Draytek Vigor2912 Owner's manual

Vigor2912 Series User’s Guide

ii

Vigor2912 Series User’s Guide

iii

Vigor2912 Series

Dual-WAN Security Router

User’s Guide

Version: 2.0

Firmware Version: V3.8.5

(For future update, please visit DrayTek web site)

Date: December 15, 2017

Vigor2912 Series User’s Guide

iv

Intellectual Property Rights (IPR) Information

Copyrights

copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval

system, or translated into any language without written permission from the copyright

holders.

Trademarks

The following trademarks are used in this document:

 Microsoft is a registered trademark of Microsoft Corp.

 Windows, Windows 95, 98, Me, NT, 2000, XP, Vista, 7 and Explorer are

trademarks of Microsoft Corp.

 Apple and Mac OS are registered trademarks of Apple Inc.

 Other products may be trademarks or registered trademarks of their respective

manufacturers.

Safety Instructions and Approval

Safety

Instructions

 Read the installation guide thoroughly before you set up the router.

 The router is a complicated electronic unit that may be repaired only be

authorized and qualified personnel. Do not try to open or repair the router

yourself.

 Do not place the router in a damp or humid place, e.g. a bathroom.

 The router should be used in a sheltered area, within a temperature range of +5 to

+40 Celsius.

 Do not expose the router to direct sunlight or other heat sources. The housing and

electronic components may be damaged by direct sunlight or heat sources.

 Do not deploy the cable for LAN connection outdoor to prevent electronic shock

hazards.

 Keep the package out of reach of children.

 When you want to dispose of the router, please follow local regulations on

conservation of the environment.

Warranty

We warrant to the original end user (purchaser) that the router will be free from any

defects in workmanship or materials for a period of two (2) years from the date of

purchase from the dealer. Please keep your purchase receipt in a safe place as it serves

as proof of date of purchase. During the warranty period, and upon proof of purchase,

should the product have indications of failure due to faulty workmanship and/or

materials, we will, at our discretion, repair or replace the defective products or

components, without charge for either parts or labor, to whatever extent we deem

necessary tore-store the product to proper operating condition. Any replacement will

consist of a new or re-manufactured functionally equivalent product of equal value, and

will be offered solely at our discretion. This warranty will not apply if the product is

modified, misused, tampered with, damaged by an act of God, or subjected to abnormal

working conditions. The warranty does not cover the bundled or licensed software of

other vendors. Defects which do not significantly affect the usability of the product will

not be covered by the warranty. We reserve the right to revise the manual and online

documentation and to make changes from time to time in the contents hereof without

obligation to notify any person of such revision or changes.

Be a Registered

Owner

Web registration is preferred. You can register your Vigor router via

http://www.DrayTek.com.

Firmware & Tools

Updates

Due to the continuous evolution of DrayTek technology, all routers will be regularly

upgraded. Please consult the DrayTek web site for more information on newest

firmware, tools and documents.

http://www.DrayTek.com

Vigor2912 Series User’s Guide

v

European Community Declarations

Manufacturer: DrayTek Corp.

Address: No. 26, Fu Shing Road, Hukou Township, Hsinchu Industrial Park, Hsinchu County, Taiwan 303

Product: Vigor2912 Series Router

DrayTek Corp. declares that Vigor2912 Series of routers are in compliance with the following essential

requirements and other relevant provisions of R&TTE 1999/5/EC, ErP 2009/125/EC and RoHS 2011/65/EU

.

The product conforms to the requirements of Electro-Magnetic Compatibility (EMC) Directive 2004/108/EC by

complying with the requirements set forth in EN55022/Class B and EN55024/Class B.

The product conforms to the requirements of Low Voltage (LVD) Directive 2006/95/EC by complying with the

requirements set forth in EN60950-1.

This product is designed for 2.4GHz WLAN network throughout the EC region.

