background image

 

Vigor2100 Series User’s Guide 

53

The reminder as regards concern about Firewall and UPnP: 

Can't work with Firewall Software

 

Enabling firewall applications on your PC may cause the UPnP function not 
working properly. This is because these applications will block the accessing ability 
of some network ports.   

Security Considerations

 

Activating the UPnP function on your network may incur some security threats. You 
should consider carefully these risks before activating the UPnP function. 

 

¾

 

Some Microsoft operating systems have found out the UPnP weaknesses and 
hence you need to ensure that you have applied the latest service packs and 
patches. 

 

¾

 

Non-privileged users can control some router functions, including removing 
and adding port mappings.   

The UPnP function dynamically adds port mappings on behalf of some UPnP-aware 
applications. When the applications terminate abnormally, these mappings may not 
be removed. 

Summary of Contents for Vigor2100G

Page 1: ...t written permission from the copyright holders The scope of delivery and other details are subject to change without prior notice Microsoft is a registered trademark of Microsoft Corp Windows Windows...

Page 2: ...arranty We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Pl...

Page 3: ...rsuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate r...

Page 4: ...rnet Access Type 10 2 3 Online Status for Each Protocol 16 2 4 Status Bar 18 3 AdvancedWebConfiguration 19 3 1 Internet Access 19 3 1 1 Basics of Internet Protocol IP Network 19 3 1 2 PPPoE 20 3 1 3 S...

Page 5: ...83 3 8 6 Management Setup 84 3 8 7 Reboot System 84 3 8 8 Firmware Upgrade 85 3 9 Diagnostics 86 3 9 1 PPPoE PPTP Diagnostics 86 3 9 2 Routing Table 86 3 9 3 ARP Cache Table 87 3 9 4 DHCP Table 87 4...

Page 6: ...Vigor2100 Series User s Guide vi 5 6 Contacting Your Dealer 103...

Page 7: ...s LAN access with data rate as much as up to 54Mbps for Vigor2100G VG For V series model with VoIP phone ports it provides an Internet access solution for your LAN via shared web surfing and countless...

Page 8: ...hone is connected through VoIP VoIP orange Solid light when phone call is via PSTN life line ACT Activity on The router is powered on and running properly orange A normal 10Mbps connection is through...

Page 9: ...orange Solid light when phone call is via PSTN life line ACT Activity on The router is powered on and running properly orange A normal 10Mbps connection is through its corresponding port green A norm...

Page 10: ...n is active Firewall blinking When encountering DoS attacks ACT Activity on The router is powered on and running properly orange A normal 10Mbps connection is through its corresponding port green A no...

Page 11: ...e Connect the other end to the wall outlet of electricity 4 Connect detachable antennas to the router for Vigor2100 series G model 5 Connect Phone port to a conventional analog telephone either corded...

Page 12: ...Vigor2100 Series User s Guide 6 This page is left blank...

Page 13: ...ccess into the web browse with default password first 1 Make sure your computer connects to the router correctly Notice You may either simply set up your computer to get IP dynamically from the router...

Page 14: ...r the login password the default is blank on the field of Old Password Type a new one in the field of New Password and retype it on the field of Retype New Password Then click OK to continue 6 Now the...

Page 15: ...peed NAT the configuration provide here can help you to deploy and use the router quickly The first screen of Quick Start Wizard is entering login password After typing the password please click Next...

Page 16: ...widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single DSL line wireless device or cable modem All the users...

Page 17: ...ssword Always On Check this box to allow the router connecting to Internet forever Dial On Demand Idle Timeout Type in the value unit is second as the idle timeout of the connection When the time is e...

Page 18: ...the password Obtain an IP address automatically Click this selection to get the IP address from the router automatically Specify an IP address Click this selection to specify an IP address and subnet...

Page 19: ...mation that your ISP provides for this protocol WAN IP Type the WAN IP address that obtained from ISP Subnet Mask Type the subnet mask obtained from ISP Gateway Type the gateway address obtained from...

Page 20: ...Vigor2100 Series User s Guide 14 After finishing the settings in this page click Next to see the following page Click Finish The online status of this protocol will be shown as below...

Page 21: ...rotocol Host Name Specify the host name for the router MAC This is an optional setting The router will detect the MAC address automatically If not click Clone MAC Address to obtain it After finishing...

Page 22: ...Pr ro ot to oc co ol l The online status shows the system status WAN status ADSL Information and other status related to this router within one page If you select PPPoE as the protocol you will find...

Page 23: ...face RX Rate Displays the speed of received packets at the WAN interface Up Time Displays the total system uptime of the interface TX Blocks Displays the total number of transmitted ATM Blocks RX Bloc...

Page 24: ...ach time you click OK on the web page for saving the configuration you can find messages showing the system interaction with you Ready indicates the system is ready for you to input settings Settings...

Page 25: ...nd d P Pr ri iv va at te e I IP P A Ad dd dr re es ss s As the router plays a role to manage and further protect its LAN it interconnects groups of host PCs Each of them has a private IP address assi...

Page 26: ...pe in the ISP Name provided by ISP in this field Username Type in the username provided by ISP in this field Password Type in the password provided by ISP in this field Scheduler You can type in four...

Page 27: ...i ic c I IP P For static IP mode you usually receive a fixed public IP address or a public subnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable...

Page 28: ...he physical type WAN IP Network Settings This group allows you to obtain an IP address automatically and allows you type in IP address manually Obtain an IP address automatically Click this button to...

Page 29: ...ant to use Static IP mode IP Address Type the IP address Subnet Mask Type the subnet mask Gateway IP Address Type the gateway IP address DNS Server IP Address Type in the primary IP address for the ro...

Page 30: ...l the schedules can be set previously in Application Schedule web page and you can use the number that you have set in that web page PPP Setup PPP Authentication Select PAP only or PAP or CHAP for PPP...

Page 31: ...ocal hosts by using its private IP address What NAT does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides...

Page 32: ...have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one spec...

Page 33: ...maximum is 253 Gateway IPAddress Enter a value of the gateway IP address for the DHCP server The value is usually as same as the 1st IP address of the router which means the router is the default gat...

Page 34: ...y The benefit of the NAT includes z Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated into one public...

Page 35: ...ic Port Specify which port can be redirected to the specified Private IP and Port of the internal host Private IP Specify the private IP address of the internal host providing the service Private Port...

Page 36: ...t incoming TCP UDP or other traffic on particular ports to the specific private IP address port of host in the LAN However other IP protocols for example Protocols 50 ESP and 51 AH do not travel on a...

Page 37: ...r your selection Enable Check to enable the DMZ Host function Private IP Enter the private IP address of the DMZ host or click Choose PC to select one Choose PC Click this button and then a window wil...

Page 38: ...Internet Access PPPoE you will find that WAN IP appeared for your selection Index Indicate the relative number for the particular entry that you want to offer service in a local host You should click...

Page 39: ...the service offered by the local host End Port Specify the ending port number of the service offered by the local host 3 3 3 3 4 4 W We el ll l K Kn no ow wn n P Po or rt ts s L Li is st t This page...

Page 40: ...et connection or in other words the WAN link status is up or down the IP filter architecture categorizes traffic into two Call Filter and Data Filter z Call Filter When there is no existing Internet c...

Page 41: ...nger application arises communication cannot become much easier Nevertheless while some industry may leverage this as a great tool to connect with their customers some industry may take reserve attitu...

Page 42: ...work better than traditional firewall in the field of filtering Because it checks the URL strings or some of HTTP data hiding in the payload of TCP packets while legacy firewall inspects packets base...

Page 43: ...eral Setup to open the general setup page Call Filter Check Enable to activate the Call Filter function Assign a start filter set for the Call Filter Data Filter Check Enable to activate the Data Filt...

Page 44: ...4 4 3 3 F Fi il lt te er r S Se et tu up p Click Firewall and click Filter Setup to open the setup page There are twelve filter sets provided by this router for users to set different filter rules Si...

Page 45: ...etup page Comments Enter filter set comments description Maximum length is 14 character long Check to enable the Filter Rule Check this box to enable the filter rule Pass or Block Specifies the action...

Page 46: ...t is empty the Start Port and the End Port column will be ignored The filter rule will filter out any port number If the End Port is empty the filter rule will set the port number to be the value of t...

Page 47: ...te er rn ne et t S Se er rv vi ic ce es s This section will show a simple example to restrict someone from accessing WWW services In this example we assume the IP address of the access restricted use...

Page 48: ...tempt to exhaust the limited resource of Vigor router By default the threshold and timeout values are set to 50 packets per second and 10 seconds respectively Enable UDP flood defense Check the box to...

Page 49: ...gor router not to forward any trace route packets Block SYN fragment Check the box to activate the Block SYN fragment function The Vigor router will drop any packets having SYN flag and more fragment...

Page 50: ...messages related to DoS defense will be sent to user and user can review it through Syslog daemon Look for the keyword DoS in the message followed by a name to indicate what kind of attacks is detecte...

Page 51: ...and each frame supports multiple keywords The keyword could be a noun a partial noun or a complete URL string Multiple keywords within a frame are separated by space comma or semicolon In addition the...

Page 52: ...k the box to reject any proxy transmission To control efficiently the limited bandwidth usage it will be of great value to provide the blocking mechanism that filters out the multimedia files download...

Page 53: ...eep 3 3 4 4 6 6 M MA AC C A Ad dd dr re es ss s C Co on nt tr ro ol l Choose IP Filter Firewall Setup on the Advanced Setup group and click the MAC Address Control link Active Check this box to invoke...

Page 54: ...ddress It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server Once the router is online you will be able to use the registered domain name to access the...

Page 55: ...yndns org in the Domain Name block The following two blocks should be typed your account Login Name test and Password test Service Provider Select the service provider for the DDNS account Service Typ...

Page 56: ...of Network Time Protocols NTP As a result you can not only schedule the router to dialup to the Internet at a specified time but also restrict Internet access to certain hours so that users can connec...

Page 57: ...r time the Internet access connection should be disconnected Force Down Office Hour Force On Mon Sun 9 00 am to 6 00 pm 1 Make sure the PPPoE connection and Time Setup is working properly 2 Configure...

Page 58: ...raversal of UPnP enables the multimedia features of your applications to operate This has to manually set up port mappings or use other similar methods The screenshots below show examples of this faci...

Page 59: ...ion on your network may incur some security threats You should consider carefully these risks before activating the UPnP function Some Microsoft operating systems have found out the UPnP weaknesses an...

Page 60: ...index say Index No 1 Then adjust the detailed setting for that one on the field just above E mail Detection Configuration User Name Type the user name or mail account name Password Type the password...

Page 61: ...r to peer direct calling and also calling via a SIP proxy server a role similar to the gatekeeper in H 323 networks while the MGCP protocol uses client server architecture the calling scenario being v...

Page 62: ...er Please refer to the Example 3 in the Calling Scenario Our Vigor V models firstly apply efficient codecs designed to make the best use of available bandwidth but Vigor V models also equip with autom...

Page 63: ...an settings P Ph ho on ne e B Bo oo ok k In this section you can set your VoIP contacts in the phonebook called DialPlan It can help you to make calls quickly and easily by using speed dial Phone Numb...

Page 64: ...ne Number When the VoIP phone is obstructs or the Internet breaks down for some reasons the backup phone will be dialed out to replace the VoIP phone number At this time the phone call will be changed...

Page 65: ...that you want to execute special function according to the chosen mode by using the prefix number Min Len Set the minimal length of the dial number for applying the prefix number settings Take the abo...

Page 66: ...Account Name Display the account name of SIP address before Ring Port Specify which port will ring when receiving a phone call STUN Server Type in the IP address of the STUN server External IP Type in...

Page 67: ...ke the proxy acting as outbound proxy Display Name The caller ID that you want to be displayed on your friend s screen Account Number Name Enter your account name of SIP Address e g every text before...

Page 68: ...user to set phone settings for VoIP 1 RTP Symmetric RTP Check this box to invoke the function To make the data transmission going through on both ends of local router and remote router not misleading...

Page 69: ...umn you can access into the following page for configuring Phone settings Hotline Check the box to enable it Type in the SIP URL in the field for dialing automatically when you pick up the phone set S...

Page 70: ...n CLIR hide caller ID Check this box to hide the caller ID on the display panel of the phone set for the remote side Call Waiting Check this box to invoke this function A notice sound will appear to t...

Page 71: ...ne settings volume gain MISC and DTMF mode Advanced setting is provided for fitting the telecommunication custom for the local area of the router installed Wrong tone settings might cause inconvenienc...

Page 72: ...s recommended for you to use the default setting DTMP DTMF mode There are four selections provided here InBand Choose this one then the Vigor will send the DTMF tone as audio directly when you press t...

Page 73: ...NECTING Indicates that the user is calling out WAIT_ANS Indicates that a connection is launched and waiting for remote user s answer ALERTING Indicates that a call is coming ACTIVE Indicates that the...

Page 74: ...igor2100 Series User s Guide 68 Speaker Gain The volume of present call Log Display logs of VoIP calls 3 3 6 6 5 5 Q Qo oS S This setting allows you to set upstream to have high priority for VoIP call...

Page 75: ...r plays a role as an Access Point AP connecting to lots of wireless clients or Stations STA All the STAs will share the same Internet connection with other wired hosts via Vigor wireless router The Ge...

Page 76: ...cation Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which secur...

Page 77: ...ingle user s access from wired LAN Manage Wireless Stations Station List will display all the station in your wireless network and the status of their connection Below shows the menu items of Wireless...

Page 78: ...N The default channel is 6 You may switch channel if the selected channel is under serious interference Hide SSID Check it to prevent from wireless sniffing and make it harder for unauthorized clients...

Page 79: ...entered in PSK WPA2 PSK Accepts only WPA2 clients and the encryption key should be entered in PSK Mixed WPA WPA2 PSK Accepts WPA and WPA2 clients simultaneously and the encryption key should be enter...

Page 80: ...ight by controlling the wireless LAN MAC address of client Only the valid MAC address that has been configured can access the wireless LAN interface By clicking the Access Control a new web page will...

Page 81: ...D DS S WDS means Wireless Distribution System It is a protocol for connecting two access points AP wirelessly Usually it can be used for the following application y Provide bridge traffic between two...

Page 82: ...he following examples hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links However hosts connected to Bridge 1 CANNOT communicate with hosts connected to...

Page 83: ...please disable the unused link to get better performance If you want to invoke the peer MAC address remember to check Enable box in the front of the MAC address after typing Access Point Function Clic...

Page 84: ...e and click Add Later the MAC address of the AP will be added to the page of WDS setting 3 3 7 7 7 7 S St ta at ti io on n L Li is st t Station List provides the knowledge of connecting wireless clien...

Page 85: ...router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation Model Name Displays the model name o...

Page 86: ...n Displays information about equipped WLAN card driver 3 3 8 8 2 2 A Ad dm mi in ni is st tr ra at to or r P Pa as ss sw wo or rd d This page allows you to set new password Old Password Type in the ol...

Page 87: ...yourself 4 Click Save button the configuration will download automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating examples The Mac or...

Page 88: ...r There is no bother to directly get into the Web Configurator of the router or borrow debug equipments Enable Check Enable to activate this function Server IP Address The IP address of the Syslog ser...

Page 89: ...Se et tu up p It allows you to specify where the time of the router should be inquired from Current System Time Click Inquire Time to get the current time Use Browser Time Select this option to use t...

Page 90: ...rotocol Allow management from the Internet Enable the checkbox to allow system administrators to login from the Internet By default it is not allowed Disable PING from the Internet Check the checkbox...

Page 91: ...ou need to install the Router Tools The Firmware Upgrade Utility is included in the tools The following web page will guide you to upgrade firmware by using an example Note that this example is runnin...

Page 92: ...Broadband Access Mode Status Display the broadband access mode and status If the broadband connection is active it will show Internet access mode is enabled If the connection is idle it will show WAN...

Page 93: ...P T Ta ab bl le e The facility provides information on IP address assignments This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click D...

Page 94: ...below The default Vigor router private IP address Subnet Mask is 192 168 1 1 255 255 255 0 The built in DHCP server is enabled so it assigns every local NATed host an IP address of 192 168 1 x startin...

Page 95: ...Vigor2100 Series User s Guide 89 You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage...

Page 96: ...g Proxy draytel org Act as outbound proxy unchecked Display Name John Account Number Name 1234 Authentication ID unchecked Password Expiry Time use default value CODEC RTP DTMF Use default value John...

Page 97: ...se default value CODEC RTP DTMF Use default value John calls David He picks up the phone and dials 1111 DialPlan Phone Number for David Or He picks up the phone and dials 4321 David s Account Name Set...

Page 98: ...in Realm blank Proxy blank Act as outbound proxy unchecked Display Name Arnor Account Name 1234 Authentication ID unchecked Password blank Expiry Time use default value CODEC RTP DTMF Use default valu...

Page 99: ...click Install Now under Syslog description to install the corresponding program 4 The file RTSxxx exe will be asked to copy onto your computer Remember the place of storing the execution file 5 Go to...

Page 100: ...Programs and choose Router Tools XXX Firmware Upgrade Utility 12 Type in your router IP usually 192 168 1 1 13 Click the button to the right side of Firmware file typing box Locate the files that you...

Page 101: ...Vigor2100 Series User s Guide 95 14 Click Send 15 Now the firmware update is finished...

Page 102: ...If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable connections Re...

Page 103: ...the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Go to Control Panel and then double click on Network Connections 2 Right click on...

Page 104: ...tically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Networ...

Page 105: ...router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP The DOS command dialog will appe...

Page 106: ...in ng gs s a ar re e O OK K o or r N No ot t Click Internet Access group and then check whether the ISP settings are set correctly F Fo or r P PP PP Po oE E U Us se er rs s 1 Check if the Enable opti...

Page 107: ...i ic c U Us se er rs s 1 Check if the Enable option for Broadband Access is selected 2 Check if WAN IP Network Settings is set appropriately 3 Check if IP Address Subnet Mask and Gateway are set corre...

Page 108: ...f fa au ul lt t S Se et tt ti in ng g I If f N Ne ec ce es ss sa ar ry y Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by software or hardwa...

Page 109: ...Then the router will restart with the default configuration After restore the factory default setting you can configure the settings for the router again to fit your personal request 5 5 6 6 C Co on n...

Reviews: