VigorFly 200 Wi-Fi Router User’s Guide Version: 1.
Copyright Information Copyright Declarations Copyright 2010 All rights reserved. This publication contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language without written permission from the copyright holders. Trademarks The following trademarks are used in this document: z Microsoft is a registered trademark of Microsoft Corp.
European Community Declarations Manufacturer: Address: Product: DrayTek Corp. No. 26, Fu Shing Road, HuKou County, HsinChu Industrial Park, Hsin-Chu, Taiwan 303 VigorFly 200 Series Router DrayTek Corp. declares that VigorFly 200 is in compliance with the following essential requirements and other relevant provisions of R&TTE Directive 1999/5/EEC.
Table of Contents 1 Preface ...............................................................................................................1 1.1 Web Configuration Buttons Explanation ................................................................................. 1 1.2 LED Indicators and Connectors .............................................................................................. 2 1.3 Hardware Installation ......................................................................................
3.6 System Maintenance............................................................................................................. 61 3.6.1 System Status................................................................................................................. 61 3.6.2 User Password ............................................................................................................... 62 3.6.3 Time and Date ......................................................................................
4.7.5 Syslog/Mail Alert ........................................................................................................... 119 4.7.6 Time and Date .............................................................................................................. 120 4.7.7 Management................................................................................................................. 121 4.7.8 Reboot System .......................................................................................
1 Preface VigorFly 200 is a compact broadband router with 802.11n WLAN network. Its Ethernet WAN port can connect to VDSL/VDSL2/GPON/G.SHDSL /ADSL2+/ADSL/cable modem while you have fixed line. The NAT throughput can easily manage time-critical multimedia streaming. It's easy for family or friends to hook up PCs via embedded 10/100 Ethernet LAN switch to enjoy multimedia applications. Two antennas provide you with speedy WLAN networking. If you are out of coverage of fixed line, you can directly plug 3.
1.2 LED Indicators and Connectors Before you use the Vigor router, please get acquainted with the LED indicators and connectors first. LED Status Explanation ACT Off Blinking USB On Blinking On Blinking On The system is not ready or is failed. The system is ready and can work normally. A USB device is connected and active. The data is transmitting. The WAN port is connected. It will blink while transmitting data. A normal connection is through its corresponding port. LAN is disconnected.
1.3 Hardware Installation Before starting to configure the router, you have to connect your devices correctly. 1. Connect this device to a modem with an Ethernet cable. 2. Connect the LAN port to your computer with a RJ-45 cable. 3. Connect one end of the power adapter to the Power port of this device. Connect the other end to the wall outlet of electricity. 4. Power on the router. 5. Check the ACT, WAN and LAN LEDs to assure network connections.
1.4 Printer Installation You can install a printer onto the router for sharing printing. All the PCs connected this router can print documents via the router. The example provided here is made based on Windows XP/2000. For Windows 98/SE/Vista, please visit www.draytek.com. Before using it, please follow the steps below to configure settings for connected computers (or wireless clients). 1. Connect the printer with the router through USB/parallel port. 2. Open Start->Settings-> Printer and Faxes. 3.
4. Click Local printer attached to this computer and click Next. 5. In this dialog, choose Create a new port Type of port and use the drop down list to select Standard TCP/IP Port. Click Next.
6. In the following dialog, type 192.168.1.1 (router’s LAN IP) in the field of Printer Name or IP Address and type IP_192.168.1.1 as the port name. Then, click Next. 7. Click Standard and choose Generic Network Card. 8. Then, in the following dialog, click Finish.
9. Now, your system will ask you to choose right name of the printer that you installed onto the router. Such step can make correct driver loaded onto your PC. When you finish the selection, click Next. 10. For the final stage, you need to go back to Control Panel-> Printers and edit the property of the new printer you have added. 11. Select "LPR" on Protocol, type p1 (number 1) as Queue Name. Then click OK. Next please refer to the red rectangle for choosing the correct protocol and UPR name.
The printer can be used for printing now. Most of the printers with different manufacturers are compatible with vigor router. Note 1: Some printers with the fax/scanning or other additional functions are not supported. If you do not know whether your printer is supported or not, please visit www.draytek.com to find out the printer list. Open Support >FAQ; find out the link of Printer Server and click it; then click the What types of printers are compatible with Vigor router? link.
2 Configuring Basic Settings For using the router properly, it is necessary for you to change the password of web configuration for security and adjust primary basic settings. 2.1 Two-Level Management This chapter explains how to setup a password for an administrator/user and how to adjust basic/advanced settings for accessing Internet successfully. For user mode operation, do not type any word on the window and click Login for the simple web pages for configuration.
2.3 Changing Password Before configuring the web pages, please change the password for the original security of the router. Such action can be done in Admin Mode only. 1. Open a web browser on your PC and type http://192.168.1.1. A pop-up window will open to ask for username and password. 2. Please type “admin/admin” on Username/Password for admin mode. Otherwise, do not type any word (both username and password are Null for user mode) on the window and click Login on the window.
3. To change the password, please access into Admin Mode. Then, go to System Maintenance page and choose Administration Password. 4. Type new user name in the field of Account and new password in the field of Password. Then click OK to continue. 5. Now, the password has been changed. Next time, use the new username / password to access the Web Configurator of this router.
2.4 Quick Start Wizard Notice: Quick Start Wizard for user mode operation is the same as for admin mode operation. If your router can be under an environment with high speed NAT, the configuration provide here can help you to deploy and use the router quickly. The first screen of Quick Start Wizard is welcome page, please click Next. 2.4.1 Setting up the Password The first screen of Quick Start Wizard is entering login account and password. After typing a new password, please click Next.
2.4.2 Setting up the Time and Date On the next page as shown below, please select the Time Zone for the router installed and specify the NTP server(s). Then click Next for next step. 2.4.3 Setting up the Internet Connection On the next page as shown below, please select the appropriate connection type according to the information from your ISP. There are five types offered in this page. Each connection type will bring out different web page.
Static IP You will receive a fixed public IP address or a public subnet, namely multiple public IP addresses from your DSL or Cable ISP service providers. In most cases, a Cable service provider will offer a fixed public IP, while a DSL service provider will offer a public subnet. If you have a public subnet, you could assign an IP address or many IP address to the WAN interface. IP Address Type the IP address. Subnet Mask Type the subnet mask. Default Gateway Type the gateway IP address.
DHCP It is not necessary for you to type any IP address manually. Simply choose this type and the system will obtain the IP address automatically from DHCP server. DHCP Mode Router Name – Default setting is VigorFly200. Enable The router will detect the MAC address automatically. Or, check the box to enable MAC address cloning. MAC Address Clone It is available when the box of Enabled is checked. Click MAC Address Clone. The router will detect the MAC address automatically.
If your ISP provides you the PPPoE connection, please select PPPoE for this router. The following page will be shown: User Name Assign a specific valid user name provided by the ISP. Password Assign a valid password provided by the ISP. Confirmed Password Type the password again for confirmation. Redial Policy If you want to connect to Internet all the time, you can choose Always On. Otherwise, choose Connect on Demand. Always On – Choose it to enable router always keep connection.
PPTP/L2TP If you click PPTP/L2TP as the connection type, please manually enter the Username/Password provided by your ISP and all the required information. L2TP/PPTP Server IP Address Specify the IP address of the PPTP/L2TP server. User Name Assign a specific valid user name provided by the ISP. Password Assign a valid password provided by the ISP. WAN IP Network Settings You can choose Static IP or DHCP as address mode setting.
address automatically. And the result will be displayed in the field of MAC Address. Besides, if you want to change the MAC address for WAN interface, simply click Enable and type the MAC address in this field manually. After finishing the settings here, please click Next. 3G USB Modem If you want to access Internet by 3G USB modem, choose this mode as the protocol and type the required information in this web page. SIM PIN code Type PIN code of the SIM card that will be used to access Internet.
field of MAC Address. Besides, if you want to change the MAC address for WAN interface, simply click Enable and type the MAC address in this field manually. After finishing the settings here, please click Next. 2.4.4 Setting up the Wireless Connection Now, you have to set up the wireless connection. Enable Wireless LAN Check the box to enable the wireless function. Hide SSID Check this box to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN.
ask you to offer additional configuration. WEP If you choose WEP as the security configuration, you have to specify encryption key (Key 1 ~ Key 4) and authentication mode (open or shared). All wireless devices must support the same WEP encryption bit size and have the same key. Key 1 ~ Key 4 Four keys can be entered here, but only one key can be selected at a time.
WPA/PSK or WPA2/PSK or Mixed (WPA+WPA2)/PSK Accepts only WPA clients and the encryption key should be entered in PSK. The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithm Choose the WPA algorithm, TKIP, AES or TKIP/AES. Pass Phrase Either 8~63 ASCII characters, such as 012345678..(or 64 Hexadecimal digits leading by 0x, such as "0x321253abcde...").
WEP/802.1x Remote Authentication Dial-In User Service (RADIUS) is a security authentication client/server protocol that supports authentication, authorization and accounting, which is widely used by Internet service providers. It is the most common method of authenticating and authorizing dial-up and tunneled network users. The built-in RADIUS client feature enables the router to assist the remote dial-in user or a wireless station and the RADIUS server in performing mutual authentication.
WPA/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated. This randomly generated key that is periodically replaced.
WPA2/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated. This randomly generated key that is periodically replaced.
authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Session Timeout Set the maximum time of service provided before re-authentication. Set to zero to perform another authentication immediately after the first authentication has successfully completed. (The unit is second.) Idle Timeout Set the maximum time that a wireless device may remain idle. (The unit is second.) Mixed (WPA+WPA2)/802.
Session Timeout Set the maximum time of service provided before re-authentication. Set to zero to perform another authentication immediately after the first authentication has successfully completed. (The unit is second.) Idle Timeout Set the maximum time that a wireless device may remain idle. (The unit is second.) After finishing the settings here, please click Next. 2.4.5 Saving the Wizard Configuration Now you can see the following screen. It indicates that the setup is complete.
IP Address Displays the IP address of the LAN interface. TX Packets Displays the total transmitted packets at the LAN interface. RX Packets Displays the total number of received packets at the LAN interface. WAN Status IP Displays the IP address of the WAN interface. GW IP Displays the IP address of the default gateway. Mode Displays the type of WAN connection (e.g., PPPoE). Up Time Displays the total uptime of the interface. Primary DNS Displays the primary DNS setting.
This page is left blank.
3 User Mode Operation This chapter will guide users to execute simple configuration through user mode operation. 1. Open a web browser on your PC and type http://192.168.1.1. The window will ask for typing username and password. 2. Do not type any word (both username and password are Null for user operation) on the window and click Login on the window. Now, the Main Screen will appear. Be aware that “User mode” will be displayed on the bottom left side. 3.
What are Public IP Address and Private IP Address As the router plays a role to manage and further protect its LAN, it interconnects groups of host PCs. Each of them has a private IP address assigned by the built-in DHCP server of the Vigor router. The router itself will also use the default private IP address: 192.168.1.1 to communicate with the local hosts. Meanwhile, Vigor router will communicate with other network devices through a public IP address.
3.1.1 Internet Access This page allows you to set WAN configuration with different modes. Use the Connection Type drop down list to choose one of the WAN modes. The corresponding page will be displayed. Static IP For static IP mode, you usually receive a fixed public IP address or a public subnet, namely multiple public IP addresses from your DSL or Cable ISP service providers. In most cases, a Cable service provider will offer a fixed public IP, while a DSL service provider will offer a public subnet.
Default Gateway Type the gateway IP address. Primary DNS Server You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server. If your ISP does not provide it, the router will automatically apply default DNS Server IP address: 198.95.1.1 to this field. Secondary DNS Server You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server.
DHCP DHCP allows a user to obtain an IP address automatically from a DHCP server on the Internet. If you choose DHCP mode, the DHCP server of your ISP will assign a dynamic IP address for your router automatically. It is not necessary for you to assign any setting, Router Name Type in a name for the router. It must be the same as the name used in Syslog. MAC Address Clone MAC Address Clone is available when the box of Enable is checked. The router will detect the MAC address automatically.
Username Type in the username provided by ISP in this field. Password Type in the password provided by ISP in this field. Redial Policy If you want to connect to Internet all the time, you can choose Always On. Otherwise, choose Connect on Demand. Idle Time - Set the timeout for breaking down the Internet after passing through the time without any action. When you choose Connect on Demand, you have to type value here. MAC Address Clone MAC Address Clone is available when the box of Enable is checked.
PPTP/L2TP To use PPTP/L2TP as the accessing protocol of the internet, please choose PPTP/L2TP from Connection Type drop down menu. The following web page will be shown. Server IP Type in the IP address of the PPTP/L2TP server. User Name Type in the username provided by ISP in this field. Password Type in the password provided by ISP in this field. Address Mode You can choose Static IP or DHCP as WAN IP network setting.
MAC Address. After finishing all the settings here, please click OK to activate them. 3G USB Modem If your router connects to a 3G modem and you want to access Internet via 3G modem, choose 3G as connection type and type the required information in this web page. SIM PIN code Type PIN code of the SIM card that will be used to access Internet. Modem Initial String1/2 Such value is used to initialize USB modem. Please use the default value. If you have any question, please contact to your ISP.
. After finishing all the settings here, please click OK to activate them. 3.1.2 3G Backup This page is used to setup 3G backup function. If you enable 3G backup, make sure your WAN connection type is not in 3G mode. When the WAN connection is broken, router will try to keep the connection with 3G mode. After WAN connection is recovered, router will disconnect the 3G connection automatically. Enable 3G Backup Check this box to enable the 3G backup feature.
3.2 LAN Local Area Network (LAN) is a group of subnets regulated and ruled by router. The design of network structure is related to what type of public IP addresses coming from your ISP. Basics of LAN The most generic function of Vigor router is NAT. It creates a private subnet of your own. As mentioned previously, the router will talk to other public hosts on the Internet by using public IP address and talking to local hosts by using its private IP address.
What is Routing Information Protocol (RIP) Vigor router will exchange routing information with neighboring routers using the RIP to accomplish IP routing. This allows users to change the information of the router such as IP address and the routers will automatically inform for each other. Below shows the LAN menu: 3.2.1 General Setup This page provides you the general settings for LAN. Click LAN to open the LAN settings page and choose General Setup.
network (Default: 192.168.1.1). Subnet Mask Type in an address code that determines the size of the network. (Default: 255.255.255.0) For IP Routing Usage Click Enable to invoke this function. The default setting is Disable. 2nd IP Address Type in secondary IP address for connecting to a subnet. (Default: 192.168.2.1) 2nd Subnet Mask An address code that determines the size of the network.
automatically apply default secondary DNS Server IP address: 194.98.0.1 to this field. If both the Primary IP and Secondary IP Address fields are left empty, the router will assign its own IP address to local users as a DNS proxy server and maintain a DNS cache. If the IP address of a domain name is already in the DNS cache, the router will resolve the domain name immediately. Otherwise, the router forwards the DNS query packet to the external DNS server by establishing a WAN (e.g. DSL/Cable) connection.
Virtual Server Settings Choose Enable to invoke this setting. Protocol Specify the transport layer protocol. It could be TCP, UDP and TCP+UDP. Public Port Range Specify the starting port number and ending port number of the service offered by the local host. Local IP Address Enter the private IP address of the local host. Local Port If it is configured, the forwarded traffic is mapped to this port on the local host. Comment Type words as notification for such virtual server.
Note: The security properties of NAT are somewhat bypassed if you set up DMZ host. We suggest you to add additional filter rules or a secondary firewall. Click DMZ Host to open the following page: DMZ Settings Check this box to enable the DMZ Host function. DMZ IP Address Enter the private IP address of the DMZ host. OK Click this button to save such profile. Cancel Click this button to clear information on this page.
3.4 Applications Below shows the menu items for Applications. 3.4.1 Dynamic DNS The ISP often provides you with a dynamic IP address when you connect to the Internet via your ISP. It means that the public IP address assigned to your router changes each time you access the Internet. The Dynamic DNS feature lets you assign a domain name to a dynamic WAN IP address. It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server.
holes everywhere. Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well as Internet access The Vigor wireless routers are equipped with a wireless LAN interface compliant with the standard IEEE 802.11n draft 2 protocol. To boost its performance further, the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps*. Hence, you can finally smoothly enjoy stream music and video.
In WPA-Personal, a pre-defined key is used for encryption during data transmission. WPA applies Temporal Key Integrity Protocol (TKIP) for data encryption while WPA2 applies AES. The WPA-Enterprise combines not only encryption but also authentication. Since WEP has been proved vulnerable, you may consider using WPA for the most secure connection. You should select the appropriate security mechanism according to your needs.
Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN. Depending on the wireless utility, the user may only see the information except SSID or just cannot see any thing about Vigor wireless router while site surveying. The system allows you to set three sets of SSID for different usage. SSID Set a name for the router to be identified.
Universal Repeater If such mode is enabled, the access point can act as a wireless repeater; it can be Station and AP at the same time. It can use Station function to connect to a Root AP and use AP function to service all wireless stations within its coverage. Check this box to enable the function. Besides, it will be displayed on the Wireless LAN for you to access for detailed configuration. Open Wireless LAN>>Universal Repeater. Please refer to the corresponding section for detailed information. 3.5.
Mode z There are several modes provided for you to choose. Disable The encryption mechanism is turned off. z WEP Accepts only WEP clients and the encryption key should be entered in WEP Key.
WEP Key1-Key4 Four keys can be entered here, but only one key can be selected at a time. The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64-bit encryption level, or restricted to 13 ASCII characters or 26 hexadecimal values in 128-bit encryption level. The allowed content is the ASCII characters from 33(!) to 126(~) except '#' and ','.
z WPA/PSK or WPA2/PSK or Mixed (WPA+WPA2)/PSK Accepts only WPA clients and the encryption key should be entered in PSK. The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. z WPA Algorithm Select TKIP, AES or TKIP/AES as the algorithm for WPA. Pass Phrase Either 8~63 ASCII characters, such as 012345678..
802.1x WEP Disable - Disable the WEP Encryption. Data sent to the AP will not be encrypted. Enable - Enable the WEP Encryption. Click the link of RADIUS Server to access into the following page for more settings. IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them.
idle. (The unit is second.) z WPA/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated.
IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Session Timeout Set the maximum time of service provided before re-authentication.
z WPA2/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated.
z IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Session Timeout Set the maximum time of service provided before re-authentication.
WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated. This randomly generated key that is periodically replaced. Enter the renewal security time (seconds) in the column. Smaller interval leads to greater security but lower performance. Default is 3600 seconds. Set 0 to disable re-key.
Session Timeout Set the maximum time of service provided before re-authentication. Set to zero to perform another authentication immediately after the first authentication has successfully completed. (The unit is second.) Idle Timeout Set the maximum time that a wireless device may remain idle. (The unit is second.) 3.5.4 Universal Repeater This menu is available only when it is enabled in Wireless LAN>>General Setup. It allows you to specify which AP that remote client can connect to.
z z Open / Shared Mode Encryption Type Choose None to disable the WEP Encryption. Data sent to the AP will not be encrypted. To enable WEP encryption for data transmission, please choose WEP. WEP Keys Four keys can be entered here, but only one key can be selected at a time. The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64-bit encryption level, or restricted to 13 ASCII characters or 26 hexadecimal values in 128-bit encryption level.
3.5.5 Station List Station List provides the knowledge of connecting wireless clients now along with its status code. MAC Address Display the MAC Address for the connecting client. SSID Display the SSID of the connecting client. Auth Display the authentication mode of the connecting client. Encrypt Display the encryption method of the connecting client. Refresh Click this button to refresh current page.
3.6 System Maintenance For the system setup, there are several items that you have to know the way of configuration: Status, Time and Date, and Firmware Upgrade. Below shows the menu items for System Maintenance. 3.6.1 System Status The System Status provides basic network settings of Vigor router. It includes LAN and WAN interface information. Also, you could get the current running firmware version or firmware related information from this presentation. Model Display the model name of the router.
interface. Device Type Display the device type used for wireless LAN. SSID Display the SSID of this router. Channel Display the channel that wireless LAN used. Connected Type Display the network connection type for this router. Link Status Display if current network is connected or not. Default Gateway Display the gateway address of the WAN interface. Primary DNS Display the specified primary DNS setting. Secondary DNS Display the specified secondary DNS setting. 3.6.
3.6.4 Firmware Upgrade Before upgrading your router firmware, you need to install the Router Tools. The Firmware Upgrade Utility is included in the tools. The following web page will guide you to upgrade firmware by using an example. Note that this example is running over Windows OS (Operating System). Download the newest firmware from DrayTek's web site or FTP site. The DrayTek web site is www.draytek.com (or local DrayTek's web site) and FTP site is ftp.draytek.com.
3.7 Diagnostics Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router. Below shows the menu items for Diagnostics. 3.7.1 System Log Click Diagnostics and click System Log to open the web page. Clear Click it to clear this page. Refresh Click it to reload the page. 3.7.2 DHCP Table The facility provides information on IP address assignments. This information is helpful in diagnosing network problems, such as IP address conflicts, etc.
Refresh Click it to reload the page. 3.8 Support Area When you click the menu item under Support Area, you will be guided to visit www.draytek.com and open the corresponding pages directly. Click Support Area>>Application Note, the following web page will be displayed. Click Support Area>>FAQ, the following web page will be displayed.
Click Support Area>>Product Registration, the following web page will be displayed.
4 Admin Mode Operation This chapter will guide users to execute advanced (full) configuration through admin mode operation. 1. Open a web browser on your PC and type http://192.168.1.1. The window will ask for typing username and password. 2. Please type “admin/admin” on Username/Password for administration operation. Now, the Main Screen will appear. Be aware that “Admin mode” will be displayed on the bottom left side. 4.
What are Public IP Address and Private IP Address As the router plays a role to manage and further protect its LAN, it interconnects groups of host PCs. Each of them has a private IP address assigned by the built-in DHCP server of the Vigor router. The router itself will also use the default private IP address: 192.168.1.1 to communicate with the local hosts. Meanwhile, Vigor router will communicate with other network devices through a public IP address.
4.1.1 Internet Access This page allows you to set WAN configuration with different modes. Use the Connection Type drop down list to choose one of the WAN modes. The corresponding page will be displayed. Static IP For static IP mode, you usually receive a fixed public IP address or a public subnet, namely multiple public IP addresses from your DSL or Cable ISP service providers. In most cases, a Cable service provider will offer a fixed public IP, while a DSL service provider will offer a public subnet.
Primary DNS Server You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server. If your ISP does not provide it, the router will automatically apply default DNS Server IP address: 198.95.1.1 to this field. Secondary DNS Server You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server.
PPPoE To choose PPPoE as the accessing protocol of the internet, please select PPPoE from the Internet Access menu. The following web page will be shown. Username Type in the username provided by ISP in this field. Password Type in the password provided by ISP in this field. Confirm Password Re-enter the password for confirmation. Redial Policy If you want to connect to Internet all the time, you can choose Always On. Otherwise, choose Connect on Demand.
Server IP Type in the IP address of the PPTP/L2TP server. User Name Type in the username provided by ISP in this field. Password Type in the password provided by ISP in this field. Address Mode You can choose Static IP or DHCP as WAN IP network setting. IP Address Type the IP address if you choose Static IP as the WAN IP network setting. Subnet Mask Type the subnet mask if you chose Static IP as the WAN IP. Default Gateway Type the gateway address for this router.
After finishing all the settings here, please click OK to activate them. 3G USB Modem If your router connects to a 3G modem and you want to access Internet via 3G modem, choose 3G as connection type and type the required information in this web page. SIM PIN code Type PIN code of the SIM card that will be used to access Internet. Modem Initial String1/2 Such value is used to initialize USB modem. Please use the default value. If you have any question, please contact to your ISP.
4.1.2 3G Backup This page is used to setup 3G backup function. If you enable 3G backup, make sure your WAN connection type is not in 3G mode. When the WAN connection is broken, router will try to keep the connection with 3G mode. After WAN connection is recovered, router will disconnect the 3G connection automatically. Enable 3G Backup Check this box to enable the 3G backup feature. SIM PIN code Type PIN code of the SIM card that will be used to access Internet.
4.2 LAN Local Area Network (LAN) is a group of subnets regulated and ruled by router. The design of network structure is related to what type of public IP addresses coming from your ISP. Basics of LAN The most generic function of Vigor router is NAT. It creates a private subnet of your own. As mentioned previously, the router will talk to other public hosts on the Internet by using public IP address and talking to local hosts by using its private IP address.
What is Routing Information Protocol (RIP) Vigor router will exchange routing information with neighboring routers using the RIP to accomplish IP routing. This allows users to change the information of the router such as IP address and the routers will automatically inform for each other. What is Static Route When you have several subnets in your LAN, sometimes a more effective and quicker way for connection is the Static routes function rather than other method.
IP Address Type in private IP address for connecting to a local private network (Default: 192.168.1.1). Subnet Mask Type in an address code that determines the size of the network. (Default: 255.255.255.0) For IP Routing Usage Click Enable to invoke this function. The default setting is Disable. 2nd IP Address Type in secondary IP address for connecting to a subnet. (Default: 192.168.2.1) 2nd Subnet Mask An address code that determines the size of the network.
Server. If your ISP does not provide it, the router will automatically apply default secondary DNS Server IP address: 194.98.0.1 to this field. If both the Primary IP and Secondary IP Address fields are left empty, the router will assign its own IP address to local users as a DNS proxy server and maintain a DNS cache. If the IP address of a domain name is already in the DNS cache, the router will resolve the domain name immediately.
4.3 NAT Usually, the router serves as an NAT (Network Address Translation) router. NAT is a mechanism that one or more private IP addresses can be mapped into a single public one. Public IP address is usually assigned by your ISP, for which you may get charged. Private IP addresses are recognized only among internal hosts.
4.3.1 Open Ports Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application involved up-to-date to avoid falling victim to any security exploits. Virtual Server Settings Choose Enable to invoke this setting. Protocol Specify the transport layer protocol. It could be TCP, UDP and TCP+UDP.
4.3.2 DMZ Host As mentioned above, Port Redirection can redirect incoming TCP/UDP or other traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (AH), do not travel on a fixed port. Vigor router provides a facility DMZ Host that maps ALL unsolicited data on any protocol to a single host in the LAN.
4.3.3 Session Limit A PC with private IP address can access to the Internet via NAT router. The router will generate the records of NAT sessions for such connection. The P2P (Peer to Peer) applications (e.g., BitTorrent) always need many sessions for procession and also they will occupy over resources which might result in important accesses impacted. To solve the problem, you can use limit session to limit the session procession for specified Hosts.
4.4.1 DoS Defense As a sub-functionality of IP Filter/Firewall, there are 5 types of detect/ defense function in the DoS Defense setup. The DoS Defense functionality is disabled for default. Click Firewall and click DoS Defense to open the setup page. Enable Dos Defense Check the box to activate the DoS Defense Functionality. Enable SYN flood defense Check the box to activate the SYN flood defense function.
will block any packets realizing this attacking activity. OK Click this button to save such profile. Clear All Click this button to clear all of the settings in this page. Cancel Click this button to cancel current operation 4.4.2 MAC/IP/Port Filtering This page allows you to set up to 32 MAC/IP/Port Filtering rules. When you finish the filtering rule, simply click OK. The new rule will be displayed below in this page. MAC/IP/Port Filtering Choose Enable to activate MAC/IP/Port Filtering function.
Source Port Range Determine the port range for the source. Action Accept – the packets that match with such rule will be accepted. Drop – the packets that match with such rule will be blocked. Comment Enter filter set comments/description. Maximum length is 23–character long. OK Click this button to save such profile. Cancel Click this button to cancel current operation. 4.4.3 System Security Stateful Packet Inspection (SPI) is a firewall architecture that works at the network layer.
Once a user type in or click on an URL with objectionable keywords, URL keyword blocking facility will decline the HTTP request to that web page thus can limit user’s access to the website. You may imagine URL Content Filter as a well-trained convenience-store clerk who won’t sell adult magazines to teenagers. At office, URL Content Filter can also provide a job-related only environment hence to increase the employee work efficiency.
To delete the URL setting, simply click that one and click Delete to remove it. 4.5 Applications Below shows the menu items for Applications. 4.5.1 Dynamic DNS The ISP often provides you with a dynamic IP address when you connect to the Internet via your ISP. It means that the public IP address assigned to your router changes each time you access the Internet. The Dynamic DNS feature lets you assign a domain name to a dynamic WAN IP address.
www.dtdns.com, www.changeip.com, www.dynamic- nameserver.com. You should visit their websites to register your own domain name for the router. Service Provider Select the service provider for the DDNS account. If you choose None, such function will be disabled. Domain name Type in one domain name that you applied previously. Use the drop down list to choose the desired domain. Username Type in the login name that you set for applying domain.
4.5.4 IGMP IGMP is the abbreviation of Internet Group Management Protocol. It is a communication protocol which is mainly used for managing the membership of Internet Protocol multicast groups. 4.5.5 UPnP Configuration The UPnP (Universal Plug and Play) protocol is supported to bring to network connected devices the ease of installation and configuration which is already available for directly connected PC peripherals with the existing Windows 'Plug and Play' system.
The UPnP facility on the router enables UPnP aware applications such as MSN Messenger to discover what are behind a NAT router. The application will also learn the external IP address and configure port mappings on the router. Subsequently, such a facility forwards packets from the external ports of the router to the internal ports used by the application.
The UPnP function dynamically adds port mappings on behalf of some UPnP-aware applications. When the applications terminate abnormally, these mappings may not be removed. 4.6 Wireless LAN 4.6.1 Basic Concepts Over recent years, the market for wireless communications has enjoyed tremendous growth. Wireless technology now reaches or is capable of reaching virtually every location on the surface of the earth. Hundreds of millions of people exchange information every day via wireless communication products.
Complete Security Standard Selection: To ensure the security and privacy of your wireless communication, we provide several prevailing standards on market. WEP (Wired Equivalent Privacy) is a legacy method to encrypt each frame transmitted via radio using either a 64-bit or 128-bit key. Usually access point will preset a set of four keys and it will communicate with each station using only one out of the four keys.
Enable Wireless LAN Check the box to enable wireless function. Mode At present, the router can connect to Mixed (11b+11g), 11g Only, 11b Only, Mixed (11g+11n), 11n Only and Mixed (11b+11g+11n) stations simultaneously. Simply choose Mixed (11b+11g+11n) mode. Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN.
choosing the frequency, please select AutoSelect to let system determine for you. OK Click it to save and apply such setting. Packet-OVERDRIVE This feature can enhance the performance in data transmission about 40%* more (by checking Tx Burst). It is active only when both sides of Access Point and Station (in wireless client) invoke this function at the same time. That is, the wireless client must support this feature and invoke the function, too. Note: Vigor N61 wireless adapter supports this function.
4.6.3 Security This page allows you to set security with different modes for SSID 1, 2 and 3 respectively. After configuring the correct settings, please click OK to save and invoke it. By clicking the Security Settings, a new web page will appear so that you could configure the settings. Mode z There are several modes provided for you to choose. Disable The encryption mechanism is turned off. z WEP Accepts only WEP clients and the encryption key should be entered in WEP Key.
WEP Key1-Key4 Four keys can be entered here, but only one key can be selected at a time. The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64-bit encryption level, or restricted to 13 ASCII characters or 26 hexadecimal values in 128-bit encryption level. The allowed content is the ASCII characters from 33(!) to 126(~) except '#' and ','.
z WPA/PSK or WPA2/PSK or Mixed (WPA+WPA2)/PSK Accepts only WPA clients and the encryption key should be entered in PSK. The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. z WPA Algorithm Select TKIP, AES or TKIP/AES as the algorithm for WPA. Pass Phrase Either 8~63 ASCII characters, such as 012345678..
802.1x WEP Disable - Disable the WEP Encryption. Data sent to the AP will not be encrypted. Enable - Enable the WEP Encryption. Click the link of RADIUS Server to access into the following page for more settings. IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them.
idle. (The unit is second.) z WPA/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated.
IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Session Timeout Set the maximum time of service provided before re-authentication.
z WPA2/802.1x The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated.
z IP Address Enter the IP address of RADIUS server. Port The UDP port number that the RADIUS server is using. The default value is 1812, based on RFC 2138. Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Session Timeout Set the maximum time of service provided before re-authentication.
WPA Algorithms Select TKIP, AES or TKIP/AES as the algorithm for WPA. Key Renewal Interval WPA uses shared key for authentication to the network. However, normal network operations use a different encryption key that is randomly generated. This randomly generated key that is periodically replaced. Enter the renewal security time (seconds) in the column. Smaller interval leads to greater security but lower performance. Default is 3600 seconds. Set 0 to disable re-key.
Session Timeout Set the maximum time of service provided before re-authentication. Set to zero to perform another authentication immediately after the first authentication has successfully completed. (The unit is second.) Idle Timeout Set the maximum time that a wireless device may remain idle. (The unit is second.) 4.6.
OK Click it to save the access control list. Cancel Clean all entries in the MAC address list. 4.6.5 WPS WPS (Wi-Fi Protected Setup) provides easy procedure to make network connection between wireless station and wireless access point (vigor router) with the encryption of WPA and WPA2. It is the simplest way to build connection between wireless network clients and vigor router. Users do not need to select any encryption mode and type any long encryption passphrase to setup a wireless client every time.
If you want to use PIN code, you have to know the PIN code specified in wireless client. Then provide the PIN code of the wireless client you wish to connect to the vigor router. Enable WPS Check this box to enable WPS setting. WPS Current Status Display related system information for WPS. If the wireless security (encryption) function of the router is properly configured, you can see ‘Configured’ message here. WPS SSID Display current selected SSID.
to normal condition after two minutes. (You need to setup WPS within two minutes) Configure via Client PinCode Type the PIN code specified in wireless client you wish to connect, and click Start PIN button. The WLAN LED on the router will blink fast when WPS is in progress. It will return to normal condition after two minutes. (You need to setup WPS within two minutes. 4.6.6 WDS WDS means Wireless Distribution System. It is a protocol for connecting two access points (AP) wirelessly.
The major difference between these two modes is that: while in Repeater mode, the packets received from one peer AP can be repeated to another peer AP through WDS links. Yet in Bridge mode, packets received from a WDS link will only be forwarded to local wired or wireless hosts. In other words, only Repeater mode can do WDS-to-WDS packet forwarding. In the following examples, hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links.
Mode Choose the mode for WDS setting. Disable mode will not invoke any WDS setting. Bridge Mode is designed to fulfill the first type of application. Repeater Mode is for the second one. Security There are four types for security, Disabled, WEP, TKIP and Key or Peer Mac Address field valid or not. Choose one of the types for the router. Please disable the unused link to get better performance. Key Type 8 ~ 63 ASCII characters or 64 hexadecimal digits leading by “0x”.
4.6.7 Universal Repeater This menu is available only when it is enabled in Wireless LAN>>General Setup. It allows you to specify which AP that remote client can connect to. The access point can act as a wireless repeater; it can be Station and AP at the same time. It can use Station function to connect to a Root AP and use AP function to serve all wireless stations within its coverage. Note: While using Universal Repeater Mode, the access point will demodulate the received signal.
z z Open / Shared Mode Encryption Type Choose None to disable the WEP Encryption. Data sent to the AP will not be encrypted. To enable WEP encryption for data transmission, please choose WEP. WEP Keys Four keys can be entered here, but only one key can be selected at a time. The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64-bit encryption level, or restricted to 13 ASCII characters or 26 hexadecimal values in 128-bit encryption level.
4.6.8 AP Discovery Vigor router can scan all regulatory channels and find working APs in the neighborhood. Based on the scanning result, users will know which channel is clean for usage. Also, it can be used to facilitate finding an AP for a WDS link. Notice that during the scanning process (about 5 seconds), no client is allowed to connect to Vigor. This page is used to scan the existence of the APs on the wireless LAN. Yet, only the AP which is in the same channel of this router can be found.
4.6.9 WMM Configuration WMM is an abbreviation of Wi-Fi Multimedia. It defines the priority levels for four access categories derived from 802.1d (prioritization tabs). The categories are designed with specific types of traffic, voice, video, best effort and low priority data. There are four accessing categories - AC_BE , AC_BK, AC_VI and AC_VO for WMM. APSD (automatic power-save delivery) is an enhancement over the power-save mechanisms supported by Wi-Fi networks.
transmission, please set greater value for them to get highest transmission opportunity. Specify the value ranging from 0 to 65535. ACM It is an abbreviation of Admission Control Mandatory. It can restrict stations from using specific category class if it is checked. AckPolicy “Uncheck” (default value) the box means the AP router will answer the response request while transmitting WMM packets through wireless connection. It can assure that the peer must receive the WMM packets.
4.7 System Maintenance For the system setup, there are several items that you have to know the way of configuration: System Status, Administrator Password, Configuration Backup, Syslog/Mail Alert, Time and Date, Management, Reboot System, and Firmware Upgrade. Below shows the menu items for System Maintenance. 4.7.1 System Status The System Status provides basic network settings of Vigor router. It includes LAN and WAN interface information.
MAC Address Display the MAC address of the LAN or WAN or WLAN Interface. IP Address Display the MAC address of the LAN or WAN Interface. IP Mask Display the subnet mask address of the LAN or WAN interface. Device Type Display the device type used for wireless LAN. SSID Display the SSID of this router. Channel Display the channel that wireless LAN used. Connected Type Display the network connection type for this router. Link Status Display if current network is connected or not.
When you click OK, the login window will appear. Please use the new password to access into the web configurator for user operation again. 4.7.4 Configuration Backup Backup the Configuration Follow the steps below to backup your configuration. 1. Go to System Maintenance >> Configuration Backup. The following windows will be popped-up, as shown below. 2. Type a key arbitrarily for encrypting the file. Keep the key in mind. You will need it whenever you want to restore such file.
4. Click Save button, the configuration will download automatically to your computer as a file named config.cfg. The above example is using Windows platform for demonstrating examples. The Mac or Linux platform will appear different windows, but the backup function is still available. Note: Backup for Certification must be done independently. The Configuration Backup does not include information of Certificate. Restore Configuration 1. Go to System Maintenance >> Configuration Backup.
4.7.5 Syslog/Mail Alert SysLog function is provided for users to monitor router. There is no bother to directly get into the Web Configurator of the router or borrow debug equipments. Enable (for Syslog Access Setup) Check Enable to activate function of syslog. Server IP Address The IP address of the Syslog server. Destination Port Assign a port for the Syslog protocol. Log Level Choose the severity level for the system log entry.
1. Just set your monitor PC’s IP address in the field of Server IP Address 2. Install the Router Tools in the Utility within provided CD. After installation, click on the Router Tools>>Syslog from program menu. 3. From the Syslog screen, select the router you want to monitor. Be reminded that in Network Information, select the network adapter used to connect to the router. Otherwise, you won’t succeed in retrieving information from the router. 4.7.
Click OK to save these settings. 4.7.7 Management This page allows you to manage the settings for access control, access list, port setup, and SMP setup. For example, as to management access control, the port number is used to send/receive SIP message for building a session. Enable HTTP/ICMP Ping/Telnet Enable the checkbox to allow system administrators to login from the Internet. There are several servers provided by the system to allow you managing the router from Internet.
Note: When the system pops up Reboot System web page after you configure web settings, please click Yes to reboot your router for ensuring normal operation and preventing unexpected errors of the router in the future. 4.7.9 Firmware Upgrade Before upgrading your router firmware, you need to install the Router Tools. The Firmware Upgrade Utility is included in the tools. The following web page will guide you to upgrade firmware by using an example.
4.8 Diagnostics Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router. Below shows the menu items for Diagnostics. 4.8.1 System Log Click Diagnostics and click System Log to open the web page. Clear Click it to clear this page. Refresh Click it to reload the page.
4.8.2 DHCP Table The facility provides information on IP address assignments. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click DHCP Table to open the web page. Host name Display the name of the computer accepted the assigned IP address by this router. IP Address Display the IP address assigned by this router for specified PC. MAC Address Display the MAC address for the specified PC that DHCP assigned IP address for it.
Click Support Area>>FAQ, the following web page will be displayed. Click Support Area>>Product Registration, the following web page will be displayed.
This page is left blank.
5 Trouble Shooting This section will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the web configuration. Please follow sections below to check your basic installation status stage by stage. z Checking if the hardware status is OK or not. z Checking if the network connection settings on your computer are OK or not. z Pinging the router from your computer. z Checking if the ISP settings are OK or not.
5.2 Checking If the Network Connection Settings on Your Computer Is OK or Not Sometimes the link failure occurs due to the wrong network connection settings. After trying the above section, if the link is stilled failed, please do the steps listed below to make sure the network connection settings is OK. For Windows The example is based on Windows XP. As to the examples for other operation systems, please refer to the similar steps or find support notes in www.draytek.com. 1.
4. Select Obtain an IP address automatically and Obtain DNS server address automatically. For MacOs 1. Double click on the current used MacOs on the desktop. 2. Open the Application folder and get into Network. 3. On the Network screen, select Using DHCP from the drop down list of Configure IPv4.
5.3 Pinging the Router from Your Computer The default gateway IP address of the router is 192.168.1.1. For some reason, you might need to use “ping” command to check the link status of the router. The most important thing is that the computer will receive a reply from 192.168.1.1. If not, please check the IP address of your computer. We suggest you setting the network connection as get IP automatically. (Please refer to the section 5.2) Please follow the steps below to ping the router correctly.
5.4 Checking If the ISP Settings are OK or Not Open WAN>>Internet Access page and then check whether the ISP settings are set correctly. Use the Connection Type drop down list to choose Static IP/DHCP/PPPoE/PPTP/L2TP for reviewing the settings that you configured previously.
For Static Users 1. Choose Static IP as the connection type. 2. Check if IP Address, IP Mask and IP Router are set correctly (must identify with the values from your ISP). For PPPoE Users 1. Choose PPPoE as the connection type. 2. Check if Username and Password are set correctly (must identify with the values from your ISP).
For PPTP/L2TP Users 1. Choose PPTP/L2TP as the connection type. 2. Check if Username, Password, IP address, Subnet Mask are entered with correct values that you get from your ISP. 5.5 Forcing Vigor Router into TFTP Mode for Performing the Firmware Upgrade 1. Press and hold the Factory Reset button. The system will power off and power on the Vigor Router. 2. Release the Factory Reset button when the ACT LED and its neighbor LED blink simultaneously. 3. Change your PC IP address to 192.168.1.10. 4.
11. There is a bar showing the upgrading process. 12. When the firmware upgrade is successful, the following window will pop up.
If the message of Request Timeout. Transfer Abort ! appears, please check if the connection between the computer and the Vigor is active or not. And, if the message of Incorrect/No file name. Transfer Abort ! appears, please check if the firmware you download is correct for your Vigor router. Note: Please turn off the Firewall protection while upgrading the firmware with Windows Vista. The Firewall function can be turned off via Control Panel >> Security Center >> Firewall.
5.6 Backing to Factory Default Setting If Necessary Sometimes, a wrong connection can be improved by returning to the default settings. Try to reset the router by software or hardware. Warning: After pressing factory default setting, you will loose all settings you did before. Make sure you have recorded all useful settings before you pressing. Software Reset You can reset the router to factory default via Web page. Go to System Maintenance and choose Reboot System on the web page.