Regulatory Information

Federal Communication Commission Interference Statement

This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part

15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a

residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed

and used in accordance with the instructions, may cause harmful interference to radio communications. However,

there is no guarantee that interference will not occur in a particular installation. If this equipment does cause

harmful interference to radio or television reception, which can be determined by turning the equipment off and

on, the user is encouraged to try to correct the interference by one of the following measures:

 Reorient or relocate the receiving antenna.

 Increase the separation between the equipment and receiver.

 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

 Consult the dealer or an experienced radio/TV technician for help.

This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:

(1) This device may not cause harmful interference, and

(2) This device may accept any interference received, including interference that may cause undesired operation.

This equipment complies with RFCC radiation exposure limits set forth for an uncontrolled environment.

The antenna/transmitter should be kept at least 20 cm away from human body.

Please visit http://www.draytek.com for more detailed information.

Vigor2912 Series User’s Guide

vi

Vigor2912 Series User’s Guide

vii

T

a

b

l

e

o

f

C

o

n

t

e

n

t

s

Introduction...................................................................................................1

1.1 Web Configuration Buttons Explanation................................................................................. 2

1.2 LED Indicators and Connectors.............................................................................................. 3

1.2.1 Vigor2912/Vigor2912F......................................................................................................3

1.2.2 Vigor2912n/Vigor2912Fn.................................................................................................. 5

1.3 Hardware Installation .............................................................................................................. 7

1.4 Accessing Web User Interface................................................................................................8

1.5 Changing Password................................................................................................................ 9

1.6 Web Console, Config Backup & Exit..................................................................................... 10

1.6.1 Web Console.................................................................................................................. 10

1.6.2 Config Backup ................................................................................................................ 11

1.6.3 Logout............................................................................................................................. 11

1.7 Online Status......................................................................................................................... 12

1.7.1 Physical Connection.......................................................................................................12

1.7.2 Virtual WAN.................................................................................................................... 14

1.8 Saving Configuration............................................................................................................. 14

Quick Setup.................................................................................................15

2.1 Quick Start Wizard ................................................................................................................ 15

2.1.1 For WAN1 (Ethernet/Fiber) / WAN2 (Ethernet).............................................................. 17

2.1.2 For WAN2 (Wireless)...................................................................................................... 26

2.1.3 For WAN3 (USB)............................................................................................................35

2.2 Service Activation Wizard...................................................................................................... 37

2.3 VPN Client Wizard ................................................................................................................ 39

2.4 VPN Server Wizard............................................................................................................... 45

2.5 Wireless Wizard.................................................................................................................... 50

2.6 Registering Vigor Router....................................................................................................... 53

Tutorials and Applications.........................................................................55

3.1 How to configure settings for IPv6 Service in Vigor2912...................................................... 55

3.2 How can I get the files from USB storage device connecting to Vigor router?..................... 65

3.3 How to Build a LAN-to-LAN VPN Between Remote Office and Headquarter via IPsec Tunnel

(Main Mode)................................................................................................................................ 68

3.4 How to Optimize the Bandwidth through QoS Technology................................................... 72

3.5 QoS Setting Example............................................................................................................ 76

Vigor2912 Series User’s Guide

viii

3.6 How to use Landing Page Feature ....................................................................................... 80

3.7 How to Create an Account for MyVigor................................................................................. 84

3.7.1 Create an Account via Vigor Router............................................................................... 84

3.7.2 Create an Account via MyVigor Web Site ...................................................................... 88

3.8 How to Configure Certain Computers Accessing to Internet................................................ 92

3.9 How to Block Facebook Service Accessed by the Users via Web Content Filter / URL

Content Filter............................................................................................................................... 96

Advanced Configuration..........................................................................103

4.1 WAN.................................................................................................................................... 103

4.1.1 Basics of Internet Protocol (IP) Network....................................................................... 103

4.1.2 General Setup............................................................................................................... 105

4.1.3 Internet Access............................................................................................................. 110

4.1.4 Multi-VLAN.................................................................................................................... 139

4.2 LAN ..................................................................................................................................... 145

4.2.1 Basics of LAN ............................................................................................................... 145

4.2.2 General Setup............................................................................................................... 147

4.2.3 Static Route.................................................................................................................. 156

4.2.4 VLAN............................................................................................................................. 161

4.2.5 Bind IP to MAC............................................................................................................. 164

4.2.6 LAN Port Mirror............................................................................................................. 166

4.2.7 Web Portal Setup.......................................................................................................... 167

4.3 Load-Balance /Route Policy................................................................................................ 169

4.3.1 General Setup............................................................................................................... 170

4.3.2 Diagnose....................................................................................................................... 180

4.4 NAT ..................................................................................................................................... 182

4.4.1 Port Redirection............................................................................................................ 183

4.4.2 DMZ Host...................................................................................................................... 187

4.4.3 Open Ports.................................................................................................................... 190

4.4.4 Port Triggering.............................................................................................................. 192

4.5 Firewall................................................................................................................................ 195

4.5.1 Basics for Firewall......................................................................................................... 195

4.5.2 General Setup............................................................................................................... 197

4.5.3 Filter Setup ................................................................................................................... 202

4.5.4 DoS Defense ................................................................................................................ 212

4.6 User Management............................................................................................................... 216

4.6.1 General Setup............................................................................................................... 217

4.6.2 User Profile................................................................................................................... 218

4.6.3 User Group................................................................................................................... 222

4.6.4 User Online Status........................................................................................................ 223

4.7 Objects Setting.................................................................................................................... 224

4.7.1 IP Object....................................................................................................................... 225

4.7.2 IP Group ....................................................................................................................... 228

4.7.3 IPv6 Object................................................................................................................... 229

4.7.4 IPv6 Group.................................................................................................................... 231

4.7.5 Service Type Object ..................................................................................................... 232

4.7.6 Service Type Group...................................................................................................... 234

Vigor2912 Series User’s Guide

ix

4.7.7 Keyword Object ............................................................................................................ 235

4.7.8 Keyword Group............................................................................................................. 237

4.7.9 File Extension Object.................................................................................................... 238

4.7.10 SMS/Mail Service Object............................................................................................ 240

4.7.11 Notification Object....................................................................................................... 245

4.7.12 String Object............................................................................................................... 247

4.8 CSM Profile......................................................................................................................... 248

4.8.1 APP Enforcement Profile.............................................................................................. 249

4.8.2 URL Content Filter Profile............................................................................................. 252

4.8.3 Web Content Filter Profile............................................................................................. 257

4.8.4 DNS Filter Profile.......................................................................................................... 261

4.9 Bandwidth Management ..................................................................................................... 263

4.9.1 Sessions Limit............................................................................................................... 263

4.9.2 Bandwidth Limit ............................................................................................................ 265

4.9.3 Quality of Service.......................................................................................................... 267

4.10 Applications....................................................................................................................... 275

4.10.1 Dynamic DNS............................................................................................................. 275

4.10.2 LAN DNS.................................................................................................................... 279

4.10.3 Schedule..................................................................................................................... 282

4.10.4 RADIUS...................................................................................................................... 284

4.10.5 Active Directory/ LDAP............................................................................................... 285

4.10.6 UPnP........................................................................................................................... 288

4.10.7 IGMP........................................................................................................................... 289

4.10.8 Wake on LAN.............................................................................................................. 290

4.10.9 SMS / Mail Alert Service............................................................................................. 291

4.10.10 Bonjour ..................................................................................................................... 293

4.11 VPN and Remote Access.................................................................................................. 296

4.11.1 Remote Access Control.............................................................................................. 297

4.11.2 PPP General Setup .................................................................................................... 298

4.11.3 IPsec General Setup................................................................................................... 300

4.11.4 IPsec Peer Identity...................................................................................................... 302

4.11.5 Remote Dial-in User ................................................................................................... 304

4.11.6 LAN to LAN................................................................................................................. 307

4.11.7 VPN TRUNK Management......................................................................................... 318

4.11.8 Connection Management ........................................................................................... 323

4.12 Certificate Management.................................................................................................... 324

4.12.1 Local Certificate.......................................................................................................... 325

4.12.2 Trusted CA Certificate ................................................................................................ 329

4.12.3 Certificate Backup....................................................................................................... 331

4.13 Wireless LAN .................................................................................................................... 332

4.13.1 Basic Concepts........................................................................................................... 332

4.13.2 General Setup............................................................................................................. 334

4.13.3 Security....................................................................................................................... 337

4.13.4 Access Control............................................................................................................ 339

4.13.5 WPS............................................................................................................................ 340

4.13.6 WDS............................................................................................................................ 344

4.13.7 Advanced Setting........................................................................................................ 347

4.13.8 Station Control............................................................................................................ 350

4.13.9 AP Discovery.............................................................................................................. 351

4.13.10 Airtime Fairness........................................................................................................ 352

4.13.11 Station List................................................................................................................ 354

4.14 SSL VPN........................................................................................................................... 354

4.14.1 General Setup............................................................................................................. 355

Vigor2912 Series User’s Guide

x

4.14.2 SSL Web Proxy .......................................................................................................... 356

4.14.3 SSL Application .......................................................................................................... 357

4.14.4 User Account.............................................................................................................. 360

4.14.5 User Group................................................................................................................. 364

4.14.6 Online User Status...................................................................................................... 366

4.15 USB Application ................................................................................................................ 367

4.15.1 USB General Settings................................................................................................. 367

4.15.2 USB User Management.............................................................................................. 370

4.15.3 File Explorer................................................................................................................ 372

4.15.4 USB Device Status..................................................................................................... 373

4.15.5 Modem Support List.................................................................................................... 374

4.15.6 SMB Client Support List.............................................................................................. 374

4.16 System Maintenance......................................................................................................... 376

4.16.1 System Status............................................................................................................. 376

4.16.2 TR-069........................................................................................................................ 378

4.16.3 Administrator Password.............................................................................................. 381

4.16.4 User Password ...........................................................................................................383

4.16.5 Login Page Greeting................................................................................................... 387

4.16.6 Configuration Backup ................................................................................................. 389

4.16.7 Syslog/Mail Alert......................................................................................................... 392

4.16.8 Time and Date............................................................................................................ 395

4.16.9 SNMP.......................................................................................................................... 397

4.16.10 Management............................................................................................................. 399

4.16.11 Self-Signed Certificate.............................................................................................. 402

4.16.12 Reboot System......................................................................................................... 404

4.16.13 Firmware Upgrade.................................................................................................... 405

4.16.14 Activation.................................................................................................................. 406

4.17 Diagnostics........................................................................................................................ 408

4.17.1 Dial-out Triggering...................................................................................................... 408

4.17.2 Routing Table ............................................................................................................. 409

4.17.3 ARP Cache Table....................................................................................................... 410

4.17.4 IPv6 Neighbour Table................................................................................................. 410

4.17.5 DHCP Table................................................................................................................ 411

4.17.6 NAT Sessions Table................................................................................................... 412

4.17.7 DNS Cache Table....................................................................................................... 413

4.17.8 Ping Diagnosis............................................................................................................ 415

4.17.9 Data Flow Monitor....................................................................................................... 416

4.17.10 Traffic Graph............................................................................................................. 418

4.17.11 Trace Route.............................................................................................................. 419

4.17.12 Syslog Explorer......................................................................................................... 420

4.17.13 IPv6 TSPC Status..................................................................................................... 421

4.17.14 DoS Flood Table....................................................................................................... 422

4.18 External Devices............................................................................................................... 424

Trouble Shooting......................................................................................425

5.1 Checking If the Hardware Status Is OK or Not.................................................................... 425

5.2 Checking If the Network Connection Settings on Your Computer Is OK or Not ................. 426

5.3 Pinging the Router from Your Computer............................................................................. 429

5.4 Checking If the ISP Settings are OK or Not........................................................................ 430

5.5 Problems for 3G Network Connection ................................................................................ 430

Vigor2912 Series User’s Guide

xi

5.6 Backing to Factory Default Setting If Necessary ................................................................ 431

5.7 Contacting DrayTek............................................................................................................. 433

Appendix I: VLAN Applications on Vigor Router ........................................................435

Vigor2912 Series User’s Guide

1

I

n

t

r

o

d

u

c

t

i

o

n

Vigor2912 series is a broadband router which integrates IP layer QoS, NAT

session/bandwidth management to help users control works well with large bandwidth.

By adopting hardware-based VPN platform and hardware encryption of AES/DES/3DES, the

router increases the performance of VPN greatly, and offers several protocols (such as

IPsec/PPTP/L2TP) with up to 16 VPN tunnels.

The object-based design used in SPI (Stateful Packet Inspection) firewall allows users to set

firewall policy with ease. CSM (Content Security Management) provides users control and

management in IM (Instant Messenger) and P2P (Peer to Peer) more efficiency than before.

By the way, DoS/DDoS prevention and URL/Web content filter strengthen the security

outside and control inside. Object-based firewall is flexible and allows your network be safe.

In addition, Vigor2912 series supports USB interface for connecting USB printer to share

printing function or 3G USB modem for network connection.

Vigor2912 series provides two-level management to simplify the configuration of network

connection. The user mode allows user accessing into WEB interface via simple configuration.

However, if users want to have advanced configurations, they can access into WEB interface

through admin mode.

Vigor2912 Series User’s Guide

2

1

.

1

W

e

b

C

o

n

f

i

g

u

r

a

t

i

o

n

B

u

t

o

n

s

E

x

p

l

a

n

a

t

i

o

n

Several main buttons appeared on the web pages are defined as the following:

Save and apply current settings.

Cancel current settings and recover to the previous saved settings.

Clear all the selections and parameters settings, including selection from

drop-down list. All the values must be reset with factory default settings.

Add new settings for specified item.

Edit the settings for the selected item.

Delete the selected item with the corresponding settings.

Note: For the other buttons shown on the web pages, please refer to Chapter 3, 4 for detailed

explanation.

Vigor2912 Series User’s Guide

3

1

.

2

L

E

D

I

n

d

i

c

a

t

o

r

s

a

n

d

C

o

n

e

c

t

o

r

s

Before you use the Vigor router, please get acquainted with the LED indicators and connectors

first.

1

.

2

.

1

V

i

g

o

r

2

9

1

2

/

V

i

g

o

r

2

9

1

2

F

LED Status Explanation

Blinking The router is powered on and running normally. ACT (Activity)

Off The router is powered off.

On The Web Content Filter is active. (It is enabled from

Firewall >> General Setup).

WCF

Off The Web Content Filter is inactive.

QoS

On The QoS function is active.

On The DoS/DDoS function is active. DoS

Blinking It will blink while detecting an attack.

On The port is connected.

Off The port is disconnected.

LAN (P4~P1)

Blinking The data is transmitting.

On Internet connection is ready.

Off Internet connection is not ready.

WAN(W2~W1)

Blinking The data is transmitting.

VPN On The VPN tunnel is active.

On USB device is connected and ready for use. USB

Blinking The data is transmitting.

Vigor2912 Series User’s Guide

4

Interface

Description

PWR

Connecter for a power adapter.

ON/OFF

Power Switch.

USB Connecter for a USB device (for 3G/4G USB Modem or printer).

W1 (Vigor2912) Connecter an ADSL or cable modem for accessing Internet (WAN).

W1 (Vigor2912F) Fiber connection (100Mbps) for accessing the Internet.

W2/P1 Connecter an ADSL or cable modem for accessing Internet (WAN); or

connecter for local network devices (LAN).

This connector is switchable for LAN and WAN connection.

P2~P4 Connecters for local network devices (LAN).

Factory Reset Restore the default settings. Usage: Turn on the router (ACT LED is

blinking). Press the hole and keep for more than 5 seconds. When you

see the ACT LED begins to blink rapidly than usual, release the button.

Then the router will restart with the factory default configuration.

Vigor2912 Series User’s Guide

5

1

.

2

.

2

V

i

g

o

r

2

9

1

2

n

/

V

i

g

o

r

2

9

1

2

F

n

LED Status Explanation

Blinking The router is powered on and running normally. ACT (Activity)

Off The router is powered off.

On The Web Content Filter is active. (It is enabled from

Firewall >> General Setup).

WCF

Off The Web Content Filter is inactive.

QoS

On The QoS function is active.

On

Wireless access point is ready.

WLAN

Blinking

It will blink slowly while wireless traffic goes through.

ACT and WLAN LEDs blink quickly and

simultaneously when WPS is working, and will return

to normal condition after two minutes. (You need to

setup WPS within 2 minutes.)

On The port is connected.

Off The port is disconnected.

LAN (P4~P1)

Blinking The data is transmitting.

On Internet connection is ready.

Off Internet connection is not ready.

WAN(W2~W1)

Blinking The data is transmitting.

VPN On The VPN tunnel is active.

On USB device is connected and ready for use. USB

Blinking The data is transmitting.

Vigor2912 Series User’s Guide

6

Interface Description

PWR

Connecter for a power adapter.

ON/OFF Power Switch.

USB Connecter for a USB device (for 3G/4G USB Modem or printer).

W1 (Vigor2912n) Connecter an ADSL or cable modem for accessing Internet (WAN).

W1 (Vigor2912Fn) Fiber connection (100Mbps) for accessing the Internet.

W2/P1 Connecter an ADSL or cable modem for accessing Internet (WAN); or

connecter for local network devices (LAN).

This connector is switchable for LAN and WAN connection.

P2~P4 Connecters for local network devices (LAN).

Wireless LAN

ON/OFF/WPS

Press "Wireless LAN ON/OFF/WPS" button once to wait for client

device making network connection through WPS.

Press "Wireless LAN ON/OFF/WPS" button twice to enable (WLAN

LED on) or disable (WLAN LED off) wireless connection.

Factory Reset Restore the default settings. Usage: Turn on the router (ACT LED is

blinking). Press the hole and keep for more than 5 seconds. When you

see the ACT LED begins to blink rapidly than usual, release the button.

Then the router will restart with the factory default configuration.

Vigor2912 Series User’s Guide

7

1

.

3

H

a

r

d

w

a

r

e

I

n

s

t

a

l

a

t

i

o

n

Before starting to configure the router, you have to connect your devices correctly.

1. Connect the cable Modem/DSL Modem/Media Converter to any WAN port of router

with Ethernet cable (RJ-45).

2. Connect one end of an Ethernet cable (RJ-45) to one of the LAN ports of the router and

the other end of the cable (RJ-45) into the Ethernet port on your computer.

3. Connect one end of the power adapter to the router’s power port on the rear panel, and

the other side into a wall outlet.

4. Power on the device by pressing down the power switch on the rear panel.

5. The system starts to initiate. After completing the system test, the ACT LED will light

up and start blinking.

(For the hardware connection, we take “n” model as an example.)

Vigor2912 Series User’s Guide

8

1

.

4

A

c

e

s

i

n

g

W

e

b

U

s

e

r

I

n

t

e

r

f

a

c

e

1. Make sure your PC connects to the router correctly.

You may either simply set up your computer to get IP dynamically from the router or set

up the IP address of the computer to be the same subnet as the default IP address of

Vigor router 192.168.1.1. For the detailed information, please refer to the later section -

Trouble Shooting of the guide.

2. Open a web browser on your PC and type http://192.168.1.1. The following window

will be open to ask for username and password.

3. Please type “admin/admin” as the Username/Password and click Login.

Notice: If you fail to access to the web configuration, please go to “Trouble

Shooting” for detecting and solving your problem.

4. Now, the Main Screen will appear.

Note: The home page will be different slightly in accordance with the type of the

router you have.

Page is loading ...

Draytek Vigor2912 Owner's manual

Draytek Vigor2912 Owner's manual

Related papers

Other documents