background image

 

VigorFly 200 Series User’s Guide

 

52 

 

802.1x WEP 

Disable

 - Disable the WEP Encryption. Data sent to the AP 

will not be encrypted. 

 

Enable

 - Enable the WEP Encryption. 

Click the link of 

RADIUS Server 

to access into the following page for more settings. 

 

IP Address 

Enter the IP address of RADIUS server. 

Port  

The UDP port number that the RADIUS server is using. 
The default value is 1812, based on RFC 2138. 

Shared Secret 

The RADIUS server and client share a secret that is used to 
authenticate the messages sent between them. Both sides 
must be configured to use the same shared secret. 

Session Timeout 

Set the maximum time of service provided before 
re-authentication. Set to zero to perform another 
authentication immediately after the first authentication has 
successfully completed. (The unit is second.) 

Idle Timeout 

Set the maximum time that a wireless device may remain 

Summary of Contents for VigorFly 200

Page 1: ......

Page 2: ...VigorFly 200 Series User s Guide ii VigorFly 200 Wi Fi Router User s Guide Version 1 0 Date 01 02 2010 ...

Page 3: ...ations on conservation of the environment Warranty We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the pr...

Page 4: ...iate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is enco...

Page 5: ...ing up the Password 12 2 4 2 Setting up the Time and Date 13 2 4 3 Setting up the Internet Connection 13 2 4 4 Setting up the Wireless Connection 19 2 4 5 Saving the Wizard Configuration 26 2 5 Online Status 26 2 6 Saving Configuration 27 3 UserModeOperation 29 3 1 WAN 29 3 1 1 Internet Access 31 3 1 2 3G Backup 37 3 2 LAN 38 3 2 1 General Setup 39 3 3 NAT 41 3 3 1 Open Ports 41 3 3 2 DMZ Host 42 ...

Page 6: ...imit 82 4 4 Firewall 82 4 4 1 DoS Defense 83 4 4 2 MAC IP Port Filtering 84 4 4 3 System Security 85 4 4 4 Content Filtering 85 4 5 Applications 87 4 5 1 Dynamic DNS 87 4 5 2 802 1d Spanning Tree 88 4 5 3 LLTD 88 4 5 4 IGMP 89 4 5 5 UPnP Configuration 89 4 6 Wireless LAN 91 4 6 1 Basic Concepts 91 4 6 2 General Setup 92 4 6 3 Security 95 4 6 4 Access Control 104 4 6 5 WPS 105 4 6 6 WDS 107 4 6 7 U...

Page 7: ...rt Area 124 5 Trouble Shooting 127 5 1 Checking If the Hardware Status Is OK or Not 127 5 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 128 5 3 Pinging the Router from Your Computer 130 5 4 Checking If the ISP Settings are OK or Not 131 5 5 Forcing Vigor Router into TFTP Mode for Performing the Firmware Upgrade 133 5 6 Backing to Factory Default Setting If Necessary 1...

Page 8: ......

Page 9: ...eam upstream capacity for residential needs The integrated 802 11n Draft 2 0 WLAN network offers users stable and reliable wireless connections for high speed multimedia and data traffic by means of WMM WiFi Multimedia 1 1 1 1 W We eb b C Co on nf fi ig gu ur ra at ti io on n B Bu ut tt to on ns s E Ex xp pl la an na at ti io on n Several main buttons appeared on the web pages are defined as the f...

Page 10: ...s not ready WLAN Green LED on WLAN button Blinking Green Blink when wireless traffic goes through Off The WPS is off Blinking Orange Blink with 1 second cycle for 2 minutes WPS is enabled and waiting for wireless client to connect with it WPS Orange LED on WLAN button Blinking Orange Blink when wireless traffic goes through WPS Button Press this button for 2 seconds to wait for client device makin...

Page 11: ...nnect this device to a modem with an Ethernet cable 2 Connect the LAN port to your computer with a RJ 45 cable 3 Connect one end of the power adapter to the Power port of this device Connect the other end to the wall outlet of electricity 4 Power on the router 5 Check the ACT WAN and LAN LEDs to assure network connections For the detailed information of LED status please refer to section 1 1 ...

Page 12: ...via the router The example provided here is made based on Windows XP 2000 For Windows 98 SE Vista please visit www draytek com Before using it please follow the steps below to configure settings for connected computers or wireless clients 1 Connect the printer with the router through USB parallel port 2 Open Start Settings Printer and Faxes 3 Open File Add a New Computer A welcome dialog will appe...

Page 13: ...00 Series User s Guide 5 4 Click Local printer attached to this computer and click Next 5 In this dialog choose Create a new port Type of port and use the drop down list to select Standard TCP IP Port Click Next ...

Page 14: ...e following dialog type 192 168 1 1 router s LAN IP in the field of Printer Name or IP Address and type IP_192 168 1 1 as the port name Then click Next 7 Click Standard and choose Generic Network Card 8 Then in the following dialog click Finish ...

Page 15: ...correct driver loaded onto your PC When you finish the selection click Next 10 For the final stage you need to go back to Control Panel Printers and edit the property of the new printer you have added 11 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and UPR name ...

Page 16: ...g or other additional functions are not supported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support FAQ find out the link of Printer Server and click it then click the What types of printers are compatible with Vigor router link Note 2 Vigor router supports printing request from computers via LAN ports but not WAN por...

Page 17: ...tly Notice You may either simply set up your computer to get IP dynamically from the router or set up the IP address of the computer to be the same subnet as the default IP address of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and type http 192 168 1 1 The following window will be open to ask...

Page 18: ...d type http 192 168 1 1 A pop up window will open to ask for username and password 2 Please type admin admin on Username Password for admin mode Otherwise do not type any word both username and password are Null for user mode on the window and click Login on the window Main screen for admin mode operation full configuration Main screen for user mode operation simple configuration Note The home pag...

Page 19: ...o to System Maintenance page and choose Administration Password 4 Type new user name in the field of Account and new password in the field of Password Then click OK to continue 5 Now the password has been changed Next time use the new username password to access the Web Configurator of this router ...

Page 20: ...can be under an environment with high speed NAT the configuration provide here can help you to deploy and use the router quickly The first screen of Quick Start Wizard is welcome page please click Next 2 2 4 4 1 1 S Se et tt ti in ng g u up p t th he e P Pa as ss sw wo or rd d The first screen of Quick Start Wizard is entering login account and password After typing a new password please click Nex...

Page 21: ...er installed and specify the NTP server s Then click Next for next step 2 2 4 4 3 3 S Se et tt ti in ng g u up p t th he e I In nt te er rn ne et t C Co on nn ne ec ct ti io on n On the next page as shown below please select the appropriate connection type according to the information from your ISP There are five types offered in this page Each connection type will bring out different web page ...

Page 22: ...mask Default Gateway Type the gateway IP address Primary DNS Server Type in the primary IP address for the router Secondary DNS Server Type in secondary IP address for necessity in the future Enable The router will detect the MAC address automatically Or check the box to enable MAC address cloning MAC Address Clone It is available when the box of Enabled is checked Click MAC Address Clone The rout...

Page 23: ...ield of MAC Address Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next P PP PP Po oE E PPPoE stands for Point to Point Protocol over Ethernet It relies on two widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a comm...

Page 24: ...enable router always keep connection Connect On Demand If the connection has been idled over the value the router will drop the connection Idle Time Set the timeout for breaking down the Internet after passing through the time without any action The unit is seconds The range is XX XX MAC Address Clone It is available when the box of Enabled is checked Click MAC Address Clone The router will detect...

Page 25: ...ing IP Address Type the IP address if you choose Static IP as the WAN IP network setting Subnet Mask Type the subnet mask if you chose Static IP as the WAN IP Redial Policy If you want to connect to Internet all the time you can choose Always On Always On Choose it to enable router always keep connection Connect On Demand If the connection has been idled over the value the router will drop the con...

Page 26: ...f the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question ple...

Page 27: ... io on n Now you have to set up the wireless connection Enable Wireless LAN Check the box to enable the wireless function Hide SSID Check this box to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN SSID It means the identification of the wireless LAN SSID can be any text numbers or various special characters The default SSID is DrayTek W...

Page 28: ...ss devices must support the same WEP encryption bit size and have the same key Key 1 Key 4 Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII cha...

Page 29: ... 1x authentication WPA Algorithm Choose the WPA algorithm TKIP AES or TKIP AES Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by 0x such as 0x321253abcde Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that i...

Page 30: ...ation you have to specify WPA mode algorithm Radius server Radius server port and Radius server secret respectively WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RA...

Page 31: ...time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent betwe...

Page 32: ...ormance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With the pre authentication procedure defined in IEEE 802 11i speci...

Page 33: ...w or automatically negotiated via 802 1x authentication WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the colu...

Page 34: ... Sa av vi in ng g t th he e W Wi iz za ar rd d C Co on nf fi ig gu ur ra at ti io on n Now you can see the following screen It indicates that the setup is complete Different types of connection modes will have different summary Click Finish and then restart the router 2 2 5 5 O On nl li in ne e S St ta at tu us s The online status shows the system status WAN status and other status related to this...

Page 35: ...ted packets at the WAN interface TX Rate Displays the speed of transmitted octets at the WAN interface RX Packets Displays the total number of received packets at the WAN interface RX Rate Displays the speed of received octets at the WAN interface Note The words in green mean that the WAN connection of that interface is ready for accessing Internet the words in red mean that the WAN connection of ...

Page 36: ...VigorFly 200 Series User s Guide 28 This page is left blank ...

Page 37: ...o to WAN group B Ba as si ic cs s o of f I In nt te er rn ne et t P Pr ro ot to oc co ol l I IP P N Ne et tw wo or rk k IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid address conflicts IP addresses are publicly registered with the Network Information Centre NIC Having a ...

Page 38: ...ement When a router begins to connect to your ISP a serial of discovery process will occur to ask for a connection Then a session will be created Your user ID and password is authenticated via PAP or CHAP with RADIUS authentication system And your IP address DNS server and other related information will usually be assigned by your ISP N Ne et tw wo or rk k C Co on nn ne ec ct ti io on n b by y 3 3...

Page 39: ... address or a public subnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface To use Static as the accessing protocol of the internet please choos...

Page 40: ... 1 1 to this field Secondary DNS Server You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provide it the router will automatically apply default secondary DNS Server IP address MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically Th...

Page 41: ...ter Name Type in a name for the router It must be the same as the name used in Syslog MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address After finishing all the settings here please click OK to activate them P PP PP Po oE E To choose PPPoE as the accessing p...

Page 42: ...hoose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address After finishin...

Page 43: ...ess Type the IP address if you choose Static IP as the WAN IP network setting Subnet Mask Type the subnet mask if you chose Static IP as the WAN IP Default Gateway Type the gateway address for this router Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing th...

Page 44: ... value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP PPP Username Type the PPP username optional PPP Password...

Page 45: ...p Check this box to enable the 3G backup feature SIM PIN code Type PIN code of the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to di...

Page 46: ...s is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that yo...

Page 47: ...he RIP to accomplish IP routing This allows users to change the information of the router such as IP address and the routers will automatically inform for each other Below shows the LAN menu 3 3 2 2 1 1 G Ge en ne er ra al l S Se et tu up p This page provides you the general settings for LAN Click LAN to open the LAN settings page and choose General Setup IPAddress Type in private IP address for c...

Page 48: ... IP address to every host in the LAN Start IPAddress Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses If the 1st IP address of your router is 192 168 1 1 the starting IP address must be 192 168 1 2 or greater but smaller than 192 168 1 254 End IPAddress Enter a value of the IP address pool for the DHCP server to end with when issuing IP addresses Sub...

Page 49: ...the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes z Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to...

Page 50: ...hen you finish the above settings simply click this button to save it and display on the field of Current Virtual Servers in system Cancel Click this button to clear current configuration Delete Click this button to remove the selected virtual server configuration 3 3 3 3 2 2 D DM MZ Z H Ho os st t Vigor router provides a facility DMZ Host that maps ALL unsolicited data on any protocol to a single...

Page 51: ...est you to add additional filter rules or a secondary firewall Click DMZ Host to open the following page DMZ Settings Check this box to enable the DMZ Host function DMZ IP Address Enter the private IP address of the DMZ host OK Click this button to save such profile Cancel Click this button to clear information on this page ...

Page 52: ...such as www dyndns org www no ip com www dtdns com www changeip com www dynamic nameserver com You should visit their websites to register your own domain name for the router Service Provider Select the service provider for the DDNS account If you choose None such function will be disabled Domain name Type in one domain name that you applied previously Use the drop down list to choose the desired ...

Page 53: ... STA All the STAs will share the same Internet connection via Vigor wireless router The General Settings will set up the information of this wireless network including its SSID as identification located channel etc S Se ec cu ur ri it ty y O Ov ve er rv vi ie ew w Real time Hardware Encryption Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest protection to ...

Page 54: ...ill enhance the over the air data protection and or privacy on your wireless network The Vigor wireless router is very flexible and can support multiple secure connections with both WEP and WPA at the same time Below shows the menu items for Wireless LAN 3 3 5 5 2 2 G Ge en ne er ra al l S Se et tu up p By clicking the General Setup a new web page will appear so that you could configure the SSID a...

Page 55: ...ncy of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea of choosing the frequency please select AutoSelect to let system determine for you Packet OVERDRIVE This feature can enhance the performance in data transmission about 40 more by checking Tx Burst It is active only when both sides of Access Point and Sta...

Page 56: ...e the function Besides it will be displayed on the Wireless LAN for you to access for detailed configuration Open Wireless LAN Universal Repeater Please refer to the corresponding section for detailed information 3 3 5 5 3 3 S Se ec cu ur ri it ty y This page allows you to set security with different modes for SSID 1 2 and 3 respectively After configuring the correct settings please click OK to sa...

Page 57: ...0 Series User s Guide 49 Mode There are several modes provided for you to choose z Disable The encryption mechanism is turned off z WEP Accepts only WEP clients and the encryption key should be entered in WEP Key ...

Page 58: ...y can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and ...

Page 59: ...ork However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key z WEP 802 1x The built in RADIUS client feature enables the router to assist th...

Page 60: ...DIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first a...

Page 61: ...AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set...

Page 62: ... secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless devic...

Page 63: ...umn Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With t...

Page 64: ... same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second z Mixed WPA WPA2 802 1x The WPA encrypts each frame transmitted from th...

Page 65: ...ty time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Click the link of RADIUS Server to access into the following page for more settings IPAddress Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS...

Page 66: ... as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to serve all wireless stations within its coverage Note While using Universal Repeater Mode the access point will demodulate the received signal Please check if this signal is noise for the operating network then have the signal modulated and amplified again The...

Page 67: ... at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and z WPA PSK Mode and WPA2 PSK Mode Encryption Type Select TKIP or AES as the algorithm for WPA Pass Phrase Either 8 63 AS...

Page 68: ...g wireless clients now along with its status code MAC Address Display the MAC Address for the connecting client SSID Display the SSID of the connecting client Auth Display the authentication mode of the connecting client Encrypt Display the encryption method of the connecting client Refresh Click this button to refresh current page ...

Page 69: ...information from this presentation Model Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build System Date Display current time and date for the system server System Uptime Display the connection time for the system server Operation Mode Display the connection mode for the router Memo...

Page 70: ... 6 2 2 U Us se er r P Pa as ss sw wo or rd d This page allows you to set new password for user operation Account Type in the name for login Password Type in new password in this filed When you click OK the login window will appear Please use the new password to access into the web configurator for user operation again 3 3 6 6 3 3 T Ti im me e a an nd d D Da at te e It allows you to specify where t...

Page 71: ...pgrade firmware by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click System Maintenance Firmware Upgrade to launch the Firmware Upgrade Utility Click Browse to locate the newest firmware and clic...

Page 72: ...he page 3 3 7 7 2 2 D DH HC CP P T Ta ab bl le e The facility provides information on IP address assignments This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click DHCP Table to open the web page Host name Display the name of the computer accepted the assigned IP address by this router IP Address Display the IP address assigned by th...

Page 73: ...or rt t A Ar re ea a When you click the menu item under Support Area you will be guided to visit www draytek com and open the corresponding pages directly Click Support Area Application Note the following web page will be displayed Click Support Area FAQ the following web page will be displayed ...

Page 74: ...VigorFly 200 Series User s Guide 66 Click Support Area Product Registration the following web page will be displayed ...

Page 75: ...oup B Ba as si ic cs s o of f I In nt te er rn ne et t P Pr ro ot to oc co ol l I IP P N Ne et tw wo or rk k IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid address conflicts IP addresses are publicly registered with the Network Information Centre NIC Having a unique IP a...

Page 76: ...nt When a router begins to connect to your ISP a serial of discovery process will occur to ask for a connection Then a session will be created Your user ID and password is authenticated via PAP or CHAP with RADIUS authentication system And your IP address DNS server and other related information will usually be assigned by your ISP N Ne et tw wo or rk k C Co on nn ne ec ct ti io on n b by y 3 3G G...

Page 77: ...ubnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface To use Static IP as the accessing protocol of the internet please choose Static mode from ...

Page 78: ...is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address After finishing all the settings here please click OK to activate them D DH HC CP P DHCP allows a user to obtain an IP address automatically from a DHCP server on the Internet If you choose DHCP mode the DHCP server of your ISP will assign a dynamic IP address for your router au...

Page 79: ...ys On Otherwise choose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Addre...

Page 80: ...e subnet mask if you chose Static IP as the WAN IP Default Gateway Type the gateway address for this router Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here M...

Page 81: ...ease use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP PPP Username Type the PPP username optional PPP Password Type the PPP password optional MAC Addre...

Page 82: ...p Check this box to enable the 3G backup feature SIM PIN code Type PIN code of the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to di...

Page 83: ...s is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that yo...

Page 84: ...uters will automatically inform for each other W Wh ha at t i is s S St ta at ti ic c R Ro ou ut te e When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified subnet to another specified subnet without the presence of RIP 4 4 2 2 1 1 G Ge en ...

Page 85: ...to every host in the LAN Disable Server Let you manually assign IP address to every host in the LAN Start IPAddress Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses If the 1st IP address of your router is 192 168 1 1 the starting IP address must be 192 168 1 2 or greater but smaller than 192 168 1 254 End IPAddress Enter a value of the IP address poo...

Page 86: ...shing all the settings here please click OK to activate them 4 4 2 2 2 2 S St ta at ti ic c R Ro ou ut te e Go to LAN to open setting page and choose Static Route It can help to describe one way of configuring path selection of router in computer network Destination Type the IP address for the routing rule applied to Range Choose Host or Net for specifying gateway or netmask setting of such routin...

Page 87: ... the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes z Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated into one public IP address thus you can have only one IP address on behalf of the entire int...

Page 88: ...ecify the transport layer protocol It could be TCP UDP and TCP UDP Public Port Range Specify the starting port number and ending port number of the service offered by the local host Local IP Address Enter the private IP address of the local host Local Port If it is configured the forwarded traffic is mapped to this port on the local host Comment Type words as notification for such virtual server O...

Page 89: ...uch Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc Note The security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional filter rules or a sec...

Page 90: ...so restricts users in the local network from accessing the Internet Furthermore it can filter out specific packets that trigger the router to build an unwanted outgoing connection D De en ni ia al l o of f S Se er rv vi ic ce e D Do oS S D De ef fe en ns se e The DoS Defense functionality helps you to detect and mitigate the DoS attack The attacks are usually categorized into two types the floodin...

Page 91: ...ts from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent UDP packets for a period defined in Timeout The default setting for threshold and timeout are 150 packets per second and 10 seconds respectively Enable ICMP flood defense Check the box to activate the ICMP flood defense function Similar to the UDP flood defense function once if the Th...

Page 92: ...ule simply click OK The new rule will be displayed below in this page MAC IP Port Filtering Choose Enable to activate MAC IP Port Filtering function Default Policy Accepted all the packets that do not match with any rule will be accepted Dropped all the packets that do not match with any rule will be blocked MAC Address Type the MAC address for the router Dest IP Address Type the destination IP ad...

Page 93: ...ntent on the Internet just like other types of media may be inappropriate sometimes As a responsible parent or employer you should protect those in your trust against the hazards With Web filtering service of the Vigor router you can protect your business from common primary threats such as productivity legal liability network and security threats For parents you can protect your children from vie...

Page 94: ...m accidentally downloading malicious codes from web pages It s very common that malicious codes conceal in the executable objects such as ActiveX Java Applet compressed files and other executable files Once downloading these types of files from websites you may risk bringing threat to your system For example an ActiveX control object is usually used for providing interactive web feature If malicio...

Page 95: ... dynamic WAN IP address It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server Once the router is online you will be able to use the registered domain name to access the router or internal virtual servers from the Internet It is particularly helpful if you host a web server FTP server or other server behind the router Before you use the Dynamic DNS fe...

Page 96: ... name that you set for applying domain Password Type in the password that you set for applying domain OK Click it to save and apply such setting Click OK button to activate the settings 4 4 5 5 2 2 8 80 02 2 1 1d d S Sp pa an nn ni in ng g T Tr re ee e The Spanning Tree Protocol STP is a link layer network protocol that ensures a loop free topology for any bridged LAN OK Click it to save and apply...

Page 97: ...s applications inside the firewall to automatically open the ports that they need to pass through a router It is more reliable than requiring a router to work out by itself which ports need to be opened Further the user does not have to manually set up port mappings or a DMZ UPnP is available on Windows XP and the router provide the associated support for MSN Messenger to allow full use of the voi...

Page 98: ...Can t work with Firewall Software Enabling firewall applications on your PC may cause the UPnP function not working properly This is because these applications will block the accessing ability of some network ports Security Considerations Activating the UPnP function on your network may incur some security threats You should consider carefully these risks before activating the UPnP function Some M...

Page 99: ...ust like on a wired LAN as well as Internet access The Vigor wireless routers are equipped with a wireless LAN interface compliant with the standard IEEE 802 11n draft 2 protocol To boost its performance further the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps Hence you can finally smoothly enjoy stream music and video Note The actual data throu...

Page 100: ...ption during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which security suite yo...

Page 101: ...our wireless LAN Depending on the wireless utility the user may only see the information except SSID or just cannot see any thing about Vigor wireless router while site surveying The system allows you to set three sets of SSID for different usage SSID Set a name for the router to be identified Isolate Member Check this box to make the wireless clients stations with the same SSID not accessing for ...

Page 102: ...orts this function Therefore you can use and install it into your PC for matching with Packet OVERDRIVE refer to the following picture of Vigor N61 wireless utility window choose Enable for TxBURST on the tab of Option Universal Repeater If such mode is enabled the access point can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root...

Page 103: ...fter configuring the correct settings please click OK to save and invoke it By clicking the Security Settings a new web page will appear so that you could configure the settings Mode There are several modes provided for you to choose z Disable The encryption mechanism is turned off z WEP Accepts only WEP clients and the encryption key should be entered in WEP Key ...

Page 104: ...y can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and ...

Page 105: ...ork However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key z WEP 802 1x The built in RADIUS client feature enables the router to assist th...

Page 106: ...DIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first a...

Page 107: ...AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set...

Page 108: ...a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless devi...

Page 109: ...lumn Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With ...

Page 110: ...e same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second z Mixed WPA WPA2 802 1x The WPA encrypts each frame transmitted from t...

Page 111: ...ity time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Click the link of RADIUS Server to access into the following page for more settings IPAddress Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIU...

Page 112: ...gured can access the wireless LAN interface By clicking the Access Control a new web page will appear as depicted below so that you could edit the clients MAC addresses to control their access rights deny or allow Policy Select to enable any one of the following policy or disable the policy Choose Activate MAC address filter to type in the MAC addresses for other clients in the network manually Ch...

Page 113: ...ption mode and type any long encryption passphrase to setup a wireless client every time He she only needs to press a button on wireless client and WPS will connect for client and router automatically Note Such function is available for the wireless station with WPS supported There are two methods to do network connection through WPS between AP and Stations pressing the Start PBC button or using P...

Page 114: ...gured message here WPS SSID Display current selected SSID WPS Auth Mode Display current authentication mode of the router Only WPA2 PSK and WPA PSK support WPS WPS Encryp Type Display encryption mode None WEP TKIP AES etc of the router AP PIN The number displayed here is used for remote client entering the registrar s PIN code in remote station to make a network connection Configure via Push Butto...

Page 115: ...wo minutes You need to setup WPS within two minutes 4 4 6 6 6 6 W WD DS S WDS means Wireless Distribution System It is a protocol for connecting two access points AP wirelessly Usually it can be used for the following application y Provide bridge traffic between two LANs through the air y Extend the coverage range of a WLAN To meet the above requirement two WDS modes are implemented in Vigor route...

Page 116: ...d from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the following examples hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links However hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2 Click WDS from Wireless L...

Page 117: ... Peer Mac Address field valid or not Choose one of the types for the router Please disable the unused link to get better performance Key Type 8 63 ASCII characters or 64 hexadecimal digits leading by 0x Peer Mac Address Four peer MAC addresses are allowed to be entered in this page at one time Phy Mode There are three types of transmission rates developed by different techniques for Phy Mode Data ...

Page 118: ...ireless stations within its coverage Note While using Universal Repeater Mode the access point will demodulate the received signal Please check if this signal is noise for the operating network then have the signal modulated and amplified again The output power of this mode is the same as that of WDS and normal AP mode SSID Set a name for the router to be identified MAC Address Optional Type the M...

Page 119: ... at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and z WPA PSK Mode and WPA2 PSK Mode Encryption Type Select TKIP or AES as the algorithm for WPA Pass Phrase Either 8 63 AS...

Page 120: ... by this router RSSI Display the signal strength RSSI is the abbreviation of Receive Signal Strength Indication Channel Display the wireless channel used for the AP that is scanned by this router Encryption Display the encryption mode for the scanned AP Authentication Display the authentication type that the scanned AP applied Scan It is used to discover all the connected AP The results will be sh...

Page 121: ...adio button APSD Capable The default setting is Disable Click Enable to enable the function of automatic power save delivery APSD Aifsn It controls how long the client waits for each data transmission Please specify the value ranging from 1 to 15 Such parameter will influence the time delay for WMM accessing categories For the service of voice or video image please set small value for AC_VI and AC...

Page 122: ...on List provides the knowledge of connecting wireless clients now along with its status code MAC Address Display the MAC Address for the connecting client SSID Display the SSID that the wireless client connects to Auth Display the authentication that the wireless client uses for connection with such AP Encrypt Display the encryption mode used by the wireless client Refresh Click this button to ref...

Page 123: ...tings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation Model Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build System Date Display current time and date for ...

Page 124: ...way Display the gateway address of the WAN interface Primary DNS Display the specified primary DNS setting Secondary DNS Display the specified secondary DNS setting 4 4 7 7 2 2 A Ad dm mi in ni is st tr ra at ti io on n P Pa as ss sw wo or rd d This page allows you to set new password for admin operation Account Type in the name for login Password Type in new password in this filed When you click ...

Page 125: ...n n Follow the steps below to backup your configuration 1 Go to System Maintenance Configuration Backup The following windows will be popped up as shown below 2 Type a key arbitrarily for encrypting the file Keep the key in mind You will need it whenever you want to restore such file Click Backup button to get into the following dialog Click Save button to open another dialog for saving configurat...

Page 126: ...ntly The Configuration Backup does not include information of Certificate R Re es st to or re e C Co on nf fi ig gu ur ra at ti io on n 1 Go to System Maintenance Configuration Backup The following screen will be shown as below 2 Click Browse button to choose the correct configuration file for uploading to the router 3 Click Restore button and wait for few seconds the following picture will tell y...

Page 127: ...yslog protocol Log Level Choose the severity level for the system log entry Enable for Mail Alert Setup Check Enable to activate function of mail alert SMTP Server The IP address of the SMTP server Mail To Assign a mail address for sending mails out Mail From Assign a path for receiving the mail from outside User Name Type the user name for authentication Password Type the password for authenticat...

Page 128: ...minded that in Network Information select the network adapter used to connect to the router Otherwise you won t succeed in retrieving information from the router 4 4 7 7 6 6 T Ti im me e a an nd d D Da at te e It allows you to specify where the time of the router should be inquired from Current Time Click Inquire Time to get the current time Time Zone Select the time zone where the router is locat...

Page 129: ...vided by the system to allow you managing the router from Internet Check the box es to specify Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed List IP Indicate an IP address allowed to login to the router Subnet Mask Represent a subnet mask allowed to login to the router 4 ...

Page 130: ...he Router Tools The Firmware Upgrade Utility is included in the tools The following web page will guide you to upgrade firmware by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click Maintenance Fi...

Page 131: ...Tools provide a useful way to view or diagnose the status of your Vigor router Below shows the menu items for Diagnostics 4 4 8 8 1 1 S Sy ys st te em m L Lo og g Click Diagnostics and click System Log to open the web page Clear Click it to clear this page Refresh Click it to reload the page ...

Page 132: ...ssigned IP address by this router IP Address Display the IP address assigned by this router for specified PC MAC Address Display the MAC address for the specified PC that DHCP assigned IP address for it Expire Time Display the leased time of the specified PC Refresh Click it to reload the page 4 4 9 9 S Su up pp po or rt t A Ar re ea a When you click the menu item under Support Area you will be gu...

Page 133: ...VigorFly 200 Series User s Guide 125 Click Support Area FAQ the following web page will be displayed Click Support Area Product Registration the following web page will be displayed ...

Page 134: ...VigorFly 200 Series User s Guide 126 This page is left blank ...

Page 135: ... Backing to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer for advanced help 5 5 1 1 C Ch he ec ck ki in ng g I If f t th he e H Ha ar rd dw wa ar re e S St ta at tu us s I Is s O OK K o or r N No ot t Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cab...

Page 136: ...fter trying the above section if the link is stilled failed please do the steps listed below to make sure the network connection settings is OK F Fo or r W Wi in nd do ow ws s The example is based on Windows XP As to the examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Go to Control Panel and then double click on Network Connections ...

Page 137: ...omatically and Obtain DNS server address automatically F Fo or r M Ma ac cO Os s 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 ...

Page 138: ...router correctly F Fo or r W Wi in nd do ow ws s 1 Open the Command Prompt window from Start menu Run 2 Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista The DOS command dialog will appear 3 Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time 1ms TTL 255 will appear 4 If the line does not appear please check the IP address se...

Page 139: ...S SP P S Se et tt ti in ng gs s a ar re e O OK K o or r N No ot t Open WAN Internet Access page and then check whether the ISP settings are set correctly Use the Connection Type drop down list to choose Static IP DHCP PPPoE PPTP L2TP for reviewing the settings that you configured previously ...

Page 140: ...as the connection type 2 Check if IP Address IP Mask and IP Router are set correctly must identify with the values from your ISP F Fo or r P PP PP Po oE E U Us se er rs s 1 Choose PPPoE as the connection type 2 Check if Username and Password are set correctly must identify with the values from your ISP ...

Page 141: ...Reset button when the ACT LED and its neighbor LED blink simultaneously 3 Change your PC IP address to 192 168 1 10 4 Open Firmware Upgrade Utility and key in Router IP 192 168 1 1 manually 5 Install Router Tools on one computer that connects to Vigor Router s LAN port 6 Make sure the computer can ping Vigor s LAN IP Default IP is 192 168 1 1 7 Run Router Tools Firmware Upgrade Utility 8 Input Vig...

Page 142: ...VigorFly 200 Series User s Guide 134 11 There is a bar showing the upgrading process 12 When the firmware upgrade is successful the following window will pop up ...

Page 143: ...nd the Vigor is active or not And if the message of Incorrect No file name Transfer Abort appears please check if the firmware you download is correct for your Vigor router Note Please turn off the Firewall protection while upgrading the firmware with Windows Vista The Firewall function can be turned off via Control Panel Security Center Firewall ...

Page 144: ...following screen will appear Choose Using factory default configuration and click OK After few seconds the router will return all the settings to the factory settings H Ha ar rd dw wa ar re e R Re es se et t While the router is running ACT LED blinking press the Factory Reset button and hold for more than 5 seconds When you see the ACT LED blinks rapidly please release the button Then the router w...

Reviews: