the LAN - S tatic Route and click on the Index Num ber 1. Check the Enable box. Please add a static route as shown below , which regulates all packets destined to 192.168.10.0 will be forwarded to 192.168.1.2. Click OK . 3. Return to St a t i c R o u t e Setup page. Click on another Index Number to add a[...]
-
Page 120
Vigor3200 Series User’s Guide 110 4 4 . . 2 2 . . 4 4 V V L L A A N N Virtual LAN function provides you a very conve nient way to ma nage subnets by grouping them. Go to LAN page and select VLAN . The following page will appear. Click Enable to invoke VLAN function. Enable Check this box to enable VLAN c onfiguration. The router will add specific[...]
-
Page 121
Vigor3200 Series User’s Guide 111 4 4 . . 2 2 . . 5 5 B B i i n n d d I I P P t t o o M M A A C C This function is used to bind the IP and MAC address in LAN to have a strengthening co ntrol in network. When this function is enabled, all the assigned IP and MAC address binding together cannot be changed. If you modified the binding IP or MAC addr[...]
-
Page 122
Vigor3200 Series User’s Guide 112 Add It allows you to add the one you choose from the ARP table or the IP/MAC address typed in Add and Edit to the table of IP Bind List . Edit It allows you to edit and modify the selected IP address and MAC address that you create before. Delete You can remove any item listed in IP Bind List . Simply click and s[...]
-
Page 123
Vigor3200 Series User’s Guide 113 4 4 . . 3 3 N N A A T T Usually, the router serves as an NAT (Network Address Translation) router. NAT is a mechanism that one or more private IP a ddresses can be mapped into a single public one. Public IP address is usually assigned by your ISP, for which you may get charged. Private IP addresses are recognized[...]
-
Page 124
Vigor3200 Series User’s Guide 114 4 4 . . 3 3 . . 1 1 P P o o r r t t R R e e d d i i r r e e c c t t i i o o n n Port Redirection is usually set up for server related service inside the local network (LAN), such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP address for each server and this public IP addr[...]
-
Page 125
Vigor3200 Series User’s Guide 115 Press any number under Index to access into next page for configuring port redirection. Enable Check this box to enable su ch port redirection setting. Mode Two options (Single and Range) are provided here for you to choose. To set a range for the specific service, select Range . In Range mode, if the public port[...]
-
Page 126
Vigor3200 Series User’s Guide 116[...]
-
Page 127
Vigor3200 Series User’s Guide 117 4 4 . . 3 3 . . 2 2 D D M M Z Z H H o o s s t t As mentioned above, Port Redirection can redirect incoming TCP/UDP or othe r traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (A H), do not travel on a fixed po[...]
-
Page 128
Vigor3200 Series User’s Guide 118 to select one. Choose PC Click this button and then a window will autom atically pop up, as depicted below. The window consists of a list of private IP addresses of all hosts in your LAN network. Select one private IP address in the list to be the DMZ host. When you have selected one private IP from the above dia[...]
-
Page 129
Vigor3200 Series User’s Guide 119 If you previously have set up WAN Alias for PPPoE or Static or Dynamic IP mode in WAN2/WAN3/WAN4/WAN5 interface , you will find them in Aux. WAN IP for your selection. Enable Check to enable the DMZ Host function. Private IP Enter the private IP address of the DMZ host, or click Choose PC to select one. Choose PC[...]
-
Page 130
Vigor3200 Series User’s Guide 120 4 4 . . 3 3 . . 3 3 O O p p e e n n P P o o r r t t s s Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2 P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application[...]
-
Page 131
Vigor3200 Series User’s Guide 121 Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. WAN IP Specify the WAN IP address that will be used for this entry. This setting is available when WAN IP Alias is configured. Local Computer Enter the private IP address of the local host or click Choos[...]
-
Page 132
Vigor3200 Series User’s Guide 122 4 4 . . 4 4 F F i i r r e e w w a a l l l l 4 4 . . 4 4 . . 1 1 B B a a s s i i c c s s f f o o r r F F i i r r e e w w a a l l l l While the broadband users demand more bandwidth f or multimedia, interactive applications, or distance learning, security has been always the most concerned. The firewall of the Vigo[...]
-
Page 133
Vigor3200 Series User’s Guide 123 S S t t a a t t e e f f u u l l P P a a c c k k e e t t I I n n s s p p e e c c t t i i o o n n ( ( S S P P I I ) ) Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy static packet filtering, which examines a packet based on the information in its header, stateful inspec[...]
-
Page 134
Vigor3200 Series User’s Guide 124 4 4 . . 4 4 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p General Setup allows you to adjust setti ngs of IP Filter and common options. Here you can enable or disable the Call Filter or Data Filter . Under some circumstance, your filter set can be linked to work in a serial manner. So here you assign th[...]
-
Page 135
Vigor3200 Series User’s Guide 125 router ’ s firewall will block the packets directly for security . D D e e f f a a u u l l t t R R u u l l e e P P a a g g e e Such page allows you to choose filtering prof iles including QoS, Load-Balance policy, WCF, APP Enforcement, URL Content Filter, AI/AV, AS, for data transmission via Vigor router. Filte[...]
-
Page 136
Vigor3200 Series User’s Guide 126 User Management Such item is available only when Rule-Based is selected in User Management>>General Setup . The general firewall rule will be applied to the user/user group/all users specified here. Note: When there is no user profile or group profile existed, Create New User or Cr eate New Group item will [...]
-
Page 137
Vigor3200 Series User’s Guide 127 Advance Setting Click Edit to open the following window . However , it is strongly r ecommended to use the default settings here. Codepage - This function is used to com pare the characters among dif ferent languages. Choose correct codepage can help the system obtaining correct ASCII after decoding data from URL[...]
-
Page 138
Vigor3200 Series User’s Guide 128 4 4 . . 4 4 . . 3 3 F F i i l l t t e e r r S S e e t t u u p p Click Firewall and click Filter Setup to open the setup page. To edit or add a filter, click on the set numbe r to edit the individual set. The following page will be shown. Each filter set contains up to 7 rules. Click on the rule num ber button to [...]
-
Page 139
Vigor3200 Series User’s Guide 129 To edit Filter Rule , click the Filter Rule index button to enter the Filter Rule setup page. Check to enable the Filter Rule Check this box to enable the filter rule. Comments Enter filter set comments/description. Maximum length is 14- character long. Index(1-15) Set PCs on LAN to work at certain time interval [...]
-
Page 140
Vigor3200 Series User’s Guide 130 To set the IP address manually, please choose Any Address/Single Address/ Range Address/Subnet Address as the Address Type and type them in this dialog. In addition, if you want to use the IP range from defined groups or objects, please choose Group and Objects as the Address Type. From the IP Group drop down lis[...]
-
Page 141
Vigor3200 Series User’s Guide 131 Protocol - Specify the protocol(s) which this filter rule will apply to. Source/Destination Port – (=) – when the first and last value are the same, it indicates one port; when the first and last values are different, it indicates a range for the port and available for this service type. (!=) – when the fir[...]
-
Page 142
Vigor3200 Series User’s Guide 132 configured in IP Object for Source IP and Destination IP be bound for applying such filter rule. No-Strict - no limitation. Quality of Service Choose one of the QoS rules to be applied as firewall rule. For detailed information of setting Qo S, please refer to the related section later . Load-Balance policy Choos[...]
-
Page 143
Vigor3200 Series User’s Guide 133 Content Filter web page first. Or choose [Cr eate New] from the drop down list in this page to create a new profile. For troubleshooting needs, you can specify to record inform ation for W eb Content Filter by checking the Log box. It will be sent to Syslog server . Please refer to section Syslog/Mail Alert for m[...]
-
Page 144
Vigor3200 Series User’s Guide 134 will be. However , if the network is not s table, small value will be proper . Session timeout –Setting timeout for sessions can make the best utilization of network resources. However , Queue timeout is configured for TCP protoc ol only ; session timeout is configured for the data flow which matched with the f[...]
-
Page 145
Vigor3200 Series User’s Guide 135 E E x x a a m m p p l l e e As stated before, all the traffic will be separate d and arbitrated using on of two IP filters: call filter or data filter. You may preset 12 call filters and data filters in Filter Setup and even link them in a serial manner. Each filter set is co mposed by 7 filter rules, which can b[...]
-
Page 146
Vigor3200 Series User’s Guide 136 4 4 . . 4 4 . . 4 4 D D o o S S D D e e f f e e n n s s e e As a sub-functionality of IP Filter/Firewall, th ere are 15 types of detect/ defense function in the DoS Defense setup. The DoS Defense functionality is disabled for default. Click Firewall and click DoS Defense to open the setup page. Enable Dos Defense[...]
-
Page 147
Vigor3200 Series User’s Guide 137 coming from the Internet. The default setting for threshold and timeout are 50 packets per second and 10 seconds, respectively. Enable PortScan detection Port Scan attacks the Vigor router by sending lots of packets to many ports in an attempt to find ignorant services would respond. Check the box to activate the[...]
-
Page 148
Vigor3200 Series User’s Guide 138 once they re-construct the packets. The Vigor routers will block any packets realizing this attacking activity. Block ICMP Fragment Check the box to activate the Block ICMP fragment function. Any ICMP packets with more fragment bit set are dropped. Block Unknown Protocol Check the box to activate the Block Unknow[...]
-
Page 149
Vigor3200 Series User’s Guide 139 4 4 . . 5 5 U U s s e e r r M M a a n n a a g g e e m m e e n n t t User Management is a security feature which disallows any IP traffic (except DHCP-related packets) from a particular host until that host has correctly supplied a valid username and password. Instead of managing with IP a ddress/MAC address, User[...]
-
Page 150
Vigor3200 Series User’s Guide 140 the filter rules configured in Firewall>>General Setup and Filter Rule to the users. 4 4 . . 5 5 . . 2 2 U U s s e e r r P P r r o o f f i i l l e e ( ( R R e e s s e e r r v v e e d d ) ) This page allows you to set customized profiles (up to 200) which will be applied for users controlled under User Manag[...]
-
Page 151
Vigor3200 Series User’s Guide 141 Enable this account Check this box to enable such user profile. User Name Type a name for such user profile (e.g., LAN_User_Group_1, WLAN_User_Group_A, WLAN_User_Group_B, etc). When a user tries to access Internet through this router, an authentication step must be perfo rmed first. The user has to type the User [...]
-
Page 152
Vigor3200 Series User’s Guide 142 selected in Firewall>>General>>Defa ult rule can be available for use in User Management>>User Profile . External Service Authentication The router will authenticate the dial-in user by itself or by external service such as LDAP server or Radius server. If LDAP or Radius is selected here, it is [...]
-
Page 153
Vigor3200 Series User’s Guide 143 Refresh – Click this button to recalculate the time quota. Add – Click this box to set the time quota for such profile. Index (1-15) in Schedule Setup You can type in four sets of time schedule for your request. All the schedules can be set previously in Application >> Schedule web page and you can use [...]
-
Page 154
Vigor3200 Series User’s Guide 144 profiles will be numbered with 3, 4, 5 and so on. Selected Keyword Objects Click button to add the selected user objects in this box. 3 3 . . 5 5 . . 4 4 U U s s e e r r O O n n l l i i n n e e S S t t a a t t u u s s This page displays the user(s) connected to the router and refreshes the connection status in an[...]
-
Page 155
Vigor3200 Series User’s Guide 145 Logout – the user will be logged out forcefully. 4 4 . . 6 6 O O b b j j e e c c t t s s S S e e t t t t i i n n g g s s For IPs in a range and service ports in a limited range usually will be applied in configuri ng router’s settings, therefore we can define them with objects and bind them with groups for us[...]
-
Page 156
Vigor3200 Series User’s Guide 146 Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose a proper interface. For example, the Direction setting in Edit Filter Rule will ask you specify IP or IP range for WAN or LAN or any IP address. If you choose LAN as the Interface here, and choose LAN as the direction setting i[...]
-
Page 157
Vigor3200 Series User’s Guide 147 Subnet Mask Type the subnet mask if the Subnet Address type is selected. Invert Selection If it is checked, all the IP addresses except the ones listed above will be applied la ter while it is chosen. Below is an example of IP objects settings. 4 4 . . 6 6 . . 2 2 I I P P G G r r o o u u p p This page allows you [...]
-
Page 158
Vigor3200 Series User’s Guide 148 Click the number under Index colu mn for settings in detail. Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose WAN, LAN or Any to display all the available IP objects with the specified interface. Available IP Objects All the available IP objects with the specified interface c[...]
-
Page 159
Vigor3200 Series User’s Guide 149 4 4 . . 6 6 . . 3 3 S S e e r r v v i i c c e e T T y y p p e e O O b b j j e e c c t t You can set up to 96 sets of Service Type Objects with different conditions. Set to Factory Default Clear all profiles. Click the number under Index co lumn for settings in detail. Name Type a name for this profile. Protocol S[...]
-
Page 160
Vigor3200 Series User’s Guide 150 (=) – when the first and last value are the same, it indicates one port; when the first and last values are different, it indicates a range for the port and available for this profile. (!=) – when the first and last value are the same, it indicates all the ports except the port defined here; when th e first a[...]
-
Page 161
Vigor3200 Series User’s Guide 151 Click the number under Index co lumn for settings in detail. Name Type a name for this profile. Available Service Type Objects All the available service objects that you have added on Objects Setting>>Service Type Object will be shown in this box. Selected Service Type Objects Click >> button to add t[...]
-
Page 162
Vigor3200 Series User’s Guide 152 Click the number under Index column for setting in detail. Name Type a name for this profile, e.g., game. Contents Type the content for such profile. For example, type gambling as Contents. When you browse th e webp age, the page with gambling information will be watched out and be passed/blocked based on the con[...]
-
Page 163
Vigor3200 Series User’s Guide 153 Click the number under Index column for setting in detail. Name Type a name for this group. Available Keyword Objects You can gather keyword objects from Keyword Object page within one keyword group. All the available Keyword objects that you have created will be shown in this box. Selected Keyword Objects Click [...]
-
Page 164
Vigor3200 Series User’s Guide 154 Click the number under Profile column for configuration in details. Profile Name Type a name for this profile. Type a name for such profile and check all the ite ms of file extension that will be processed in the router. Finally, click OK to save this profile.[...]
-
Page 165
Vigor3200 Series User’s Guide 155 4 4 . . 7 7 C C S S M M P P r r o o f f i i l l e e C C o o n n t t e e n n t t S S e e c c u u r r i i t t y y M M a a n n a a g g e e m m e e n n t t ( ( C C S S M M ) ) CSM is an abbreviation of Content Security Management which is used to control IM/P2P usage, filter the web content and URL conten t to reach [...]
-
Page 166
Vigor3200 Series User’s Guide 156 4 4 . . 7 7 . . 1 1 A A P P P P E E n n f f o o r r c c e e m m e e n n t t P P r r o o f f i i l l e e You can define policy profiles for IM (Instan t Messenger)/P2P (Peer to Peer)/Protocol/Misc application. This page allows you to set 32 profiles for different requirements. The APP Enforcement Profile will be a[...]
-
Page 167
Vigor3200 Series User’s Guide 157 Below shows the items which are categorized under IM . Profile Name Type a name for the CSM profile. Select All Click it to choose all of the items in this page. Clear All Uncheck all the selected boxes. The profiles configured here can be applied in the Firewall>>General Setup and Firewall>>Filter Se[...]
-
Page 168
Vigor3200 Series User’s Guide 158 Below shows the items which are categorized under Protocol . The items categorized under Misc.[...]
-
Page 169
Vigor3200 Series User’s Guide 159 4 4 . . 7 7 . . 2 2 U U R R L L C C o o n n t t e e n n t t F F i i l l t t e e r r P P r r o o f f i i l l e e To provide an appropriate cyberspace to users, Vigor router equips with URL Content Filter not only to limit illegal traffic from/to the ina ppropriate web sites but also prohibit other web feature wher[...]
-
Page 170
Vigor3200 Series User’s Guide 160 Profile Name Type a name for the CSM profile. Priority It determines the action that this router will apply. Both: Pass – The router will let all the packages that match with the conditions specified in URL Access Control and Web Feature below passing through. When you choose this setting, both configuration se[...]
-
Page 171
Vigor3200 Series User’s Guide 161 Pass – Only the log about Pass w ill be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. URL Access Control Enable URL Access Control - Check the box to activate URL Access Control. Note that the priority for [...]
-
Page 172
Vigor3200 Series User’s Guide 162 Web Feature Enable Restrict Web Feature - Check this box to make the keyword being blocked or passed. Action - This setting is available only when Either: URL Access Control First or Either: Web Feature Firs is selected. Pass allows accessing into the corresponding webpage with the keywords listed on the box belo[...]
-
Page 173
Vigor3200 Series User’s Guide 163 4 4 . . 7 7 . . 3 3 W W e e b b C C o o n n t t e e n n t t F F i i l l t t e e r r P P r r o o f f i i l l e e There are three ways to activate WCF on vigor router, using Service Activation Wizard , by means of CSM>>Web Content Filter Profile or via System Maintenance>>Activation . Service Activation[...]
-
Page 174
Vigor3200 Series User’s Guide 164 auto-selected. Find more Click it to open http://myvigor.draytek.com for searching another qualified and suitable server. Set to Factory Default Click this link to retrieve the factory settings. Cache None – the router will check the URL that the user wants to access via WCF precisely, however, the processing r[...]
-
Page 175
Vigor3200 Series User’s Guide 165 Black/White List Enable – Activate white/black list function for such profile. Group/Object Selections – Click Edit to choose the group or object profile as the content of white/black list. Pass - allow accessing into the corresponding webpage with the characters listed on Group/Object Selections . If the web[...]
-
Page 176
Vigor3200 Series User’s Guide 166 Pass – Only the log about Pass w ill be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. 4 4 . . 8 8 B B a a n n d d w w i i d d t t h h M M a a n n a a g g e e m m e e n n t t Below shows the menu items for B[...]
-
Page 177
Vigor3200 Series User’s Guide 167 To activate the function of limit session, simply click Enable and set the default session limit. Enable Click this button to activate the function of limit session. Disable Click this button to close the function of limit session. Default session limit Defines the default session number used for each computer in[...]
-
Page 178
Vigor3200 Series User’s Guide 168 maximum number of Internet sessions permitted. Index (1-15) in Schedule Setup You can type in four sets of time schedule for your request. All the schedules can be set previously in Application >> Schedule web page and you can use the number that you have set in that web page. 4 4 . . 8 8 . . 2 2 B B a a n [...]
-
Page 179
Vigor3200 Series User’s Guide 169 Limitation List Display a list of specific limitations that you set on this web page. Start IP Define the start IP address for limit bandwidth. End IP Define the end IP address for limit bandwidth. Each /Shared Select Each to make each IP within the range of Start IP and End IP having the same speed defined in TX[...]
-
Page 180
Vigor3200 Series User’s Guide 170 headquarter, a teleworker may enforce an inde x of QoS Control to reserve bandwidth for HTTPS connection while using lots of application at the sam e time. One more larger-scale imple mentation of QoS network is to apply DSCP (Differentiated Service Code Point) and IP Precedence disciplines at Layer 3. Compared w[...]
-
Page 181
Vigor3200 Series User’s Guide 171 You can configure general setup for the WAN interface, edit the Class Rule, and edit the Service Type for the Class Rule for your request. G G e e n n e e r r a a l l S S e e t t u u p p f f o o r r W W A A N N I I n n t t e e r r f f a a c c e e When you click Setup , you can configure the bandwidth ratio for Qo[...]
-
Page 182
Vigor3200 Series User’s Guide 172 Reserved Bandwidth Ratio It is reserved for the group index in the form of ratio of reserved bandwidth to upstream speed and reserve d bandwidth to downstream speed . Enable UDP Bandwidth Control Check this and set the limited bandwidth ratio on the right field. This is a protection of TCP application traffic sin[...]
-
Page 183
Vigor3200 Series User’s Guide 173 After you click the Edit link, you will see the following page. Now you can define the name for that Class. In this case, “Test” is used as the name of Class Index #1. For adding a new rule, click Add to open the following page. ACT Check this box to invoke these settings. Local Address Click the Edit button [...]
-
Page 184
Vigor3200 Series User’s Guide 174 Subnet Mask. DiffServ CodePoint All the packets of data will be di vided with different levels and will be processed according to the level type by the system. Please assign one of the levels of the data for processing with QoS control. Service Type It determines the service type of the data for processing with Q[...]
-
Page 185
Vigor3200 Series User’s Guide 175 After you click the Edit link, you will see the following page. For adding a new service type, click Add to open the following pag e. Service Name Type in a new service for your request. Service Type Choose the type (TCP, UDP or TCP/UDP) for the new service. Port Configuration Click Single or Range as the Type . [...]
-
Page 186
Vigor3200 Series User’s Guide 176 4 4 . . 9 9 A A p p p p l l i i c c a a t t i i o o n n s s Below shows the menu items for Applications. 4 4 . . 9 9 . . 1 1 D D y y n n a a m m i i c c D D N N S S The ISP often provides you with a dynamic IP address when you c onnect to the Internet via your ISP. It means that the public IP address assigned to [...]
-
Page 187
Vigor3200 Series User’s Guide 177 page of DDNS setup to set account(s). WAN Interface Display the WAN interface used. Domain Name Display the domain name that you set on the setting page of DDNS setup. Active Display if this account is active or inactive. View Log Display DDNS log status. Force Update Force the router updates its information to D[...]
-
Page 188
Vigor3200 Series User’s Guide 178 Password Type in the password that you set for applying domain. Wildcard and Backup MX The W ildcard and Backup MX features are not supported for all Dynamic DNS providers. Y ou could get more detailed information from their websites. 4. Click OK button to activate the settings. You will see your setting has been[...]
-
Page 189
Vigor3200 Series User’s Guide 179 Enable Schedule Setup Check to enable the schedule. Start Date (yyyy-mm-dd) Specify the starting date of the schedule. Start Time (hh:mm) Specify the starting time of the schedule. Duration Time (hh:mm) Specify the duration (or period) for the schedule. Action Specify which action Call Schedule should apply durin[...]
-
Page 190
Vigor3200 Series User’s Guide 180 Mon - Sun 9:00 am to 6:00 pm 1. Make sure the PPPoE connection and T ime Setup is working properly . 2. Configure the PPPoE always on from 9:00 to 18:00 f or whole week. 3. Configure the For ce Down from 18:00 to next day 9:00 for whole week. 4. Assign these two profiles to the PPPoE Internet access profile. Now [...]
-
Page 191
Vigor3200 Series User’s Guide 181 4 4 . . 9 9 . . 4 4 L L D D A A P P / / A A c c t t i i v v e e D D i i r r e e c c t t o o r r y y Lightweight Directory Access Protocol (LDAP) is a communication protocol for using in TCP/IP network. It defines the methods to access distributing directory server by clients, work on directory and share the infor[...]
-
Page 192
Vigor3200 Series User’s Guide 182 Enable UPNP Service Accordingly , you can enable either the Connection Contr ol Service or Connection S tatus Service . After setting Enable UPNP Service setting, an icon of IP Br oadband Connection on Router on W indows XP/Network Connections will appear . The connection status and control status will be able to[...]
-
Page 193
Vigor3200 Series User’s Guide 183 The reminder as regards concern about Firewall and UPnP Can't work with Firewall Software Enabling firewall applications on your P C may cause the UPnP function not working properly. This is because these applicati ons will block the accessing ability of some network ports. Security Considerations Activating[...]
-
Page 194
Vigor3200 Series User’s Guide 184 Enable IGMP Proxy Check this box to enable this function. WAN Interface - The application of multicast will be executed through WAN port sel ected. In addition, such function is available in NAT mode. VLAN Tag insertion – It allows to enable / disable VLAN tag feature for IGMP packet. Tag value – Give a tag v[...]
-
Page 195
Vigor3200 Series User’s Guide 185 4 4 . . 9 9 . . 7 7 W W a a k k e e o o n n L L A A N N A PC client on LAN can be woken up by the router it connects. When a user wants to wake up a specified PC through the router, he/she must type correct MAC address of the specified PC on this web page of Wake on LAN of this router. In addition, such PC must h[...]
-
Page 196
Vigor3200 Series User’s Guide 186[...]
-
Page 197
Vigor3200 Series User’s Guide 187 4 4 . . 1 1 0 0 V V P P N N a a n n d d R R e e m m o o t t e e A A c c c c e e s s s s A Virtual Private Network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Intern et. In short, by VPN technolog y, you can send data between two computers across a s[...]
-
Page 198
Vigor3200 Series User’s Guide 188 LAN-to-LAN Profile When you finish the mode and profile selection, please click Next to open the following page. In this page, you have to select suitable VPN type for the VPN client profile. There are six types provided here. Different type will lead to different configurati on page. After making the choices for[...]
-
Page 199
Vigor3200 Series User’s Guide 189 z When you choose IPSec , you will see the following graphic:[...]
-
Page 200
Vigor3200 Series User’s Guide 190 z When you choose L2TP , you will see the following graphic: z When you choose L2TP over IPSec (N ice to Have), you will see the following graphic:[...]
-
Page 201
Vigor3200 Series User’s Guide 191 z When you choose L2TP over IPSec (Must), you will see the following graphic: Profile Name Type a name for such profile. The length of the file is limited to 10 characters. VPN Dial-Out Through Use the drop down menu to choose a proper WAN interface for this profile. This setting is useful for dial-out only. WAN1[...]
-
Page 202
Vigor3200 Series User’s Guide 192 You have to configure one certificate at least previously in Certificate Management >> Local Certificate. Otherwise, the setting you choose here will not be effective. Peer ID – Choose one of the ID from the drop down list. Local ID – Choose Alternative Subject Name First or Subject Name First . IPSec S[...]
-
Page 203
Vigor3200 Series User’s Guide 193 Management Access>>Connection Management for viewing VPN Connection status. Do another VPN Server Wizard Setup Click this radio button to set another profile of VPN Server through VPN Server Wizard. View more detailed configuration Click this radio button to access VPN and Remote Access>>LAN to LAN fo[...]
-
Page 204
Vigor3200 Series User’s Guide 194 Please choose a Dial-in User Accounts This item is available when you choose Remote Dial-in User (Teleworker) as VPN server mode. There are 32 VPN tunnels for users to set. Allowed Dial-in Type This item is available after you choose any one of dial-in user account profiles. Next, you have to select suitable dial[...]
-
Page 205
Vigor3200 Series User’s Guide 195 After making the choices for the server profile, please click Next . You will see different configurations based on the selection you made . Here we take the example of choosing Remote-Dial-in User as the VPN Server Mode . z When you check PPTP , you will see the following graphic: z When you check PPTP/IPSec/L2T[...]
-
Page 206
Vigor3200 Series User’s Guide 196 z When you check IPSec , you will see the following graphic: Profile Name Type a name for such profile. The length of the file is limited to 10 characters. User Name This field is used to auth enticate for connection when you select PPTP or L2TP with or without IPSec policy above. Password This field is used to a[...]
-
Page 207
Vigor3200 Series User’s Guide 197 location of the remote host) for building VPN connection. Remote Network Mask Please type the network mask (according to the real location of the remote host) for building VPN connection. After finishing the configuration, please click Next. The confirmation page will be shown as follows. If there is no problem, [...]
-
Page 208
Vigor3200 Series User’s Guide 198 4 4 . . 1 1 0 0 . . 3 3 R R e e m m o o t t e e A A c c c c e e s s s s C C o o n n t t r r o o l l Enable the necessary VPN service as you need. If you intend to run a VPN server inside your LAN, you should disable the VPN service (e.g., PPTP VPN, IPSec VPN, L2TP VPN, SSL VPN, etc.) of Vigor Router to allow VPN [...]
-
Page 209
Vigor3200 Series User’s Guide 199 Require MPPE (40/128bits) - Selecting this option will force the router to encrypt packets by using the MPPE encryption algorithm. In addition, the rem ote dial-in user will use 40-bit to perform encryption prior t o using 128-bit for encryption. In other words, if 128-bit MPPE encryption method is not available,[...]
-
Page 210
Vigor3200 Series User’s Guide 200 receiving side, the peer will perform the same one-way hash on the packet and com pare the value with the one in the AH it receives. Encapsulating Security Payload (ESP) is a security protocol that provides data confidentiality and protection with optional authentica tion and replay detection service. IKE Authent[...]
-
Page 211
Vigor3200 Series User’s Guide 201 4 4 . . 1 1 0 0 . . 6 6 I I P P S S e e c c P P e e e e r r I I d d e e n n t t i i t t y y To use digital certificate for p eer authentication in either LAN-to-LAN connection or Remote User Dial-In connection, here you may edit a table of peer certificate for selectio n. As shown below, the router provides 32 en[...]
-
Page 212
Vigor3200 Series User’s Guide 202 Profile Name Type the name of the profile. Accept Any Peer ID Click to accept any peer regardless of its identity. Accept Subject Alternative Name Click to check one specific field of digital signature to accept the peer with matching value. The field can be IP Address, Domain, or E-mail Address . The box under t[...]
-
Page 213
Vigor3200 Series User’s Guide 203 4 4 . . 1 1 0 0 . . 7 7 R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r You can manage remote access by maintaining a table of remote user profile, so that users can be authenticated to dial-in via VPN connecti on. You may set parameters including specified connection peer ID, connection type [...]
-
Page 214
Vigor3200 Series User’s Guide 204 Click each index to edit one remote user profile. Each Dial-In Type requires you to fill the different corresponding fields on the right. If the fields gray out, it means you may leave it untouched. The following explanation will gui de you to fill all the necessary fields. User account and Authentication Enable [...]
-
Page 215
Vigor3200 Series User’s Guide 205 VPN connection becomes one pure L2TP connection. z Must - Specify the IPSec policy to be definitely applied on the L2TP connection. SSL Tunnel - It allows the remote dial-in user to make an SSL VPN Tunnel connection through Internet, suitable for the application through network accessing (e.g., PPTP/L2TP/IPSec) I[...]
-
Page 216
Vigor3200 Series User’s Guide 206 If you haven’t set any SSL VPN web proxy profiles, you will a link here. Click this link to acce ss into the configuration page of SSL VPN. Note: SSL VPN can be applied in browser (e.g., IE) which supports ActivateX only. User Name This field is applicable when you select PPTP or L2TP with or without IPSec poli[...]
-
Page 217
Vigor3200 Series User’s Guide 207 the Medium, DES, 3DES or AES box as the security method. Medium-Authentication Header (AH) means data will be authenticated, but not be encrypte d. By default, this option is invoked. You can uncheck it to disable it. High-Encapsulating Security Payload (ESP) means payload (data) will be encrypted and authenticat[...]
-
Page 218
Vigor3200 Series User’s Guide 208 For the web page is too long, we divide the page into se veral sections for explanation. Profile Name Specify a name for the profile of the LAN-to-LAN connection. Enable this profile Check here to activate this profile. VPN Dial-Out Through Use the drop down menu to choose a proper WAN interface for this profile.[...]
-
Page 219
Vigor3200 Series User’s Guide 209 Block – When there is conflict occurred between the hosts on both sides of VPN Tunnel in connecting, such function can block data transmission of Netbios Naming Packet inside the tunnel. Multicast via VPN Some programs might send multicast packets via VPN connection. Pass – Click this button to let multicast [...]
-
Page 220
Vigor3200 Series User’s Guide 210 viewed as one pure L2TP connection. Nice to Have: Apply the IPSec policy first, if it is applicable during negotiation. Otherwise, the dial-out VPN connection becomes one pure L2TP connection. Must: Specify the IPSec policy to be definitely applied on the L2TP connection. User Name This field is applicable when y[...]
-
Page 221
Vigor3200 Series User’s Guide 211 algorithm and apply MD5 or SHA-1 authentication algorithm. AES without Authentication -Use AES encryption algorithm and not apply any authentication scheme. AES with Authentication- Use AES encryption algorithm and apply MD5 or SHA-1 authentication algorithm. Advanced Specify mode, proposal and key life of each I[...]
-
Page 222
Vigor3200 Series User’s Guide 212 Allowed Dial-In Type Determine the dial-in connection with different types. PPTP - Allow the remote dial-in user to make a PPTP VPN connection through the Internet. You should set the U ser Name and Password of remote dial-in user below. IPSec Tunnel- Allow the remote dial-in user to trigger an IPSec VPN connecti[...]
-
Page 223
Vigor3200 Series User’s Guide 213 on the L2TP connection. Specify Remote VPN Gateway - You can specify the IP address of the remote dial-in user or peer ID (should be the same with the ID setting in dial-in type) by checking the box. Also, you should further specify the corresponding security methods on the right side. If you uncheck the checkbox[...]
-
Page 224
Vigor3200 Series User’s Guide 214 decipher IPSec encryption, he/she still cannot ask LAN site to do data transmission with any information. Such function can ensure the data transmitted on VPN tunnel is really sent out from both sides. This is an optional function. However, if one side wants to use it, the peer must enable it, too. TCP/IP Network[...]
-
Page 225
Vigor3200 Series User’s Guide 215 the remote network only allows you to dial in with sin gle IP, please choose NAT , otherwise choose Route . Change default route to this VPN tunnel - Check this box to change the default route with this VPN tunnel. 4 4 . . 1 1 0 0 . . 9 9 V V P P N N T T R R U U N N K K M M a a n n a a g g e e m m e e n n t t VPN[...]
-
Page 226
Vigor3200 Series User’s Guide 216 ¾ The web page is simple to understand and easy to configure ¾ The TCP Session transmitted by using VPN TRUNK-VPN Load Balance mechanism will not be lost due to one of VPN Tunnels disconnected. Users do not need to reconnect with setting TCP/UDP Service Port again. Th e VPN Load Balance function can keep the tr[...]
-
Page 227
Vigor3200 Series User’s Guide 217 condition. ”No” means the state might be disabled or that profile currently is set with Dial-in mode (for call direction) in LAN-to-LAN. Type (on Backup Profile field) - Display the connection type for that profile, such as IPSec, PPTP, L2TP, L2TP over IPSec (NICE), L2TP over IPSec(MUST) and so on. Member2 (o[...]
-
Page 228
Vigor3200 Series User’s Guide 218 Detailed information for this dialog, see later section - Advanced Load Balance and Backup . General Setup Status - After choosing one of the profile listed above, please click Enable to activate this profile. If you click Disable , the selected or current used VP N TRUNK-Backup/Load Balance mechanism profile wil[...]
-
Page 229
Vigor3200 Series User’s Guide 219 Edit Click this button to save the changes to the Status (Enable or Disable), profile name, member1 or member2. Delete Click this button to delete the selected VPN TRUNK profile. The corresponding members (LAN-to-LAN profiles) grouped in the deleted VPN TRUNK profile will be released and that profiles in LAN-to-L[...]
-
Page 230
Vigor3200 Series User’s Guide 220 Balance mechanism profile, the selected LAN-to-LAN profiles will be released and expressed in black. H H o o w w c c a a n n y y o o u u s s e e t t a a G G R R E E o o v v e e r r I I P P S S e e c c p p r r o o f f i i l l e e ? ? 1. Please go to LAN to LAN to set a profile with IPSec. 2. If the router will be [...]
-
Page 231
Vigor3200 Series User’s Guide 221 A A d d v v a a n n c c e e d d L L o o a a d d B B a a l l a a n n c c e e a a n n d d B B a a c c k k u u p p After setting profiles for load balance, you can choose any one of t hem and click Advance for more detailed configuration. The windows for advanced load balance and backup are different. Refer to the f[...]
-
Page 232
Vigor3200 Series User’s Guide 222 configuring Binding Tunnel. After insert – Click this radio button to adding a new bindi ng tunnel table. Tunnel Bind Table Index - 128 Binding tunnel tables are provided by this device. Specify the number of the tunnel for such Load Balance profile. Active – In-active/Delete can delete this binding tunnel ta[...]
-
Page 233
Vigor3200 Series User’s Guide 223 以上的範例,這邊做不成功,請 協助提供一張, TKS! Note : To configure a successful binding tunnel, you have to: z Type Binding Src IP range (Start and En d) and Binding Des IP range (Start and End). Choose TCP/UDP, IGMP/ICMP or Other as Binding Protocol. Advanced Backup Profile Name List the b[...]
-
Page 234
Vigor3200 Series User’s Guide 224 4 4 . . 1 1 0 0 . . 1 1 0 0 C C o o n n n n e e c c t t i i o o n n M M a a n n a a g g e e m m e e n n t t You can find the summary table of all VPN connections. You may disconnect any VPN connection by clicking Drop button. You m ay also aggressively Dial-out by using Dial-out Tool and clicking Dial button. Gen[...]
-
Page 235
Vigor3200 Series User’s Guide 225 4 4 . . 1 1 1 1 C C e e r r t t i i f f i i c c a a t t e e M M a a n n a a g g e e m m e e n n t t A digital certificate works as an electronic ID, which is issued by a certification authority (CA). It contains information such as your name , a serial number, expiration dates etc., and the digital signature of t[...]
-
Page 236
Vigor3200 Series User’s Guide 226 Note: Please be noted that “Common Name” must be configured with rotuer’s WAN IP or domain name. After clicking GENERATE , the generated information w ill be displayed on the window below: IMPORT Vigor router allows you to generate a certificate request and submit it the CA server, then import it as “Loca[...]
-
Page 237
Vigor3200 Series User’s Guide 227 Upload Local Certificate It allows users to import the certificate which is generated by vigor router and signed by CA server. If you have done well in certificate generation, the Status of the certificate will be shown as “ OK ”. Upload PKCS12 Certificate It allows users to import the certificate whose exten[...]
-
Page 238
Vigor3200 Series User’s Guide 228 REFRESH Click this button to refresh the information listed below. View Click this button to view the detailed settings for certificate request. Note: You have to copy the certificate request information from above window. Next, access your CA server and enter the page of certificate request, copy the information[...]
-
Page 239
Vigor3200 Series User’s Guide 229 4 4 . . 1 1 1 1 . . 2 2 T T r r u u s s t t e e d d C C A A C C e e r r t t i i f f i i c c a a t t e e Trusted CA certificate lists three sets of trusted CA certificate. To import a pre-saved trusted CA certificate, please click IMPORT to open the following window. Use Browse… to find out the saved text file. [...]
-
Page 240
Vigor3200 Series User’s Guide 230 4 4 . . 1 1 1 1 . . 3 3 C C e e r r t t i i f f i i c c a a t t e e B B a a c c k k u u p p Local certificate and Trusted CA certificate for this router can be saved within one file. Please click Backup on the following screen to save them. If you want to set encryption password for these certificates, please typ[...]
-
Page 241
Vigor3200 Series User’s Guide 231 M M u u l l t t i i p p l l e e S S S S I I D D s s Vigor router supports four SSID settings for wireless connections. Each SSID can be defined with different name and download/upload rate for selecting by stations connected to the route r wirelessly. S S e e c c u u r r i i t t y y O O v v e e r r v v i i e e w [...]
-
Page 242
Vigor3200 Series User’s Guide 232 Separate the Wireless and the Wired LAN- WLAN Isolation enables you to isolate your wireless LAN from wired LAN for either quaran tine or limit access reasons. To isolate means neither of the parties can access each other. To elaborate an example for business use, you may set up a wireless LAN for visitors only s[...]
-
Page 243
Vigor3200 Series User’s Guide 233 4 4 . . 1 1 2 2 . . 2 2 G G e e n n e e r r a a l l S S e e t t u u p p By clicking the General Settings , a new web page will appear so that you could configure the SSID and the wireless channel. Please refer to the following figure for more information. Enable Wireless LAN Check the box to enable wireless funct[...]
-
Page 244
Vigor3200 Series User’s Guide 234 Index(1-15) Set the wireless LAN to work at certain time interval only. You may choose up to 4 schedules out of the 15 schedules pre-defined in Applications >> Schedule setup. The default setting of this field is blank and the function will always work. Hide SSID Check it to prevent from wireless sniffing a[...]
-
Page 245
Vigor3200 Series User’s Guide 235 Long Preamble This option is to define the length of t he sync field in an 802.11 packet. Most modern wireless network uses short preamble with 56 bit sync field instead of long pream ble with 128 bit sync field. However, some original 11b wireless network devices only support long pream ble. Check it to use Long[...]
-
Page 246
Vigor3200 Series User’s Guide 236 4 4 . . 1 1 2 2 . . 3 3 S S e e c c u u r r i i t t y y This page allows you to set security with diffe rent modes for SSID 1, 2, 3 and 4 respectively. After configuring the correct settings, please click OK to save and invoke it. Default Pre-Shared Key (PSK) is provided and stated on the label pasted on the bott[...]
-
Page 247
Vigor3200 Series User’s Guide 237 Disable - Turn off the encryption mechanism. WEP- Accepts only WEP clients and the encryption key should be entered in WEP Key. WEP/802.1x Only - Accepts only WEP clients and the encryption key is obtained dynamically from RADIUS server with 802.1X protocol. WPA/802.1x Only- Accepts only WPA clients and the encry[...]
-
Page 248
Vigor3200 Series User’s Guide 238 4 4 . . 1 1 2 2 . . 4 4 A A c c c c e e s s s s C C o o n n t t r r o o l l In the Access Control , the router may restrict wireless access to cert ain wireless clients only by locking their MAC address into a black or wh ite list. The user may block wireless clients by inserting their MAC addresses into a black [...]
-
Page 249
Vigor3200 Series User’s Guide 239 OK Click it to save the access control list. Clear All Clean all entries in the MAC address list. 4 4 . . 1 1 2 2 . . 5 5 W W P P S S WPS (Wi-Fi Protected Setup) provides easy procedure to m ake network connection between wireless station and wireless access point (vigor router) with the encryption of WPA and WPA[...]
-
Page 250
Vigor3200 Series User’s Guide 240 z If you want to use PIN code, you have to know the PIN code specified in wireless client. Then provide the PIN code of the wireless clie nt you wish to connect to the vigor router. For WPS is supported in WPA-PSK or WPA2-PSK mode, if you do not choose such mode in Wireless LAN>>Security , you will see the [...]
-
Page 251
Vigor3200 Series User’s Guide 241 SSID Display the SSID1 of the router. WPS is supported by SSID1 only. Authentication Mode Display current authentication mode of the router. Only WPA2/PSK and WPA/PSK support WPS. Configure via Push Button Click Start PBC to invoke Push-Button style WPS setup procedure. The router will wait for WPS requests from [...]
-
Page 252
Vigor3200 Series User’s Guide 242 The application for the WDS-Repeater mode is depicted as below: The major difference between these two modes is that: while in Repeater mode, the packets received from one peer AP can be repeated to another peer AP through WDS links. Yet in Bridge mode, packets received from a WDS link will only be for warded to [...]
-
Page 253
Vigor3200 Series User’s Guide 243 Mode Choose the mode for WDS setting. Disable mode will not invoke any WDS setting. Bridge mode is designed to fulfill the first type of application. Repea ter mode is for the second one. Security There are three types for security, Disable , WEP and Pre-shared key . The setting you choose here will make the foll[...]
-
Page 254
Vigor3200 Series User’s Guide 244 system between AP and the router. Key - Type 8 ~ 63 ASCII characters or 64 hexadecimal digits leading by “0x”. Bridge If you choose Bridge as the connecting mode, please type in the peer MAC address in these fields. Four peer MAC addresses are allowed to be entered in this pa ge at one time. Yet please disabl[...]
-
Page 255
Vigor3200 Series User’s Guide 245 the AP router will choose short guard interval (increasing the wireless performance) or long gua rd interval for data transm it based on the station capability. Aggregation MSDU Aggregation MSDU can combine frames with different sizes. It is used for improving MAC layer’s performance for some brand’s clients.[...]
-
Page 256
Vigor3200 Series User’s Guide 246 CWMin or equals to CWMin value. Both values will influence the time delay for WMM accessing categories. The difference between AC_VI and AC_VO categories must be smaller; however, the difference between AC_BE and AC_BK categories must be greater. Txop It means transmission opportunity. For WMM categories of AC_VI[...]
-
Page 257
Vigor3200 Series User’s Guide 247 4 4 . . 1 1 2 2 . . 9 9 A A P P D D i i s s c c o o v v e e r r y y Vigor router can scan all regulatory channels and find working APs in the neighborhood. Based on the scanning result, users will know which channel is clean for usage. Also, it can be used to facilitate finding an AP for a WDS li nk. Notice that [...]
-
Page 258
Vigor3200 Series User’s Guide 248 4 4 . . 1 1 2 2 . . 1 1 0 0 S S t t a a t t i i o o n n L L i i s s t t Station List provides the knowledge of connecting wire less clients now along with its status code. There is a code summary belo w for explanation. For convenient Access C ontrol , you can select a WLAN station and click Add to Access Control[...]
-
Page 259
Vigor3200 Series User’s Guide 249 4 4 . . 1 1 3 3 . . 1 1 G G e e n n e e r r a a l l S S e e t t u u p p This page determines the general configuration for SSL VPN Server and SSL Tunnel. Port Such port is set for SSL VPN server. It will not affect the HTTPS Port configuration set in System Maintenance>>Management . In general, the default [...]
-
Page 260
Vigor3200 Series User’s Guide 250 Click number link under Index filed to set detailed configuration. Name Type name of the profile. URL Type the address (function variation or IP address) or path of the proxy server. Host IP Address If you type function variation as URL, you have to t ype corresponding IP address in this filed. Such field must ma[...]
-
Page 261
Vigor3200 Series User’s Guide 251 4 4 . . 1 1 3 3 . . 3 3 S S S S L L A A p p p p l l i i c c a a t t i i o o n n It provides a secure and flexible solution fo r network resources, including VNC (Virtual Network Computer) /RDP (Remote Desktop Protoc ol) /SAMBA, to any remote user with access to Internet and a web browser. Name Display the applica[...]
-
Page 262
Vigor3200 Series User’s Guide 252 to the following: z Virtual Network Computing – Choose this item for accessing and controlling a rem ote PC through VNC protocol. IP Address Type the IP address for this protocol. Port Specify the port used for this protocol. The default setting is 5900. Scaling Chose the percentage (100%, 80%, 60) for such app[...]
-
Page 263
Vigor3200 Series User’s Guide 253 z Samba Application - Any remote user can upload/download/delete certain files on a local samba server through web browser with this application Samba Path Specify the path for this application. 4 4 . . 1 1 3 3 . . 4 4 U U s s e e r r A A c c c c o o u u n n t t For SSL VPN, identity authentication and po wer man[...]
-
Page 264
Vigor3200 Series User’s Guide 254 However, if you have set several SSL Web Proxy Profiles in SSL VPN>> SSL Web Proxy web page: The SSL Web Proxy profile names will be disp layed (together with check box) as shown below.[...]
-
Page 265
Vigor3200 Series User’s Guide 255 4 4 . . 1 1 3 3 . . 5 5 O O n n l l i i n n e e U U s s e e r r S S t t a a t t u u s s If you have finished the configuration of SSL Web Proxy (server), users can find out corresponding settings when they access in to Draytek SSL VPN portal interface. Next, users can open SSL VPN>> Online Status to view lo[...]
-
Page 266
Vigor3200 Series User’s Guide 256 4 4 . . 1 1 4 4 . . 1 1 U U S S B B G G e e n n e e r r a a l l S S e e t t t t i i n n g g s s This page will determine the number of concu rrent FT P connection, default charset for FTP server and enable Samba service. At present, the Vigor router can support USB diskette with formats of FAT16 and FAT32 only. T[...]
-
Page 267
Vigor3200 Series User’s Guide 257 many as 15 characters and the host name can have as many as 23 characters. Both them cannot contain any of the following--- ; : " < > * + = | ?. Workgroup Name – Type a name for the workgroup. Host Name – Type the host name for the router. 4 4 . . 1 1 4 4 . . 2 2 U U S S B B U U s s e e r r M M a[...]
-
Page 268
Vigor3200 Series User’s Guide 258 into USB storage diskette. Note: “Admin” could not be typed here as username, for the word is specified for accessing into web pages of Vigor router only. Also, it is reserved for FTP firmware upgrade usage. Note: FTP Passive mode is not supported by Vigor Router. Please disable the mode on the FTP client. Pa[...]
-
Page 269
Vigor3200 Series User’s Guide 259 4 4 . . 1 1 4 4 . . 3 3 F F i i l l e e E E x x p p l l o o r r e e r r File Explorer offers an easy way for users to review and manage the content of USB diskette connected on Vigor router. Refresh Click this icon to refresh files list. Back Click this icon to return to the upper directory. Create Click this ico[...]
-
Page 270
Vigor3200 Series User’s Guide 260 Disk Capacity It displays the total capacity of the USB diskette. Free Capacity It displays the free space of the USB diskette. Click Refresh at any time to get new status for free capacity. Index It displays the number of the client which connecting to FTP server. IP Address It displays the IP address of the use[...]
-
Page 271
Vigor3200 Series User’s Guide 261 4 4 . . 1 1 5 5 . . 1 1 S S y y s s t t e e m m S S t t a a t t u u s s The System Status provides basic network settings of Vigor router. It includes L AN and WAN interface information. Also, you could ge t the current running firmware version or firmware related information from this presentation. Model Name Di[...]
-
Page 272
Vigor3200 Series User’s Guide 262 MAC Address Display the MAC address of the WAN Interface. Connection Display the connection type. IP Address Display the IP address of the WAN interface. Default Gateway Display the assigned IP address of the default gateway. 4 4 . . 1 1 5 5 . . 2 2 T T R R - - 0 0 6 6 9 9 This device supports TR-069 standard. It[...]
-
Page 273
Vigor3200 Series User’s Guide 263 such problem, you might change port num ber for CPE. Periodic Inform Settings The default setting is Enable . Please set interval time or schedule time for the router to send notification to CPE. Or click Disable to close the mechanism of notification. STUN Settings The default is Disable . If you click Enable , [...]
-
Page 274
Vigor3200 Series User’s Guide 264 4 4 . . 1 1 5 5 . . 4 4 C C o o n n f f i i g g u u r r a a t t i i o o n n B B a a c c k k u u p p B B a a c c k k u u p p t t h h e e C C o o n n f f i i g g u u r r a a t t i i o o n n Follow the steps below to backup your configuration. 1. Go to System Maintenance >> Configuration Backup . The following[...]
-
Page 275
Vigor3200 Series User’s Guide 265 4. Click Save button, the configuration will download a utomatically to your computer as a file named config.cfg . The above example is using W indows platform for demonstrating exam ples. The Mac or Linux platform will appear dif ferent windows, but the backup function is still available. Note: Backup for Certif[...]
-
Page 276
Vigor3200 Series User’s Guide 266 4 4 . . 1 1 5 5 . . 5 5 S S y y s s l l o o g g / / M M a a i i l l A A l l e e r r t t SysLog function is provided for users to monitor router. There is no bother to directly get into the Web Configurator of the router or borrow debug equipm ents. Enable Check Enable to activate function of syslog. Syslog Save t[...]
-
Page 277
Vigor3200 Series User’s Guide 267 Mail To Assign a mail address for sending mails out. Return-Path Assign a path for receiving the mail from outside. Authentication Check this box to activate this function while using e-mail application. User Name Type the user name for authentication. Password Type the password for authentication. Enable E-mail [...]
-
Page 278
Vigor3200 Series User’s Guide 268 4 4 . . 1 1 5 5 . . 6 6 T T i i m m e e a a n n d d D D a a t t e e It allows you to specify where the time of the router should be inquired from. Current System Time Click Inquire Time to get the current time. Use Browser Time Select this option to use the browser time from the remote administrator PC host as ro[...]
-
Page 279
Vigor3200 Series User’s Guide 269 4 4 . . 1 1 5 5 . . 7 7 M M a a n n a a g g e e m m e e n n t t This page allows you to manage the setti ngs for access control, access list, port setup, and SMP setup. For example, as to management access control, the port number is used to send/receive SIP message for building a session. Router Name Type a name[...]
-
Page 280
Vigor3200 Series User’s Guide 270 Set Community Set community by typing a proper nam e. The default setting is private. Manager Host IP Set one host as the manager to execute SNMP function. Please type in IP address to specify certain host. Trap Community Set trap community by typing a proper name . The default setting is public. Notification Hos[...]
-
Page 281
Vigor3200 Series User’s Guide 271 4 4 . . 1 1 5 5 . . 9 9 F F i i r r m m w w a a r r e e U U p p g g r r a a d d e e Before upgrading your router firmware, you need to i nstall the Router Tools. The Firmware Upgrade Utility is included in the tools. The following web page will guide you to upgrade firmware by using an exam ple. Note that this ex[...]
-
Page 282
Vigor3200 Series User’s Guide 272 4 4 . . 1 1 5 5 . . 1 1 0 0 A A c c t t i i v v a a t t i i o o n n There are three ways to activate WCF on vigor router, using Service Activation Wizard , by means of CSM>>Web Content Filter Profile or via System Maintenance>>Activation . After you have finished the setting profiles for WCF (refer to[...]
-
Page 283
Vigor3200 Series User’s Guide 273 Below shows the successful activation of Web Content Filter: 4 4 . . 1 1 6 6 D D i i a a g g n n o o s s t t i i c c s s Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router. Below shows the menu items for Diagnostics.[...]
-
Page 284
Vigor3200 Series User’s Guide 274 4 4 . . 1 1 6 6 . . 1 1 D D i i a a l l - - o o u u t t T T r r i i g g g g e e r r Click Diagnostics and click Dial-out Trigger to open the web pag e. The internet connection (e.g., PPPoE) is triggered by a package sending from the source IP address. Decoded Format It shows the source IP address (local), destina[...]
-
Page 285
Vigor3200 Series User’s Guide 275 4 4 . . 1 1 6 6 . . 3 3 A A R R P P C C a a c c h h e e T T a a b b l l e e Click Diagnostics and click ARP Cache Table to view the content of the ARP (Address Resolution Protocol) cache held in the router. Th e table shows a mapping between an Ethernet hardware address (MAC Address) and an IP address. Refresh Cl[...]
-
Page 286
Vigor3200 Series User’s Guide 276 Leased Time It displays the leased time of the specified PC. HOST ID It displays the host ID name of the specified PC. Refresh Click it to reload the page. 4 4 . . 1 1 6 6 . . 5 5 N N A A T T S S e e s s s s i i o o n n s s T T a a b b l l e e Click Diagnostics and click NAT Sessions Table to open the list page. [...]
-
Page 287
Vigor3200 Series User’s Guide 277 Enable Data Flow Monitor Check this box to enable this function. Refresh Seconds Use the drop down list to choose the time interval of refreshing data flow that will be done by the system automatically. Refresh Click this link to refr esh this page manually. Index Display the number of the data flow. IP Address D[...]
-
Page 288
Vigor3200 Series User’s Guide 278 Unblock – the device with the IP address will be blocked in five minutes. The remaining time will be shown on the session column. Current /Peak/Speed Current means current transmission rate and receiving rate for WAN interface. Peak means the highest peak value detected by the router in data transmission. Speed[...]
-
Page 289
Vigor3200 Series User’s Guide 279 The horizontal axis represents time. Yet the vertical axis has different meanings. For WAN1/WAN2/WAN3/WAN4/WAN5 Bandwidth char t, the numbers displayed on vertical axis represent the numbers of the transmi tted and received packets in the past. For Sessions chart, the numbers displayed on vertical axis represent [...]
-
Page 290
Vigor3200 Series User’s Guide 280 Run Click this button to start the ping work. The result will be displayed on the screen. Clear Click this link to remove the result on the window. 4 4 . . 1 1 6 6 . . 9 9 T T r r a a c c e e R R o o u u t t e e Click Diagnostics and click Trace Route to open the web page. This page allows you to trace the routes[...]
-
Page 291
Vigor3200 Series User’s Guide 281 5 A A p p p p l l i i c c a a t t i i o o n n a a n n d d E E x x a a m m p p l l e e s s 5 5 . . 1 1 H H o o w w t t o o C C o o n n f f i i g g u u r r e e M M u u l l t t i i - - S S u u b b n n e e t t By identifying the tagged message, Vigor3200 can divide the LAN Port into several VLAN groups. Such LAN port[...]
-
Page 292
Vigor3200 Series User’s Guide 282 Configuration for Vigor3200 1. In the page of LAN >> VLAN Configuration , check the box of Enab le to enable the function of VLAN Configuration. 2. Untag VLAN0 and set LAN4 as the Subnet . 3. To activate the function of VLAN Tag for VLAN1 setting, check the box of Enable and type the value (10) for VID sett[...]
-
Page 293
Vigor3200 Series User’s Guide 283 After finishing the above configuration, the equipm ent connecting to Vigor3200 LAN Port can get the corresponding IP address of the network segment. The equipment connecting to Vigor3200 LAN Port 1 (LAN1) can get the IP address of 192.168.1.0/2 4. The equipment connecting to Vigor3200 LAN Port 2 (LAN2) can get t[...]
-
Page 294
Vigor3200 Series User’s Guide 284 Configuration for VigorSwitch G2240 1. Open Vlan>>Tag-based Group . 2. Add four VID groups. In this case, we can e xplanation it with Port 15, 16, 17, 18 and Trunk Port 23. VLAN Name 3200-VID10, Port Members = 15 、 23 VLAN Name 3200-VID20, Port Members = 16 、 23 VLAN Name 3200-VID30, Port Members = 17 ?[...]
-
Page 295
Vigor3200 Series User’s Guide 285 4. After finishing the above configuration, the equipment connecting to VigorSwitch Port 15 , 16, 17 and 18 can get the corresponding IP address(es) of the network segment. The equipment connecting to VigorSwitch Port 15 can get the IP address of 192.168.1.0/2 4 The equipment connecting to VigorSwitch Port 16 can[...]
-
Page 296
Vigor3200 Series User’s Guide 286 5 5 . . 2 2 C C r r e e a a t t e e a a L L A A N N - - t t o o - - L L A A N N C C o o n n n n e e c c t t i i o o n n B B e e t t w w e e e e n n R R e e m m o o t t e e O O f f f f i i c c e e a a n n d d H H e e a a d d q q u u a a r r t t e e r r The most common case is that you may want to connect to networ[...]
-
Page 297
Vigor3200 Series User’s Guide 287 3. Go to LAN-to-LAN . Click on one index number to edit a profile. 4. Set Common Settings as shown below. You should enable both of VPN connections because any one of the parties may start the VPN connection.[...]
-
Page 298
Vigor3200 Series User’s Guide 288 5. Set Dial-Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial-Out method. If an IPSec-based service is selected, y ou should further specify the remote peer IP Address, IKE Authentication Method and IPSec Security Method for this Dial-Out connection. If a PPP-based ser[...]
-
Page 299
Vigor3200 Series User’s Guide 289 6. Set Dial-In settings to as shown below to allow Router B dial-in to build VPN connection. If an IPSec-based service i s selected, you may further specify the remote peer IP Address, IKE Authentication Method and I PSec Security Method for this Dial-In connection. Otherwise, it will apply the settings defined i[...]
-
Page 300
Vigor3200 Series User’s Guide 290 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router A can direct the packets destined to the remote network to Router B via the VPN connection. Settings in Router B in the remote office: 1. Go to VPN and Remote Access and select Remote Access Cont rol to enable the necessary VPN[...]
-
Page 301
Vigor3200 Series User’s Guide 291 3. Go to LAN-to-LAN . Click on one index number to edit a profile. 4. Set Common Settings as shown below. You should enable both of VPN connections because any one of the parties may start the VPN connection. 5. Set Dial-Out Settings as shown below to dial to connect to Router B aggressively with the selected Dia[...]
-
Page 302
Vigor3200 Series User’s Guide 292 If a PPP-based service is selected, y ou should further specify the remote peer IP Address, Username, Password, PPP Authentication and VJ Compression for this Dial-Out connection.[...]
-
Page 303
Vigor3200 Series User’s Guide 293 6. Set Dial-In settings to as shown below to allow Router A dial-in to build VPN connection. If an IPSec-based service is selected, y ou may further specify the remote peer IP Address, IKE Authentication Method and I PSec Security Method for this Dial-In connection. Otherwise, it will apply the settings defined i[...]
-
Page 304
Vigor3200 Series User’s Guide 294 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router B can direct the packets destined to the remote network to Router A via the VPN connection. 5 5 . . 3 3 C C r r e e a a t t e e a a R R e e m m o o t t e e D D i i a a l l - - i i n n U U s s e e r r C C o o n n n n e e c c t t[...]
-
Page 305
Vigor3200 Series User’s Guide 295 For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IKE/IPSec General Setup , such as the pre-shar ed key that both parties have known. 3. Go to Remote Dial-In User . Click on one index number to edit a profile. 4. Set Dial-In settings to as shown below to a[...]
-
Page 306
Vigor3200 Series User’s Guide 296 If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Com p ression for this Dial-In connection.[...]
-
Page 307
Vigor3200 Series User’s Guide 297 Settings in the remote host: 1. For Win98/ME, you may use "Dial-up Networking" to create the PPTP tunnel to Vigor router. For Win2000/XP, please use "Network and Dial-up connections" or “Smart VPN Client”, complimentary software to help you create PPTP, L2TP, and L2TP over IPSec tunnel. Yo[...]
-
Page 308
Vigor3200 Series User’s Guide 298 If a PPP-based service is selected, you should fu rther specify the remote VPN server IP address, Username, Password, and encryption method. The User Name and Password should be consistent with the one set up in the VPN router. To use default gateway on remote network means that all the packets of remote host wil[...]
-
Page 309
Vigor3200 Series User’s Guide 299 5 5 . . 4 4 Q Q o o S S S S e e t t t t i i n n g g E E x x a a m m p p l l e e Assume a teleworker someti mes works at hom e and takes care of children. When working time, he would use V igor router at home to connect to the server in the headquarter office downtown via either HTTPS or VPN to check email and acc[...]
-
Page 310
Vigor3200 Series User’s Guide 300 4. Return to previous page. Enter th e Name of Index Class 1 by clicking Edit link. T y pe the name “ E-m ail ” for Class 1. 5. For this index, the user will set reserved bandwidth (e.g., 25%) for E-mail using protocol POP3 and SMTP . 6. Return to previous page. Enter th e Name of Index Class 2 by clicking Ed[...]
-
Page 311
Vigor3200 Series User’s Guide 301 7. Click Setup link for one of the W AN interface. 8. Check Enable UDP Band width Control on the bott om to prevent enormous UDP traf fic of influent other application. Click OK .[...]
-
Page 312
Vigor3200 Series User’s Guide 302 9. If the worker has connected to the headquart er using host to host VPN tunnel. (Please refer to Chapter 3 VPN for detail instruction), he m ay set up an index for it. Enter the Class Name of Index 3. In this index, he will set reserved bandwidth for 1 VPN tunnel. 10. Click Edit to open a new window . 11. Click[...]
-
Page 313
Vigor3200 Series User’s Guide 303 5 5 . . 5 5 U U p p g g r r a a d d e e F F i i r r m m w w a a r r e e f f o o r r Y Y o o u u r r R R o o u u t t e e r r U U s s i i n n g g F F i i r r m m w w a a r r e e U U p p g g r r a a d d e e U U t t i i l l i i t t y y Before upgrading your router firmware, you need to i nstall the Router Tools. The [...]
-
Page 314
Vigor3200 Series User’s Guide 304 5. Double click on the icon of router tool. The setup wizard will appear. 6. Follow the onscreen instructions to install the tool. Finally, click Finish to end the installation. 7. From the Start menu, open Programs and choose Router Tools XXX >> Firmware Upgrade Utility . 8. Type in your router IP, usually[...]
-
Page 315
Vigor3200 Series User’s Guide 305 10. Click Send . 11. Now the firmware update is finished. U U s s i i n n g g W W e e b b P P a a g g e e The web page also can guide you to upgrade firm ware. Note that this example is running over Windows OS (Operating System). 1. Download the newest firmware from DrayTe k's web site or FTP site. The DrayT[...]
-
Page 316
Vigor3200 Series User’s Guide 306 5 5 . . 6 6 R R e e q q u u e e s s t t a a c c e e r r t t i i f f i i c c a a t t e e f f r r o o m m a a C C A A s s e e r r v v e e r r o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r 1. Go to Certificate Management and choose Local Certificate .[...]
-
Page 317
Vigor3200 Series User’s Guide 307 2. You can click GENERATE button to start to edit a certificate request. Enter the information in the certificate request. 3. Copy and save the X509 Local Certificate Requet as a text file and save it for later use. 4. Connect to CA server via web browser. Follo w the instruction to subm it the request. Below we [...]
-
Page 318
Vigor3200 Series User’s Guide 308 Select Advanced request . Select Submit a certificate request a base64 encoded PKCS #10 file or a renewal request using a base64 encoded PKCS #7 file Import the X509 Local Certificate Requet text file. Select Router (Offline request) or IPSec (Offline request) below. Then you have done the request and the ser ver[...]
-
Page 319
Vigor3200 Series User’s Guide 309 you will find the below window showin g “------BEGINE CERTIFICATE------.....” 6. You may review the detail informati on of the certificate by clicking View button.[...]
-
Page 320
Vigor3200 Series User’s Guide 310 5 5 . . 7 7 R R e e q q u u e e s s t t a a C C A A C C e e r r t t i i f f i i c c a a t t e e a a n n d d S S e e t t a a s s T T r r u u s s t t e e d d o o n n W W i i n n d d o o w w s s C C A A S S e e r r v v e e r r 1. Use web browser connecting to the CA server that you would like to retrieve its CA cert[...]
-
Page 321
Vigor3200 Series User’s Guide 311 2. In Choose file to download , click CA Certificate Current and Base 64 encoded, and Download CA certificate to save the .cer. file. 3. Back to Vigor router, go to Trusted CA Certificate . Click IMPORT button and browse the file to import the certificate (.cer file) in to Vigor router. When finished, click refre[...]
-
Page 322
Vigor3200 Series User’s Guide 312 5 5 . . 8 8 C C r r e e a a t t i i n n g g a a n n A A c c c c o o u u n n t t f f o o r r M M y y V V i i g g o o r r The website of MyVigor (a server located on http://myvigor.draytek.com ) provides several useful services (such as Anti-Spam, Web Content Filter, Anti-Intrusion, and etc.) to filter the web page[...]
-
Page 323
Vigor3200 Series User’s Guide 313 4. Check to confirm that you accept the Agreement and click Accept . 5. Type your personal information in this page and then click Continue . 6. Choose proper selection for your computer and click Continue .[...]
-
Page 324
Vigor3200 Series User’s Guide 314 7. Now you have created an account successfully. Click START. 8. Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor.draytek.com . 9. Click the Activate my Account link to enable the account that you created. The following screen will be shown to verify the re gister[...]
-
Page 325
Vigor3200 Series User’s Guide 315 10. When you see the following page, please type in the account and password (that y ou just created) in the fields of UserName and Password . 11. Now, click Login . Your account has been activated. You can access into MyVigor server to activate the service (e.g., WCF) that you want. 5 5 . . 8 8 . . 2 2 C C r r e[...]
-
Page 326
Vigor3200 Series User’s Guide 316 2. Check to confirm that you accept the Agreement and click Accept . 3. Type your personal information in this page and then click Continue . 4. Choose proper selection for your computer and click Continue .[...]
-
Page 327
Vigor3200 Series User’s Guide 317 5. Now you have created an account successfully. Click START. 6. Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor.draytek.com . 7. Click the Activate my Account link to enable the account that you created. The following screen will be shown to verify the re gister[...]
-
Page 328
Vigor3200 Series User’s Guide 318 8. When you see the following page, please type in the account and password (that you just created) in the fields of UserName and Password . Then type the code in the box of Auth Code according to the value displayed on the right side of it. Now, click Login . Your account has been activated. You can access into [...]
-
Page 329
Vigor3200 Series User’s Guide 319 5 5 . . 9 9 H H o o w w c c a a n n I I g g e e t t t t h h e e f f i i l l e e s s f f r r o o m m U U S S B B s s t t o o r r a a g g e e d d e e v v i i c c e e c c o o n n n n e e c c t t i i n n g g t t o o V V i i g g o o r r r r o o u u t t e e r r ? ? Files on USB storage device can be reviewed by opening[...]
-
Page 330
Vigor3200 Series User’s Guide 320 3. Setup a user account for the FTP service by using USB Application >>USB User Management. Click Enable to enable FTP/Samba User account. Here we add a new account "user1" and assign authorities “Read”, “Write” and “List” to it. Click OK to save the configuration. 4. Make sure the FTP[...]
-
Page 331
Vigor3200 Series User’s Guide 321 5. When the following screen appears, it means the FTP service is running properly. 6. Return to USB Application >> USB Disk Status . The information for FTP server will be shown as below. 7. Now, users in LAN of Vigor3200 can access into the USB storage device by typing ftp://192.168.1.1 on any browser . T[...]
-
Page 332
Vigor3200 Series User’s Guide 322 5 5 . . 1 1 0 0 V V P P N N T T r r u u n n k k L L o o a a d d - - B B a a l l a a n n c c e e b b e e t t w w e e e e n n V V i i g g o o r r 3 3 2 2 0 0 0 0 a a n n d d O O t t h h e e r r V V i i g g o o r r R R o o u u t t e e r r This section will discuss how to build VPN Tr unk with load-balance between Vi[...]
-
Page 333
Vigor3200 Series User’s Guide 323 Settings for Vigor 3200: 1. Open VPN and Remote Access>>>LAN to LAN . Choose Index number 1 for configuring a VPN LAN to LAN profile. 2. In the following page, please configure the settings as the following figure.[...]
-
Page 334
Vigor3200 Series User’s Guide 324 3. Click OK to save the configuration and return to previous page. Choose Index num ber 2 for configuring another VPN LAN to LAN profile. 4. In this page, please configure the settings as the following figure.[...]
-
Page 335
Vigor3200 Series User’s Guide 325 5. Click OK to save the configuration. 6. Open VPN and Remote Access>>VPN TRUNK Management . Add these VPN profiles to the VPN Trunk and set Load Balance as the Attribute Mode . 7. Click Advanced for specifying Load Balance Algorithm .[...]
-
Page 336
Vigor3200 Series User’s Guide 326 8. When the VPN trunk is successfully connected , you may check the connection status by viewing the page of VPN and Remote Access >>Connection Management . Transferred packets (Tx Pkts) will keep increasing through bot h tunnels when outgoing packets sent to the remote VPN network. Settings for Vigor3300: [...]
-
Page 337
Vigor3200 Series User’s Guide 327 2. In this page, please configure the settings as the following figure. 3. Click Apply to save the configuration and return to previous page. Choose Index 2 for configuring another VPN Trunk policy. 4. In this page, please configure the settings as the following figure.[...]
-
Page 338
Vigor3200 Series User’s Guide 328 5. Click Apply to save the configuration. 6. Open VPN>>VPN Trunk>>Group Table to group these two VPN policies. 7. Choose Index 1 and click Edit . Add these two VPN profiles (wan1 and wan2) to a VPN Trunk. Now, one-pair VPN trunk between Vigor3200 (192.168.1. 0/24) and Vigor3300 (192.168.33.0/24) has b[...]
-
Page 339
Vigor3200 Series User’s Guide 329 S S c c e e n n a a r r i i o o 2 2 : : T T w w o o - - p p a a i i r r V V P P N N T T r r u u n n k k Vigor3200 as VPN client (dial out site) LAN: 192.168.1.0/24 WAN 1 IP: 202.211.110.30 (My GRE IP, 10.0.0. 1, Peer GRE IP, 10.0.0.2) WAN 2 IP: 202.211.120.30 (My GRE IP, 10.0.0. 3, Peer GRE IP, 10.0.0.4) WAN 3 IP[...]
-
Page 340
Vigor3200 Series User’s Guide 330 3. Open VPN and Remote Access>>VPN TRUNK Management . Add these VPN profiles to the VPN Trunk and set Load Balance as the Attribute Mode . Setting configuration is the same as Scenario 1. Profile 1 and Profile 2 are one pair; Profile 3 and Profile 4 are the other pair. 4. When the VPN trunk is successfully [...]
-
Page 341
Vigor3200 Series User’s Guide 331 Settings for Vigor3300: 1. Open Advanced>>LAN VLAN . Choose the tab of 802.1Q VLAN . Configure the settings as the following figure. 2. Next, open Network>>LAN . Set two LAN subnet: LAN1 192.168.33.0/24 and LAN2 192.168.10.0/ 24. 3. Click Apply . 4. Open VPN>>IPSec>>VPN Trunk>>Policy[...]
-
Page 342
Vigor3200 Series User’s Guide 332 to configure the setting is the same as Scenario 1. 5. Open VPN>>VPN Trunk>>Group Table to group these VPN policies. Group two VPN policies as the following figure and then click Apply . The way to configure the setting is the same as Scenario 1. Now, two-pair VPN trunk between Vigor3200 (192.168.1. 0[...]
-
Page 343
Vigor3200 Series User’s Guide 333 T T r r o o u u b b l l e e S S h h o o o o t t i i n n g g This section will guide you to solve abnormal s ituations if you cannot access into the Internet after installing the router and finishing the we b configuration. Please follow sections below to check your basic installation status stage by stage. z Chec[...]
-
Page 344
Vigor3200 Series User’s Guide 334 6 6 . . 2 2 C C h h e e c c k k i i n n g g I I f f t t h h e e N N e e t t w w o o r r k k C C o o n n n n e e c c t t i i o o n n S S e e t t t t i i n n g g s s o o n n Y Y o o u u r r C C o o m m p p u u t t e e r r I I s s O O K K o o r r N N o o t t Sometimes the link failure occurs due to the wrong network[...]
-
Page 345
Vigor3200 Series User’s Guide 335 4. Select Obtain an IP address automatically and Obtain DNS server address automatically . F F o o r r M M a a c c O O S S 1. Double click on the current used Mac OS on the desktop. 2. Open the Application folder and get into Network . 3. On the Network screen, select Using DHCP from the drop down list of Configu[...]
-
Page 346
Vigor3200 Series User’s Guide 336 6 6 . . 3 3 P P i i n n g g i i n n g g t t h h e e R R o o u u t t e e r r f f r r o o m m Y Y o o u u r r C C o o m m p p u u t t e e r r The default gateway IP address of the router is 192.168.1.1. For some reason, you might need to use “ping” command to check the link status of the router. The most import[...]
-
Page 347
Vigor3200 Series User’s Guide 337 6 6 . . 4 4 C C h h e e c c k k i i n n g g I I f f t t h h e e I I S S P P S S e e t t t t i i n n g g s s a a r r e e O O K K o o r r N N o o t t Open WAN >> Internet Access page and then check whether the ISP settings are set correctly. Click Details Page of each WAN interface to review the settings that[...]
-
Page 348
Vigor3200 Series User’s Guide 338 6 6 . . 5 5 P P r r o o b b l l e e m m s s f f o o r r 3 3 G G N N e e t t w w o o r r k k C C o o n n n n e e c c t t i i o o n n When you have trouble in using 3G network transm ission, please check the following: C C h h e e c c k k i i f f U U S S B B L L E E D D l l i i g g h h t t s s o o n n o o r r o o f[...]
-
Page 349
Vigor3200 Series User’s Guide 339 S S o o f f t t w w a a r r e e R R e e s s e e t t You can reset the router to factory default via Web page. Such function is available in Admin Mode only. Go to System Maintenance and choose Reboot System on the web page. The following screen will appear. Choose Using factory default configuration and click OK [...]