Vigor2950 Series User’s Guide 90 Start Date (yyyy-mm-dd) Specify the starting date of the schedule. Start Time (hh:mm) Specify the starting time
Vigor2950 Series User’s Guide 9133..88..33 RRAADDIIUUSS//LLDDAAPP Remote Authentication Dial-In User Service (RADIUS) is a security authentication
Vigor2950 Series User’s Guide 92 Common Name Identifier Type or edit the common name identifier for the LDAP server. The common name identifier for
Vigor2950 Series User’s Guide 93The UPnP facility on the router enables UPnP aware applications such as MSN Messenger to discover what are behind a N
Vigor2950 Series User’s Guide 94 Wake by Two types provide for you to wake up the binded IP. If you choose Wake by MAC Address, you have to type th
Vigor2950 Series User’s Guide 9533..99 VVPPNN aanndd RReemmoottee AAcccceessss A Virtual Private Network (VPN) is the extension of a private net
Vigor2950 Series User’s Guide 96 Please choose a LAN-to-LAN Profile There are 32 VPN profiles for users to set. When you finish the mode and prof
Vigor2950 Series User’s Guide 97the choices for the client profile, please click Next. You will see different configurations based on the selection(s
Vigor2950 Series User’s Guide 98 z When you choose L2TP over IPSec (Nice to Have), you will see the following graphic: z When you choose L2TP o
Vigor2950 Series User’s Guide 99 Profile Name Type a name for such profile. The length of the file is limited to 10 characters. VPN Dial-Out Thr
Vigor2950 Series User’s Guide 11 PPrreeffaaccee The Vigor2950 series router provides Dual-WAN interface (which is a configuration second WAN) for I
Vigor2950 Series User’s Guide 100such as L2TP over IPSec and IPSec tunnel. Pre-Shared Key- Specify a key for IKE authentication Confirm Pre-Shared
Vigor2950 Series User’s Guide 101 Go to the VPN Connection Management Click this radio button to access VPN and Remote Access>>Connection Manag
Vigor2950 Series User’s Guide 102Selection Site to Site VPN/Remote Dial-in User – To set a LAN-to-LAN profile automatically, please choose Site to Si
Vigor2950 Series User’s Guide 103page. After making the choices for the server profile, please click Next. You will see different configurations base
Vigor2950 Series User’s Guide 104 Profile Name Type a name for such profile. The length of the file is limited to 10 characters. User Name This
Vigor2950 Series User’s Guide 105Remote Network IP Please type one LAN IP address (according to the real location of the remote host) for building V
Vigor2950 Series User’s Guide 106 The Vigor router will not accept the ISDN dial-in connection if the box of Enable ISDN Dial-in is not checked. 33..
Vigor2950 Series User’s Guide 107use 40-bit to perform encryption prior to using 128-bit for encryption. In other words, if 128-bit MPPE encryption m
Vigor2950 Series User’s Guide 108 IKE Authentication Method This usually applies to those are remote dial-in user or node (LAN-to-LAN) which uses d
Vigor2950 Series User’s Guide 10933..99..66 IIPPSSeecc PPeeeerr IIddeennttiittyy To use digital certificate for peer authentication in either LAN
Vigor2950 Series User’s Guide 2 11..22..11 FFoorr VViiggoorr22995500 LED Status Explanation Blinking The router is powered on and running norm
Vigor2950 Series User’s Guide 110 Profile Name Type in a name in this file. Accept Any Peer ID Click to accept any peer regardless of its identity.
Vigor2950 Series User’s Guide 11133..99..77 RReemmoottee DDiiaall--iinn UUsseerr You can manage remote access by maintaining a table of remote us
Vigor2950 Series User’s Guide 112 Enable this account Check the box to enable this function. Idle Timeout- If the dial-in user is idle over the limi
Vigor2950 Series User’s Guide 113SSL Tunnel It allows the remote dial-in user to make an SSL VPN Tunnel connection through Internet, suitable for th
Vigor2950 Series User’s Guide 114VPN>> SSL Web Proxy to set profiles. If you have set several profiles beforehand, you can check SSL Web Pro
Vigor2950 Series User’s Guide 115remote node. The only exception is Digital Signature (X.509) can be set when you select IPSec tunnel either with or
Vigor2950 Series User’s Guide 11633..99..88 LLAANN ttoo LLAANN Here you can manage LAN-to-LAN connections by maintaining a table of connection pr
Vigor2950 Series User’s Guide 117 Profile Name Specify a name for the profile of the LAN-to-LAN connection. Enable this profile Check here to activ
Vigor2950 Series User’s Guide 118WAN2 First - While connecting, the router will use WAN2 as the first channel for VPN connection. If WAN2 fails, the
Vigor2950 Series User’s Guide 119further set up Callback (CBCP) function below. This feature is useful for i model only. PPTP Build a PPTP VPN conne
Vigor2950 Series User’s Guide 311..22..22 FFoorr VViiggoorr22995500GG LED Status Explanation Blinking The router is powered on and running nor
Vigor2950 Series User’s Guide 120authenticated, but not be encrypted. By default, this option is active. High (ESP-Encapsulating Security Payload)- m
Vigor2950 Series User’s Guide 121 IKE phase 2 proposal-To propose the local available algorithms to the VPN peers, and get its feedback to find a mat
Vigor2950 Series User’s Guide 122here to allow the Vigor router to send the ISDN number to the remote router. This feature is useful for i model only
Vigor2950 Series User’s Guide 123None - Do not apply the IPSec policy. Accordingly, the VPN connection employed the L2TP without IPSec policy can be
Vigor2950 Series User’s Guide 124Callback number-The option is for extra security. Once enabled, the router will ONLY call back to the specified Call
Vigor2950 Series User’s Guide 125find there are several subnets behind the remote VPN router. RIP Direction - The option specifies the direction o
Vigor2950 Series User’s Guide 126¾ Specific ERD (Environment Recovery Detection) mechanism which can be operated by using Telnet command VPN TRUNK
Vigor2950 Series User’s Guide 127 Backup Profile List Set to Factory Default - Click to clear all VPN TRUNK-VPN Backup mechanism profile. No -The
Vigor2950 Series User’s Guide 128Advanced – This button is only available when there is one profile (or more) created in this page. Detailed informa
Vigor2950 Series User’s Guide 129 Detailed information for this dialog, see later section - Advanced Load Balance and Backup. General Setup Status
Vigor2950 Series User’s Guide 4 11..22..33 FFoorr VViiggoorr22995500ii LED Status Explanation Blinking The router is powered on and running no
Vigor2950 Series User’s Guide 130Delete Click this button to delete the selected VPN TRUNK profile. The corresponding members (LAN-to-LAN profiles)
Vigor2950 Series User’s Guide 131expressed in black. HHooww ccaann yyoouu sseett aa GGRREE oovveerr IIPPSSeecc pprrooffiillee?? 1. Please
Vigor2950 Series User’s Guide 132AAddvvaanncceedd LLooaadd BBaallaannccee aanndd BBaacckkuupp After setting profiles for load balance, you can c
Vigor2950 Series User’s Guide 133binding tunnel table. Tunnel Bind Table Index- 400 binding tunnel tables are provided by this device. Choose any one
Vigor2950 Series User’s Guide 134Detail Information This field will display detailed information for Binding Tunnel Policy. Below shows a successful
Vigor2950 Series User’s Guide 135periodically and type the value for it (the unit is second). If VPN server for Member 1 has completed the network co
Vigor2950 Series User’s Guide 13633..99..1100 CCoonnnneeccttiioonn MMaannaaggeemmeenntt You can find the summary table of all VPN connections. You
Vigor2950 Series User’s Guide 137VPN Load Balance function. Dial Click this button to execute dial out function under General Mode, Backup Mode or
Vigor2950 Series User’s Guide 138GENERATE Click this button to open Generate Certificate Signing Request window. Type in all the information that the
Vigor2950 Series User’s Guide 139IMPORT Vigor router allows you to generate a certificate request and submit it the CA server, then import it as “Loc
Vigor2950 Series User’s Guide 511..22..44 FFoorr VViiggoorr22995500GGii LED Status Explanation Blinking The router is powered on and running n
Vigor2950 Series User’s Guide 140Upload Certificate and Private Key It is useful when users have separated certificates and private keys. And the pas
Vigor2950 Series User’s Guide 141imported will be listed on the Trusted CA Certificate window. Then click Import to use the pre-saved file. For view
Vigor2950 Series User’s Guide 14233..1100..33 CCeerrttiiffiiccaattee BBaacckkuupp Local certificate and Trusted CA certificate for this router can
Vigor2950 Series User’s Guide 14333..1111..22 GGeenneerraall SSeettttiinnggss This web page allows you to enable wireless LAN function. ISDN Port
Vigor2950 Series User’s Guide 14433..1111..33 DDiiaall ttoo aa SSiinnggllee IISSPP//DDiiaall ttoo DDuuaall IISSPPss Select Dialing to a Sing
Vigor2950 Series User’s Guide 145IP Address Assignment Method (IPCP) In most environments, you should not change these settings as most ISPs provide
Vigor2950 Series User’s Guide 146Primary ISP Setup ISP Name - Enter your ISP name. Dial Number -Enter the ISDN access number provided by your ISP. U
Vigor2950 Series User’s Guide 147 33..1111..44 VViirrttuuaall TTAA Virtual TA means the local hosts or PCs in the network that uses popular CAPI-b
Vigor2950 Series User’s Guide 148z The Virtual TA client only supports the CAPI 2.0 protocol and has no built-in FAX engine. z One ISDN BRI interf
Vigor2950 Series User’s Guide 149CCoonnffiigguurree aa VViirrttuuaall TTAA CClliieenntt// SSeerrvveerr Since the Virtual TA application is a cl
Vigor2950 Series User’s Guide 6 11..33 HHaarrddwwaarree IInnssttaallllaattiioonn Before starting to configure the router, you have to connect you
Vigor2950 Series User’s Guide 150Suppose that you could assign the MSN number 123 to the client “alan”. Type the specified MSN number in the CAPI-ba
Vigor2950 Series User’s Guide 151Note that Dialing to a Single ISP should be pre-configured properly. Basic Setup Link Type - Because ISDN has two B
Vigor2950 Series User’s Guide 15233..1122 WWiirreelleessss LLAANN This function is used for G models only. 33..1122..11 BBaassiicc CCoonncceeppt
Vigor2950 Series User’s Guide 153WEP (Wired Equivalent Privacy) is a legacy method to encrypt each frame transmitted via radio using either a 64-bit
Vigor2950 Series User’s Guide 154Separate the Wireless and the Wired LAN- WLAN Isolation enables you to isolate your wireless LAN from wired LAN for
Vigor2950 Series User’s Guide 15511b only - The radio only supports IEEE802.11b. Index(1-15) Set the wireless LAN to work at certain time interval
Vigor2950 Series User’s Guide 15633..1122..33 SSeeccuurriittyy By clicking the Security Settings, a new web page will appear so that you could conf
Vigor2950 Series User’s Guide 157either Mixed or WPA2 only in the field below. Since the key will be auto-negotiated during authentication, the field
Vigor2950 Series User’s Guide 15833..1122..44 AAcccceessss CCoonnttrrooll For additional security of wireless access, the Access Control facility
Vigor2950 Series User’s Guide 15933..1122..55 WWDDSS WDS means Wireless Distribution System. It is a protocol for connecting two access points (AP)
Vigor2950 Series User’s Guide 72 CCoonnffiigguurriinngg BBaassiicc SSeettttiinnggss For use the router properly, it is necessary for you to chang
Vigor2950 Series User’s Guide 160In the following examples, hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through
Vigor2950 Series User’s Guide 161Security There are three types for security, Disable, WEP and Pre-shared key. The setting you choose here will make
Vigor2950 Series User’s Guide 162 If you want the found AP applying the WDS settings, please type in the AP’s MAC address on the bottom of the page a
Vigor2950 Series User’s Guide 16333..1122..88 SSttaattiioonn RRaattee CCoonnttrrooll This page allows you to control the upload and download rate
Vigor2950 Series User’s Guide 164 Enable Check this box to enable this function (for VLAN Configuration). P1 – P4 Check the box to make the compute
Vigor2950 Series User’s Guide 165 The VLAN >> Wireless VALN allows you to configure Wireless VLAN settings through wireless connection to achie
Vigor2950 Series User’s Guide 166Details Click this button to set additional attributes settings for W_VLAN. Activated Date – Use the drop down lis
Vigor2950 Series User’s Guide 1674. When the accessing is successful, the following screen will appear. Note: The floating window with connection
Vigor2950 Series User’s Guide 16833..1133..33 VVLLAANN CCrroossss SSeettuupp This function allows the router to integrate VLAN and W_VLAN for man
Vigor2950 Series User’s Guide 169Enable Check this box to invoke VLAN Cross Setup function. VLAN0-3 It represents the groups of virtual LAN connect
Vigor2950 Series User’s Guide 8 3. Now, the Main Screen will pop up. Home Page for Vigor2950 Series 4. 4Go to System Maintenance page and choose
Vigor2950 Series User’s Guide 17033..1144 SSSSLL VVPPNN An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be u
Vigor2950 Series User’s Guide 17133..1144..22 SSSSLL WWeebb PPrrooxxyy SSL Web Proxy will allow the remote users to access the internal web sites
Vigor2950 Series User’s Guide 172SSL – if you choose such selection, web proxy over SSL will be applied for VPN. 33..1144..33 SSSSLL AApppplliiccaa
Vigor2950 Series User’s Guide 173 Different application type will lead different web pages. Refer to the following: z Virtual Network Computing – Ch
Vigor2950 Series User’s Guide 174z Samba Application - Any remote user can upload/download/delete certain files on a local samba server through web
Vigor2950 Series User’s Guide 175 However, if you have set several SSL Web Proxy Profiles in SSL VPN>> SSL Web Proxy web page: The SSL Web P
Vigor2950 Series User’s Guide 17633..1144..55 OOnnlliinnee UUsseerr SSttaattuuss If you have finished the configuration of SSL Web Proxy (server)
Vigor2950 Series User’s Guide 17733..1155..11 SSyysstteemm SSttaattuuss The System Status provides basic network settings of Vigor router. It incl
Vigor2950 Series User’s Guide 178Wireless LAN --- MAC Address Display the MAC address of the wireless LAN. Frequency Domain It can be Europe (13
Vigor2950 Series User’s Guide 179set URL as the following and type username and password for VigorACS server: http://{IP address of VigorACS}:8080/AC
Vigor2950 Series User’s Guide 922..22 QQuuiicckk SSttaarrtt WWiizzaarrdd If your router can be under an environment with high speed NAT, the conf
Vigor2950 Series User’s Guide 18033..1155..33 AAddmmiinniissttrraattoorr PPaasssswwoorrdd This page allows you to set new password. Old Password
Vigor2950 Series User’s Guide 181 3. In Save As dialog, the default filename is config.cfg. You could give it another name by yourself. 4. Click S
Vigor2950 Series User’s Guide 182RReessttoorree CCoonnffiigguurraattiioonn 1. Go to System Maintenance >> Configuration Backup. The followin
Vigor2950 Series User’s Guide 183Mail To Assign a mail address for sending mails out. Return-Path Assign a path for receiving the mail from outside
Vigor2950 Series User’s Guide 18433..1155..66 TTiimmee aanndd DDaattee It allows you to specify where the time of the router should be inquired f
Vigor2950 Series User’s Guide 18533..1155..77 MMaannaaggeemmeenntt This page allows you to manage the settings for access control, access list, por
Vigor2950 Series User’s Guide 186Set Community Set community by typing a proper name. The default setting is private. Manager Host IP Set one host
Vigor2950 Series User’s Guide 18733..1155..99 FFiirrmmwwaarree UUppggrraaddee Before upgrading your router firmware, you need to install the Rou
Vigor2950 Series User’s Guide 18833..1166 DDiiaaggnnoossttiiccss Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor
Vigor2950 Series User’s Guide 18933..1166..22 RRoouuttiinngg TTaabbllee Click Diagnostics and click Routing Table to open the web page. Refresh
Vigor2950 Series User’s Guide ii
Vigor2950 Series User’s Guide 10 In the Quick Start Wizard, you can configure the router to access the Internet with different protocol/modes such a
Vigor2950 Series User’s Guide 19033..1166..44 DDHHCCPP TTaabbllee The facility provides information on IP address assignments. This information is
Vigor2950 Series User’s Guide 191#Pseudo Port It indicates the temporary port of the router used for NAT. Peer IP:Port It indicates the destination
Vigor2950 Series User’s Guide 19233..1166..77 DDaattaa FFllooww MMoonniittoorr This page displays the running procedure for the IP address moni
Vigor2950 Series User’s Guide 193TX rate (kbps) Display the transmission speed of the monitored device. RX rate (kbps) Display the receiving speed
Vigor2950 Series User’s Guide 194 The horizontal axis represents time. Yet the vertical axis has different meanings. For WAN1/WAN2 Bandwidth chart, t
Vigor2950 Series User’s Guide 19533..1166..99 PPiinngg DDiiaaggnnoossiiss Click Diagnostics and click Ping Diagnosis to pen the web page. Ping
Vigor2950 Series User’s Guide 19633..1166..1100 TTrraaccee RRoouuttee Click Diagnostics and click Trace Route to open the web page. This page allo
Vigor2950 Series User’s Guide 19733..1177 SSuuppppoorrtt AArreeaa When you click the menu item under Support Area, you will be guided to visit www
Vigor2950 Series User’s Guide 198
Vigor2950 Series User’s Guide 1994 AApppplliiccaattiioonn aanndd EExxaammpplleess 44..11 CCrreeaattee aa LLAANN--ttoo--LLAANN CCoonnnneecctti
Vigor2950 Series User’s Guide 11Password Assign a valid password provided by the ISP. Confirm Password Retype the password to confirm it. Click N
Vigor2950 Series User’s Guide 200 For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IPSec G
Vigor2950 Series User’s Guide 201connection. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username,
Vigor2950 Series User’s Guide 202connection. Otherwise, it will apply the settings defined in IPSec General Setup above. If a PPP-based service is
Vigor2950 Series User’s Guide 203 Settings in Router B in the remote office: 1. Go to VPN and Remote Access and select Remote Access Control to ena
Vigor2950 Series User’s Guide 2043. Go to LAN-to-LAN. Click on one index number to edit a profile. 4. Set Common Settings as shown below. You shoul
Vigor2950 Series User’s Guide 205Dial-Out connection. 6. Set Dial-In settings to as shown below to allow Router A dial-in to build VPN connection.
Vigor2950 Series User’s Guide 206 7. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router B can direct the packets d
Vigor2950 Series User’s Guide 20744..22 CCrreeaattee aa RReemmoottee DDiiaall--iinn UUsseerr CCoonnnneeccttiioonn BBeettwweeeenn tthhee TTee
Vigor2950 Series User’s Guide 208 3. Go to Remote Dial-In Users. Click on one index number to edit a profile. 4. Set Dial-In settings to as shown
Vigor2950 Series User’s Guide 209 Settings in the remote host: 1. For Win98/ME, you may use "Dial-up Networking" to create the PPTP tunnel
Vigor2950 Series User’s Guide 12 22..22..22 PPPPTTPP Click PPTP as the protocol. Type in all the information that your ISP provides for this protoc
Vigor2950 Series User’s Guide 210 You may further specify the method you use to get IP, the security method, and authentication method. If the Pre-S
Vigor2950 Series User’s Guide 211 4. Click Connect button to build connection. When the connection is successful, you will find a green light on th
Vigor2950 Series User’s Guide 2123. Enter the Name of Index Class 2 by clicking Edit link. In this index, the user will set reserve bandwidth for HT
Vigor2950 Series User’s Guide 21344..44 LLAANN –– CCrreeaatteedd bbyy UUssiinngg NNAATT An example of default setting and the corresponding de
Vigor2950 Series User’s Guide 214 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage.
Vigor2950 Series User’s Guide 21544..55 UUppggrraaddee FFiirrmmwwaarree ffoorr YYoouurr RRoouutteerr Before upgrading your router firmware, you
Vigor2950 Series User’s Guide 2165. Double click on the router tool icon. The setup wizard will appear. 6. Follow the onscreen instructions to i
Vigor2950 Series User’s Guide 21710. Click Send. 11. Now the firmware update is finished. 44..66 RReeqquueesstt aa cceerrttiiffiiccaattee ffrro
Vigor2950 Series User’s Guide 2181. Go to Certificate Management and choose Local Certificate. 2. You can click GENERATE button to start to edit
Vigor2950 Series User’s Guide 2194. Connect to CA server via web browser. Follow the instruction to submit the request. Below we take a Windows 2000
Vigor2950 Series User’s Guide 1322..22..33 LL22TTPP Click L2TP as the protocol. Type in all the information that your ISP provides for this protoco
Vigor2950 Series User’s Guide 220 Then you have done the request and the server now issues you a certificate. Select Base 64 encoded certificate and
Vigor2950 Series User’s Guide 22144..77 RReeqquueesstt aa CCAA CCeerrttiiffiiccaattee aanndd SSeett aass TTrruusstteedd oonn WWiinnddoowwss
Vigor2950 Series User’s Guide 2222. In Choose file to download, click CA Certificate Current and Base 64 encoded, and Download CA certificate to sav
Vigor2950 Series User’s Guide 22344..88 EERRDD MMeecchhaanniissmm ffoorr VVPPNN TTRRUUNNKK To use ERD (Environment Recovery Detection) mechanis
Vigor2950 Series User’s Guide 224When VPN connection breaks down, Member1 is a top priority for the system to do VPN connection again. Request Back
Vigor2950 Series User’s Guide 22544..99 VVPPNN LLooaadd BBaallaannccee AApppplliiccaattiioonn Here provides two situations that you can take adv
Vigor2950 Series User’s Guide 226¾ Finish Member2 LAN-to-LAN Dial out Profile with GRE over IPSec configuration. Check Enable IPSec Dial-Out functio
Vigor2950 Series User’s Guide 227(3) Dialing from VPN Client site
Vigor2950 Series User’s Guide 228 This page is left blank.
Vigor2950 Series User’s Guide 2295 TTrroouubbllee SShhoooottiinngg This section will guide you to solve abnormal situations if you cannot access i
Vigor2950 Series User’s Guide 14 22..22..44 SSttaattiicc IIPP Click Static IP as the protocol. Type in all the information that your ISP provides
Vigor2950 Series User’s Guide 230FFoorr WWiinnddoowwss The example is based on Windows XP. As to the examples for other operation systems, please
Vigor2950 Series User’s Guide 2314. Select Obtain an IP address automatically and Obtain DNS server address automatically. FFoorr MMaaccOOss 1.
Vigor2950 Series User’s Guide 23255..33 PPiinnggiinngg tthhee RRoouutteerr ffrroomm YYoouurr CCoommppuutteerr The default gateway IP address o
Vigor2950 Series User’s Guide 233
Vigor2950 Series User’s Guide 23455..44 CChheecckkiinngg IIff tthhee IISSPP SSeettttiinnggss aarree OOKK oorr NNoott Click WAN>> Inte
Vigor2950 Series User’s Guide 235 FFoorr PPPPTTPP//LL22TTPP UUsseerrss 1. Check if the Enable option for PPTP Link is selected. 2. Check if S
Vigor2950 Series User’s Guide 23655..55 BBaacckkiinngg ttoo FFaaccttoorryy DDeeffaauulltt SSeettttiinngg IIff NNeecceessssaarryy Sometimes, a
Vigor2950 Series User’s Guide 23755..66 CCoonnttaaccttiinngg YYoouurr DDeeaalleerr If the router still cannot work correctly after trying many ef
Vigor2950 Series User’s Guide 1522..22..55 DDHHCCPP Click DHCP as the protocol. Type in all the information that your ISP provides for this protoco
Vigor2950 Series User’s Guide 16 22..33 OOnnlliinnee SSttaattuuss The online status shows the system status, WAN status, ADSL Information and ot
Vigor2950 Series User’s Guide 17Online status for DHCP Detailed explanation is shown below: Primary DNS Display the IP address of the primary DNS.
Vigor2950 Series User’s Guide 18 Drop B1/B2 Allows you to drop B1 or B2 connection. Note: The words in green mean that the WAN connection of that in
Vigor2950 Series User’s Guide 193AAddvvaanncceedd WWeebb CCoonnffiigguurraattiioonn After finished basic configuration of the router, you can acce
Vigor2950 Series User’s Guide iii Vigor2950 Series Dual-WAN SSL VPN Appliance User’s Guide Version: 4.1 Date: 30/10/2009 Copyright 2
Vigor2950 Series User’s Guide 20 Below shows the menu items for Internet Access. 33..11..22 GGeenneerraall SSeettuupp This section will introduce
Vigor2950 Series User’s Guide 21Physical Type You can change the physical type for WAN2 or choose Auto negotiation for determined by the system. Lo
Vigor2950 Series User’s Guide 22 33..11..33 IInntteerrnneett AAcccceessss For the router supports dual WAN function, the users can set different W
Vigor2950 Series User’s Guide 23DDeettaaiillss PPaaggee ffoorr PPPPPPooEE To use PPPoE as the accessing protocol of the internet, please choose I
Vigor2950 Series User’s Guide 24 Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (T
Vigor2950 Series User’s Guide 25DDeettaaiillss PPaaggee ffoorr SSttaattiicc oorr DDyynnaammiicc IIPP For static IP mode, you usually receive a
Vigor2950 Series User’s Guide 26 PING Interval - Enter the interval for the system to execute the PING operation. WAN Connection Detection Such funct
Vigor2950 Series User’s Guide 27Gateway IP Address: Type the gateway IP address. Default MAC Address : Click this radio button to use default MAC add
Vigor2950 Series User’s Guide 28 DDeettaaiillss PPaaggee ffoorr PPPPTTPP//LL22TTPP To use PPTP/L2TP as the accessing protocol of the internet, pl
Vigor2950 Series User’s Guide 29MTU Mean maximum transmission unit of one packet. The default value is 1442. PPP Setup PPP Authentication - Select
Vigor2950 Series User’s Guide iv Copyright Information Copyright Declarations Copyright 2009 All rights reserved. This publication contains informat
Vigor2950 Series User’s Guide 30 IP Address – Type the IP address. Subnet Mask – Type the subnet mask. 33..11..44 LLooaadd--BBaallaannccee PPoollii
Vigor2950 Series User’s Guide 31Dest Port End Display the IP address for the end of the destination port. Move UP/Move Down Use Up or Down link to
Vigor2950 Series User’s Guide 32 Dest Port End Type the destination port end for the destination IP. If this field is blank, it means that all the d
Vigor2950 Series User’s Guide 33 WWhhaatt iiss RRoouuttiinngg IInnffoorrmmaattiioonn PPrroottooccooll ((RRIIPP)) Vigor router will exchange rou
Vigor2950 Series User’s Guide 34 33..22..22 GGeenneerraall SSeettuupp This page provides you the general settings for LAN. Click LAN to open the L
Vigor2950 Series User’s Guide 35 Start IP Address: Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses.
Vigor2950 Series User’s Guide 36 of the router, which means the router is the default gateway. DHCP Server IP Address for Relay Agent - Set the IP ad
Vigor2950 Series User’s Guide 37Index The number (1 to 10) under Index allows you to open next page to set up static route. Destination Address
Vigor2950 Series User’s Guide 38 Note: There are two reasons that we have to apply RIP Protocol Control on 1st Subnet. The first is that the LAN inte
Vigor2950 Series User’s Guide 3933..22..44 VVLLAANN PCs connected to Ethernet ports of the router can be divided into different groups and formed V
Vigor2950 Series User’s Guide vEuropean Community Declarations Manufacturer: DrayTek Corp. Address: No. 26, Fu Shing Road, HuKou Township, HsinCh
Vigor2950 Series User’s Guide 40 33..22..55 BBiinndd IIPP ttoo MMAACC This function is used to bind the IP and MAC address in LAN to have a stre
Vigor2950 Series User’s Guide 41Add It allows you to add the one you choose from the ARP table or the IP/MAC address typed in Add and Edit to the ta
Vigor2950 Series User’s Guide 42 33..33..11 PPoorrtt RReeddiirreeccttiioonn Port Redirection is usually set up for server related service inside t
Vigor2950 Series User’s Guide 43 Enable Check this box to enable such port redirection setting. Mode Two options (Single and Range) are provided he
Vigor2950 Series User’s Guide 44 33..33..22 DDMMZZ HHoosstt As mentioned above, Port Redirection can redirect incoming TCP/UDP or other traffic o
Vigor2950 Series User’s Guide 45 For WAN 1 WAN Selection In WAN 1, DMZ host can be specified with Private IP or Active True IP. Choose the one you w
Vigor2950 Series User’s Guide 46 save the setting. For WAN 2 Click WAN2 tab to open the following page: Enable Check to enable the DMZ Host functi
Vigor2950 Series User’s Guide 47save the setting. Note: If you previously have set up WAN Alias in Internet Access>>PPPoE/Static IP/PPTP, you
Vigor2950 Series User’s Guide 48 33..33..33 OOppeenn PPoorrttss Open Ports allows you to open a range of ports for the traffic of special applicat
Vigor2950 Series User’s Guide 49 Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. W
Vigor2950 Series User’s Guide vi TTaabbllee ooff CCoonntteennttss 1 Preface ...
Vigor2950 Series User’s Guide 50 33..33..44 AAddddrreessss MMaappppiinngg This page is used to map specific private IP to specific WAN IP alias. I
Vigor2950 Series User’s Guide 51Protocol Specify the transport layer protocol. It could be TCP, UDP, or ALL for selection. WAN Interface Specify
Vigor2950 Series User’s Guide 52 The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic r
Vigor2950 Series User’s Guide 53The below shows the attack types that DoS/DDoS defense function can detect: 1. SYN flood attack 2. UDP flood attack 3
Vigor2950 Series User’s Guide 54 APP Enforcement Select one of the APP Enforcement Profile settings (created in CSM>> APP Enforcement Profile)
Vigor2950 Series User’s Guide 55Move Up/Down Use Up or Down link to move the order of the filter rules. Next Filter Set Set the link to the next fil
Vigor2950 Series User’s Guide 56 To set the IP address manually, please choose Any Address/Single Address/Range Address/Subnet Address as the Addre
Vigor2950 Series User’s Guide 57choose Group and Objects as the Service Type. Protocol - Specify the protocol(s) which this filter rule will apply t
Vigor2950 Series User’s Guide 58 EExxaammppllee As stated before, all the traffic will be separated and arbitrated using on of two IP filters: call
Vigor2950 Series User’s Guide 5933..44..44 DDooSS DDeeffeennssee As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defen
Vigor2950 Series User’s Guide vii3.4.2 General Setup...
Vigor2950 Series User’s Guide 60 port-scanning Threshold rate, the Vigor router will send out a warning. By default, the Vigor router sets the thresh
Vigor2950 Series User’s Guide 61SYN packets with the identical source and destination addresses, as well as the port number to victims. Block Unknown
Vigor2950 Series User’s Guide 62 33..55 OObbjjeeccttss SSeettttiinnggss For IPs in a range and service ports in a limited range usually will be ap
Vigor2950 Series User’s Guide 63Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose a proper interface (WAN, LAN
Vigor2950 Series User’s Guide 64 33..55..22 IIPP GGrroouupp This page allows you to bind several IP objects into one IP group. Set to Factory D
Vigor2950 Series User’s Guide 6533..55..33 SSeerrvviiccee TTyyppee OObbjjeecctt You can set up to 96 sets of Service Type Objects with differen
Vigor2950 Series User’s Guide 66 (!=) – when the first and last value are the same, it indicates all the ports except the port defined here; when the
Vigor2950 Series User’s Guide 67 Name Type a name for this profile. Available Service Type Objects You can add IP objects from IP Objects page. All
Vigor2950 Series User’s Guide 68 Profile Name Type a name for this profile. Type a name for such profile and check all the items that not allowed t
Vigor2950 Series User’s Guide 6933..55..66 PP22PP OObbjjeecctt This page allows you to set 32 profiles for peer-to-peer application. These profile
Vigor2950 Series User’s Guide viii 3.12.5 WDS...
Vigor2950 Series User’s Guide 70 Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK
Vigor2950 Series User’s Guide 7133..55..88 MMiisscc OObbjjeecctt This page allows you to set 32 profiles for miscellaneous applications. These pro
Vigor2950 Series User’s Guide 72 Profile Name Type a name for this profile. Type a name for such profile and check all the protocols that not allow
Vigor2950 Series User’s Guide 73checks the URL strings or some of HTTP data hiding in the payload of TCP packets while legacy firewall inspects packe
Vigor2950 Series User’s Guide 74 33..66..11 AAPPPP EEnnffoorrcceemmeenntt PPrrooffiillee You can define policy profiles for different policy of I
Vigor2950 Series User’s Guide 7533..66..22 UURRLL CCoonntteenntt FFiilltteerr PPrrooffiillee Click CSM and click URL Content Filter Profile to o
Vigor2950 Series User’s Guide 76 You must clear your browser cache first so that the URL content filtering facility operates properly on a web page
Vigor2950 Series User’s Guide 7733..66..33 WWeebb CCoonntteenntt FFiilltteerr PPrrooffiillee We all know that the content on the Internet just l
Vigor2950 Series User’s Guide 78 33..77 BBaannddwwiiddtthh MMaannaaggeemmeenntt Below shows the menu items for Bandwidth Management. 33..77..11
Vigor2950 Series User’s Guide 79Maximum Sessions Defines the available session number for each host in the specific range of IP addresses. If you do
Vigor2950 Series User’s Guide ix5 Trouble Shooting ...229 5.1
Vigor2950 Series User’s Guide 80 Default TX limit Define the default speed of the upstream for each computer in LAN. Default RX limit Define the de
Vigor2950 Series User’s Guide 81the overcrowded network. This is especially essential to those are low tolerant of loss, delay or jitter (delay varia
Vigor2950 Series User’s Guide 82 This page displays the QoS settings result of the WAN interface. Click the Setup link to access into next page for
Vigor2950 Series User’s Guide 83Check this box and click OK, then click Setup link again. You will see the Online Statistics link appearing on this p
Vigor2950 Series User’s Guide 84 After you click the Edit link, you will see the following page. Now you can define the name for that Class. In this
Vigor2950 Series User’s Guide 85Edit It allows you to edit source address information. Address Type – Determine the address type for the source
Vigor2950 Series User’s Guide 86 After you click the Edit link, you will see the following page. For adding a new service type, click Add to open
Vigor2950 Series User’s Guide 8733..88 AApppplliiccaattiioonnss Below shows the menu items for Applications. 33..88..11 DDyynnaammiicc DDNNSS T
Vigor2950 Series User’s Guide 88 Active Display if this account is active or inactive. View Log Display DDNS log status. Force Update Force the ro
Vigor2950 Series User’s Guide 8933..88..22 SScchheedduullee The Vigor router has a built-in real time clock which can update itself manually or aut
Comentários a estes Manuais