VigorNIC 132 Series VDSL2/ADSL2+ PCI-E Card User’s Guide Version: 1.1 Firmware Version: V3.7.
Copyrights © All rights reserved. This publication contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language without written permission from the copyright holders. Trademarks The following trademarks are used in this document: Microsoft is a registered trademark of Microsoft Corp. Windows, Windows 95, 98, Me, NT, 2000, XP, Vista, 7 and Explorer are trademarks of Microsoft Corp.
European Community Declarations Manufacturer: DrayTek Corp. Address: No. 26, Fu Shing Road, Hukou Township, Hsinchu Industrial Park, Hsinchu County, Taiwan 303 Product: VigorNIC 132 Series VDSL2/ADSL2+ PCI-E Card DrayTek Corp. declares that VigorNIC 132 Series of VDSL2/ADSL2+ PCI-E Card are in compliance with the following essential requirements and other relevant provisions of R&TTE 1999/5/EC, ErP 2009/125/EC and RoHS 2011/65/EU.
Table of Contents Part I Installation .................................................................................................................i I-1 Introduction ................................................................................................................................... 1 I-1-1 Indicators and Connectors .................................................................................................. 1 I-2 Installing Your Network Card...........................................
Web User Interface .................................................................................................................... 67 II-2-1 General Setup .................................................................................................................. 67 II-2-1-1 Details Page for LAN – Ethernet TCP/IP and DHCP Setup .........................67 II-2-1-2 Details Page for LAN IPv6 Setup .......................................................70 II-2-2 Bind IP to MAC ......................
IV-1-6 Time and Date............................................................................................................... 142 IV-1-7 Management ................................................................................................................. 143 IV-1-8 Reboot System.............................................................................................................. 146 IV-1-9 Firmware Upgrade .................................................................................
Part I Installation This part will introduce Vigor device and guide to install the device in hardware and software.
I-1 Introduction This is a generic International version of the user guide. Specification, compatibility and features vary by region. For specific user guides suitable for your region or product, please contact local distributor. I-1-1 Indicators and Connectors VigorNIC 132F VigorNIC 132 LED WAN2 Status On DSL Blinking On Blinking ACT Off Blinking Explanation The Fiber WAN is connected (VigorNIC 132F). The Ethernet WAN connection is ready (VigorNIC 132). It will blink while transmitting data.
I-2 Installing Your Network Card Info 2 VigorNIC 132 is being supported by the Windows 7 Generic Ethernet Driver. If you are required to install the driver manually, please download it from www.draytek.com. 1. Power off your computer. 2. Remove the cover of your computer. 3. Choose a spare card slot and insert VigorNIC 132 network card into the card slot. 4.
I-3 Accessing Web Page 1. Open a web browser on your PC and type http://192.168.1.1. The following window will be open to ask for username and password. 2. Please type “admin/admin” as the Username/Password and click Login. Info If you fail to access to the web configuration, please go to “Trouble Shooting” for detecting and solving your problem. 3. Now, the Main Screen will appear. 4. The web page can be logged out according to the chosen condition.
I-4 Changing Password Please change the password for the original security of the card. 1. Open a web browser on your PC and type http://192.168.1.1. A pop-up window will open to ask for username and password. 2. Please type “admin/admin” as Username/Password for accessing into the web user interface with admin mode. 3. Go to System Maintenance page and choose Administrator Password. 4. Enter the login password (the default is “admin”) on the field of Old Password.
I-5 Dashboard Dashboard shows the connection status including System Information, IPv4 Internet Access, IPv6 Internet Access, Interface (physical connection), and Quick Access. Click Dashboard from the main menu on the left side of the main page. A web page with default selections will be displayed on the screen.
I-5-1 Virtual Panel On the top of the Dashboard, a virtual panel (simulating the physical panel of the router) displays the physical interface connection. It will be refreshed every five seconds. When you move and click the mouse cursor on LEDs (except ACT), WAN2, or DSL, related web setting page will be open for you to configure if required. For detailed information about the LED display, refer to I-1-1 LED Indicators and Connectors. I-5-2 Name with a Link A name with a link (e.g.
I-5-3 Quick Access for Common Used Menu All the menu items can be accessed and arranged orderly on the left side of the main page for your request. However, some important and common used menu items which can be accessed in a quick way just for convenience. Look at the right side of the Dashboard. You will find a group of common used functions grouped under Quick Access. The function links of System Status, Dynamic DDNS, TR-069, Schedule, Syslog/Mail Alert, and Firewall Object Setting are displayed here.
I-5-4 GUI Map All the functions the router supports are listed with table clearly in this page. Users can click the function link to access into the setting page of the function for detailed configuration. Click the icon on the top of the main screen to display all the functions. I-5-5 Web Console It is not necessary to use the telnet command via DOS prompt. The changes made by using web console have the same effects as modified through web user interface.
VigorNIC 132 Series User’s Guide 9
I-5-6 Config Backup There is one way to store current used settings quickly by clicking the Config Backup icon. It allows you to backup current settings as a file. Such configuration file can be restored by using System Maintenance>>Configuration Backup. Simply click the icon on the top of the main screen and a pop up dialog will appear. Click Save to store the setting. I-5-7 Logout Click this icon to exit the web user interface.
I-5-8 Online Status I-5-8-1 Physical Connection Such page displays the physical connection status such as LAN connection status, WAN connection status, ADSL information, and so on.
Physical Connection for IPv6 Protocol Detailed explanation (for IPv4) is shown below: Item Description LAN Status Primary DNS-Displays the primary DNS server address for WAN interface. Secondary DNS -Displays the secondary DNS server address for WAN interface. IP Address-Displays the IP address of the LAN interface. TX Packets-Displays the total transmitted packets at the LAN interface. RX Packets-Displays the total received packets at the LAN interface.
Item Description RX Packets-Displays the total received packets at the LAN interface. TX Bytes - Displays the speed of transmitted octets at the LAN interface. RX Bytes - Displays the speed of received octets at the LAN interface. WAN IPv6 Status Info Enable – No in red means such interface is available but not enabled. Yes in green means such interface is enabled. No in red means such interface is not available. Mode - Displays the type of WAN connection (e.g., TSPC).
I-6 Quick Start Wizard Quick Start Wizard can help you to deploy and use the router easily and quickly. Go to Wizards>>Quick Start Wizard. The first screen of Quick Start Wizard is entering login password. After typing the password, please click Next. On the next page as shown below, please select the WAN interface that you use. If DSL interface is used, please choose WAN1; if fiber interface is used, please choose WAN2. At present, only WAN1 is available. Then click Next for next step.
I-6-1 WAN1 (ADSL/VDSL2) WAN1 is specified for ADSL or VDSL2 connection. Available settings are explained as follows: Item Description Display Name Type a name to identify such WAN. DSL Mode Specify the physical mode (Auto, VDSL2 only or ADSL only) for such router manually. You have to select the appropriate Internet access type according to the information from your ISP. For example, you should select PPPoE mode if the ISP provides you PPPoE interface.
I-6-1-1 PPPoE/PPPoA 1. Choose WAN1 as WAN Interface and click the Next button; you will get the following page. Available settings are explained as follows: Item Description Protocol There are two modes offered for you to choose for WAN1 interface. Choose PPPoE/PPPoA as the protocol. 16 For ADSL Only Such field is provided for ADSL only. You have to choose encapsulation and type the values for VPI and VCI. Or, click Auto detect to find out the best values.
2. Primary DNS Type in the primary IP address for the router. Second DNS Type in secondary IP address for necessity in the future. VLAN Tag insertion (VDSL2)/(ADSL) The settings configured in this field are available for WAN1 and WAN2. Enable – Enable the function of VLAN with tag. The router will add specific VLAN number to all packets on the WAN while sending them out. Please type the tag value and specify the priority for the packets sending by WAN1. Disable – Disable the function of VLAN with tag.
18 Back Click it to return to previous setting page. Next Click it to get into the next setting page. Cancel Click it to give up the quick start wizard. 3. After finished the above settings, click Next for viewing summary of such connection. 4. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Then, the system status of this protocol will be shown. 5. Now, you can enjoy surfing on the Internet.
I-6-1-2 MPoA / Static or Dynamic IP 1. Choose WAN1 as WAN Interface and click the Next button; you will get the following page. Available settings are explained as follows: Item Description Protocol There are two modes offered for you to choose for WAN1 interface. Choose MPoA / Static or Dynamic IP as the protocol. For ADSL Only Such field is provided for ADSL only. You have to choose encapsulation and type the values for VPI and VCI. Or, click Auto detect to find out the best values.
20 Second DNS Type in secondary IP address for necessity in the future. VLAN Tag insertion (VDSL2)/(ADSL) The settings configured in this field are available for WAN1 and WAN2. Enable – Enable the function of VLAN with tag. The router will add specific VLAN number to all packets on the WAN while sending them out. Please type the tag value and specify the priority for the packets sending by WAN1. Disable – Disable the function of VLAN with tag. Tag value – Type the value as the VLAN ID number.
Part II Connectivity It means wide area network. Public IP will be used in WAN. It means local area network. Private IP will be used in LAN. Local Area Network (LAN) is a group of subnets regulated and ruled by router. The design of network structure is related to what type of public IP addresses coming from your ISP.
II-1 WAN It allows users to access Internet. Basics of Internet Protocol (IP) Network IP means Internet Protocol. Every device in an IP-based Network including routers, print server, and host PCs, needs an IP address to identify its location on the network. To avoid address conflicts, IP addresses are publicly registered with the Network Information Centre (NIC).
Web User Interface II-1-1 General Setup This section will introduce some general settings of Internet and explain the connection modes for WAN1, WAN2 and WAN3/WAN4 in details. This router supports multiple-WAN function. It allows users to access Internet and combine the bandwidth of the multiple WANs to speed up the transmission through the network. Each WAN port can connect to different ISPs, Even if the ISPs use different technology to provide telecommunication service (such as DSL, Cable modem, etc.).
II-1-1-1 WAN1(ADSL/VDSL2) Vigor device will detect the physical line is connected by ADSL or VDSL2 automatically. Therefore, this page allows you to configure settings for ADSL and VDSL2 at one time. That is, it is not necessary for you to configure different profile settings for ADSL and VDSL2 respectively. Available settings are explained as follows: 24 Item Description Enable Choose Yes to invoke the settings for this WAN interface. Choose No to disable the settings for this WAN interface.
VLAN Tag insertion (VDSL2) The settings configured in this field are available for VDSL2. Enable – Enable the function of VLAN with tag. The router will add specific VLAN number to all packets on the WAN while sending them out. Please type the tag value and specify the priority for the packets sending by WAN1. Disable – Disable the function of VLAN with tag. Tag value – Type the value as the VLAN ID number. The range is form 0 to 4095. Priority – Type the packet priority number for such VLAN.
II-1-1-2 WAN2 (Fiber) WAN2 can be configured for general setting for fiber connection. Available settings are explained as follows: Item Description Enable Choose Yes to invoke the settings for this WAN interface. Choose No to disable the settings for this WAN interface. Display Name Type the description for such WAN interface. VLAN Tag insertion Enable – Enable the function of VLAN with tag. The router will add specific VLAN number to all packets on the WAN while sending them out.
II-1-2 Internet Access For the router supports multi-WAN function, the users can set different WAN settings (for WAN1/WAN2) for Internet Access. Due to different Physical Mode for WAN interface, the Access Mode for these connections also varies. Refer to the following figures for examples. Access Mode for ADSL/VDSL2, Access Mode for Fiber, Available settings are explained as follows: Item Description Index Display the WAN interface.
interface. Advanced This button allows you to configure DHCP client options. DHCP packets can be processed by adding option number and data information when such function is enabled and configured. Enable/Disable – Enable/Disable the function of DHCP Option. Each DHCP option is composed by an option number with data. For example, Option number:100 Data: abcd When such function is enabled, the specified values for DHCP option will be seen in DHCP reply packets.
II-1-2-1 Details Page for PPPoE in WAN1 (Physical Mode: ADSL) To choose PPPoE as the accessing protocol of the Internet, please select PPPoE from the WAN>>Internet Access >>WAN1 page. The following web page will be shown. Available settings are explained as follows: Item Description Enable/Disable Click Enable for activating this function. If you click Disable, this function will be closed and all the settings that you adjusted in this page will be invalid.
network can use another set of PPPoE session (different with the Host PC) to access into Internet. Note: To have PPPoA Pass-through, please choose PPPoA protocol and check the box(es) here. The router will behave like a modem which only serves the PPPoE client on the LAN. That’s, the router will offer PPPoA dial-up connection. WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect.
Fixed IP – Click Yes to use this function and type in a fixed IP address in the box of Fixed IP Address. Default MAC Address – You can use Default MAC Address or specify another MAC address by typing on the boxes of MAC Address for the router. Specify a MAC Address – Type the MAC address for the router manually. Index (1-15) in Schedule Setup - You can type in four sets of time schedule for your request.
II-1-2-2 Details Page for MPoA/Static or Dynamic IP in WAN1 (Physical Mode: ADSL) MPoA is a specification that enables ATM services to be integrated with existing LANs, which use either Ethernet, token-ring or TCP/IP protocols. The goal of MPoA is to allow different LANs to send packets to each other via an ATM backbone. To use MPoA/Static or Dynamic IP as the accessing protocol of the Internet, select Static or Dynamic IP from the WAN>>Internet Access >>WAN1 page. The following web page will appear.
Modem Setting (for ADSL only) It is not necessary to configure settings in these fields for modem settings are prepared for ADSL only. WAN Connection Detection Such function allows you to verify whether network connection is alive or not through ARP Detect or Ping Detect. Mode – Choose ARP Detect, Ping Detect or Always On for the system to execute for WAN detection. If you choose Ping Detect as the detection mode, you have to type required settings for the following items.
II-1-2-3 Details Page for PPPoE/PPPoA in WAN1 (Physical Mode: VDSL) Available settings are explained as follows: Item Description Enable/Disable Click Enable for activating this function. If you click Disable, this function will be closed and all the settings that you adjusted in this page will be invalid. ISP Access Setup Enter your allocated username, password and authentication parameters according to the information provided by your ISP.
PPP/MP Setup PPP Authentication – Select PAP only or PAP or CHAP for PPP. Idle Timeout – Set the timeout for breaking down the Internet after passing through the time without any action. IP Address Assignment Method (IPCP) Usually ISP dynamically assigns IP address to you each time you connect to it and request. In some case, your ISP provides service to always assign you the same IP address whenever you request. In this case, you can fill in this IP address in the Fixed IP field.
Enable/Disable Click Enable for activating this function. If you click Disable, this function will be closed and all the settings that you adjusted in this page will be invalid. Keep WAN Connection Normally, this function is designed for Dynamic IP environments because some ISPs will drop connections if there is no traffic within certain periods of time. Check Enable PING to keep alive box to activate this function.
DNS Server IP Address Type in the primary IP address for the router. If necessary, type in secondary IP address for necessity in the future. After finishing all the settings here, please click OK to activate them. II-1-2-5 Details Page for PPPoE in WAN2 (Physical Mode: Fiber) To choose PPPoE as the accessing protocol of the Internet, please select PPPoE from the WAN>>Internet Access >>WAN2 page. The following web page will be shown.
execute for WAN detection. If you choose Ping Detect as the detection mode, you have to type required settings for the following items. Ping IP – If you choose Ping Detect as detection mode, you also can enable this setting to use current WAN gateway IP address for pinging. With the IP address(es) pinging, Vigor device can check if the WAN connection is on or off. TTL (Time to Live) – Set TTL value of PING operation. MTU It means Max Transmit Unit for packet.
Available settings are explained as follows: Item Description Enable / Disable Click Enable for activating this function. If you click Disable, this function will be closed and all the settings that you adjusted in this page will be invalid. Keep WAN Connection Normally, this function is designed for Dynamic IP environments because some ISPs will drop connections if there is no traffic within certain periods of time. Check Enable PING to keep alive box to activate this function.
WAN IP Network Settings This group allows you to obtain an IP address automatically and allows you type in IP address manually. WAN IP Alias - If you have multiple public IP addresses and would like to utilize them on the WAN interface, please use WAN IP Alias. You can set up to 32 public IP addresses other than the current one you are using. Obtain an IP address automatically – Click this button to obtain the IP address automatically if you want to use Dynamic IP mode.
II-1-2-7 Details Page for IPv6 – Offline in WAN1/WAN2 When Offline is selected, the IPv6 connection will be disabled. II-1-2-8 Details Page for IPv6 – PPP During the procedure of IPv4 PPPoE connection, we can get the IPv6 Link Local Address between the gateway and Vigor device through IPv6CP. Later, use DHCPv6 or accept RA to acquire the IPv6 prefix address (such as: 2001:B010:7300:200::/64) offered by the ISP.
Info At present, the IPv6 prefix can be acquired via the PPPoE mode connection which is available for the areas such as Taiwan (hinet), the Netherlands, Australia and UK. II-1-2-9 Details Page for IPv6 – TSPC Tunnel setup protocol client (TSPC) is an application which could help you to connect to IPv6 network easily. Please make sure your IPv4 WAN connection is OK and apply one free account from hexago (http://gogonet.gogo6.com/page/freenet6-account ) before you try to use TSPC for network connection.
Username Type the name obtained from the broker. It is suggested for you to apply another username and password for http://gogonet.gogo6.com/page/freenet6-account. The maximum length of the name you can set is 63 characters. Password /Confirm Password Type the password assigned with the user name. The maximum length of the name you can set is 19 characters. Tunnel Broker Type the address for the tunnel broker IP, FQDN or an optional port number.
After finished the above settings, click OK to save the settings. II-1-2-11 Details Page for IPv6 – DHCPv6 Client DHCPv6 client mode would use DHCPv6 protocol to obtain IPv6 address from server. Available settings are explained as follows: Item Description Identify Association Choose Prefix Delegation or Non-temporary Address as the identify association. IAID Type a number as IAID. After finished the above settings, click OK to save the settings.
Item Description Static IPv6 Address configuration IPv6 Address – Type the IPv6 Static IP Address. Prefix Length – Type the fixed value for prefix length. Add – Click it to add a new entry. Delete – Click it to remove an existed entry. Current IPv6 Address Table Display current interface IPv6 address. Static IPv6 Gateway Configuration IPv6 Gateway Address - Type your IPv6 gateway address here. After finished the above settings, click OK to save the settings.
II-1-2-13 Details Page for IPv6 – 6in4 Static Tunnel This type allows you to setup 6in4 Static Tunnel for WAN interface. Such mode allows the router to access IPv6 network through IPv4 network. However, 6in4 offers a prefix outside of 2002::0/16. So, you can use a fixed endpoint rather than anycast endpoint. The mode has more reliability. Available settings are explained as follows: Item Description Remote Endpoint IPv4 Address Type the static IPv4 address for the remote server.
Below shows an example for successful IPv6 connection based on 6in4 Static Tunnel mode. II-1-2-14 Details Page for IPv6 – 6rd This type allows you to setup 6rd for WAN interface. Available settings are explained as follows: Item Description 6rd Mode Auto 6rd – Retrieve 6rd prefix automatically from 6rd service provider. The IPv4 WAN must be set as "DHCP". Static 6rd - Set 6rd options manually. IPv4 Border Relay Type the IPv4 addresses of the 6rd Border Relay for a given 6rd domain.
After finished the above settings, click OK to save the settings. Below shows an example for successful IPv6 connection based on 6rd mode.
II-1-3 Multi-PVC/VLAN This router allows you to create multi-PVC for different data transferring for using. Simply go toWAN and select Multi-PVC/VLAN page. II-1-3-1 General The system allows you to set up to eight channels which are ready for choosing as the first PVC line that will be used as multi-PVC. Available settings are explained as follows: Item Description Channel Display the number of each channel.
Click any index (3~5) to get the following web page: Available settings are explained as follows: 50 Item Description Multi-VLAN Channel 3~5 Enable – Click it to enable the configuration of this channel. Disable –Click it to disable the configuration of this channel. WAN Type The connections and interfaces created in every channel may select a specific WAN type to be built upon. In the Multi-PVC application, only the Ethernet WAN type is available.
priority for such VLAN. The range is from 0 to 7. Open WAN Interface for this Channel Check the box to enable relating function. WAN Application – Management – It can be specified for general management (Web configuration/telnet/TR069). If you choose Management, the configuration for this VLAN will be effective for Web configuration/telnet/TR069. IPTV - The IPTV configuration will allow the WAN interface to send IGMP packets to IPTV servers.
II-1-3-2 Advanced Such configuration is applied to upstream packets. Such information will be provided by ISP. Please contact with your ISP for detailed information. Available settings are explained as follows: Item Description QoS Type Select a proper QoS type for the channel according to the information that your ISP provides. PCR It represents Peak Cell Rate. The default setting is “0”. SCR It represents Sustainable Cell Rate. The value of SCR must be smaller than PCR.
Application Notes A-1 How to configure settings for IPv6 Service in VigorNIC 132 Due to the shortage of IPv4 address, more and more countries use IPv6 to solve the problem. However, to continually use the original rich resources of IPv4, both IPv6 and IPv4 networks shall communicate for each other via intercommunication mechanism to complete the shifting job from IPv4 to IPv6 gradually.
2. In the following figure, use the drop down list to choose a proper connection type. Different connection types will bring out different configuration page. Refer to the following: PPP – Dual Stack application, IPv4 and IPv6 services can be utilized at the same time Choose PPP and type the information for PPPoE of IPv4. Access into the setting page for IPv6 service, it is not necessary for you to configure anything. Click OK and open Online Status.
VigorNIC 132 Series User’s Guide 55
TSPC – Tunnel application, both IPv6 hosts communicate through IPv4 network Choose TSPC and type the information for TSPC service. Info While using such mode, you have to make sure the IPv4 network connection is normal. (In the following figure, the TSPC information is obtained from http://gogo6.com/ after applied for the service.) Click OK and open Online Status.
AICCU – Tunnel application Choose AICCU and type the information for AICCU of IPv6. Info While using such mode, you have to make sure the IPv4 network connection is normal. (In the following figure, the AICCU information is obtained from https://www.sixxs.net/main/ after applied for the service.) Click OK and open Online Status.
DHCPv6 Client Choose DHCPv6 Client. Click one of the identity associations and type the IAID number. Click OK and open Online Status.
Static IPv6 Choose Static IPv6. Type IPv6 address, Prefix Length and Gateway Address. Click OK and open Online Status.
6in4 Static Tunnel Choose 6in4 Static Tunnel. Type remote endpoint IPv4 address, 6in4 IPv6 Address, LAN Routed Prefix and Tunnel TTL. Click OK and open Online Status.
6rd Choose 6rd. Type IPv4 Border Relay, IPv4 Mask Length, 6rd Prefix and 6rd Prefix Length. Click OK and open Online Status.
II. Configuring the LAN Settings After finished the WAN settings for IPv6, please configure the LAN settings to make the router’s client get the IPv6 address. 1. Access into the web user interface of Viogr2860. Open LAN>> General Setup. Click the IPv6 tab. 2. In the field of Router Advertisement Server, the default setting is Enable. The client’s PC will ask RADVD service for the Prefix of IPv6 address automatically, and generate an Interface ID by itself to compose a full and unique IPv6 address. 3.
III. Confirming IPv6 Service Run Successfully 1. Make sure you have obtained the correct IPv6 IP address. Get into MS-DOS interface and type the command of “ipconfig”. Refer to the following figure. From the above figure we can see IPv6 IP address has been captured by the system. 2. Use the Ping command to ping any IPv6 address indicating an IPv6 website. For example, www.kame.net is a website supporting IPv4 IP and IPv6 IP services.
3. Connect to the website for IPv6. Open a web browser and type an URL of IPv6, e.g., www.kame.net. If your computer accesses into the website by using IPv6 address, you may see a turtle dancing on the screen. If not, only a steady turtle will be seen. If you can see a turtle dancing on the screen, that means IPv6 service is ready for you to access and utilize.
II-2 LAN Local Area Network (LAN) is a group of subnets regulated and ruled by router. The design of network structure is related to what type of public IP addresses coming from your ISP. The most generic function of Vigor device is NAT. It creates a private subnet of your own. As mentioned previously, the router will talk to other public hosts on the Internet by using public IP address and talking to local hosts by using its private IP address.
What is Routing Information Protocol (RIP) Vigor device will exchange routing information with neighboring routers using the RIP to accomplish IP routing. This allows users to change the information of the router such as IP address and the routers will automatically inform for each other. What is Static Route When you have several subnets in your LAN, sometimes a more effective and quicker way for connection is the Static routes function rather than other method.
Web User Interface II-2-1 General Setup This page provides you the general settings for LAN. Click LAN to open the LAN settings page and choose General Setup. II-2-1-1 Details Page for LAN – Ethernet TCP/IP and DHCP Setup There are two configuration pages for LAN1, Ethernet TCP/IP and DHCP Setup (based on IPv4) and IPv6 Setup. Click the tab for each type and refer to the following explanations for detailed information.
Start IP Address: Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses. If the 2nd IP address of your router is 220.135.240.1, the starting IP address must be 220.135.240.2 or greater, but smaller than 220.135.240.254. IP Pool Counts: Enter the number of IP addresses in the pool. The maximum is 10. For example, if you type 3 and the 2nd IP address of your router is 220.135.240.1, the range of IP address by the DHCP server will be from 220.135.240.2 to 220.135.240.
address must be 192.168.1.2 or greater, but smaller than 192.168.1.254. IP Pool Counts - Enter the maximum number of PCs that you want the DHCP server to assign IP addresses to. The default is 50 and the maximum is 253. Gateway IP Address - Enter a value of the gateway IP address for the DHCP server. The value is usually as same as the 1st IP address of the router, which means the router is the default gateway.
address: 194.109.6.66 to this field. Secondary IP Address - You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server. If your ISP does not provide it, the router will automatically apply default secondary DNS Server IP address: 194.98.0.1 to this field.
It provides 2 daemons for LAN side IPv6 address configuration. One is SLAAC(stateless) and the other is DHCPv6 (Stateful) server. Available settings are explained as follows: Item Description Router Advertisement Server Enable – Click it to enable RADVD server. The router advertisement daemon (radvd) sends Router Advertisement messages, specified by RFC 2461, to a local Ethernet LAN periodically and when requested by a node sending a Router Solicitation message.
Secondary DNS Server –Type another IPv6 address for DNS server if required. Static IPv6 Address configuration IPv6 Address –Type static IPv6 address for LAN. Prefix Length – Type the fixed value for prefix length. Add – Click it to add a new entry. Delete – Click it to remove an existed entry. Current IPv6 Address Table Display current used IPv6 addresses. When you finish the configuration, please click OK to save and exit this page.
II-2-2 Bind IP to MAC This function is used to bind the IP and MAC address in LAN to have a strengthening control in network. When this function is enabled, all the assigned IP and MAC address binding together cannot be changed. If you modified the binding IP or MAC address, it might cause you not access into the Internet. Click LAN and click Bind IP to MAC to open the setup page. Available settings are explained as follows: Item Description Enable Click this radio button to invoke this function.
Refresh Refresh the ARP table listed below to obtain the newest ARP table information. Add or Update IP Address – Type the IP address that will be used for the specified MAC address. Mac Address – Type the MAC address that is used to bind with the assigned IP address. Comment – Type a brief description for the entry. Show Comment – Check this box to display the comment on IP Bind List box. IP Bind List It displays a list for the IP bind to MAC information.
II-3 NAT Usually, the router serves as an NAT (Network Address Translation) router. NAT is a mechanism that one or more private IP addresses can be mapped into a single public one. Public IP address is usually assigned by your ISP, for which you may get charged. Private IP addresses are recognized only among internal hosts.
Web User Interface II-3-1 Port Redirection Port Redirection is usually set up for server related service inside the local network (LAN), such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP address for each server and this public IP address/domain name are recognized by all users.
Each item is explained as follows: Item Description Index Display the number of the profile. Service Name Display the description of the specific network service. WAN Interface Display the WAN IP address used by the profile. Protocol Display the transport layer protocol (TCP or UDP). Public Port Display the port number which will be redirected to the specified Private IP and Port of the internal host. Private IP Display the IP address of the internal host providing the service.
Mode Two options (Single and Range) are provided here for you to choose. To set a range for the specific service, select Range. In Range mode, if the public port (start port and end port) and the starting IP of private IP had been entered, the system will calculate and display the ending IP of private IP automatically. Service Name Enter the description of the specific network service. Protocol Select the transport layer protocol (TCP or UDP). WAN IP Select the WAN IP used for port redirection.
II-3-2 DMZ Host As mentioned above, Port Redirection can redirect incoming TCP/UDP or other traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP protocols, for example Protocols 50 (ESP) and 51 (AH), do not travel on a fixed port. Vigor device provides a facility DMZ Host that maps ALL unsolicited data on any protocol to a single host in the LAN.
Available settings are explained as follows: Item Description Choose Private IP or Active True IP first. Active True IP selection is available for WAN1 only. Private IP Enter the private IP address of the DMZ host, or click Choose PC to select one. Choose IP Click this button and then a window will automatically pop up, as depicted below. The window consists of a list of private IP addresses of all hosts in your LAN network. Select one private IP address in the list to be the DMZ host.
II-3-3 Open Ports Open Ports allows you to open a range of ports for the traffic of special applications. Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella, WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application involved up-to-date to avoid falling victim to any security exploits.
Available settings are explained as follows: Item Description Enable Open Ports Check to enable this entry. Comment Make a name for the defined network application/service. Private IP Enter the private IP address of the local host or click Choose PC to select one. Choose IP - Click this button and, subsequently, a window having a list of private IP addresses of local hosts will automatically pop up. Select the appropriate IP address of the local host in the list.
II-4 Applications Dynamic DNS The ISP often provides you with a dynamic IP address when you connect to the Internet via your ISP. It means that the public IP address assigned to your router changes each time you access the Internet. The Dynamic DNS feature lets you assign a domain name to a dynamic WAN IP address. It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server.
Web User Interface II-4-1 Dynamic DNS Enable the Function and Add a Dynamic DNS Account 1. Assume you have a registered domain name from the DDNS provider, say hostname.dyndns.org, and an account with username: test and password: test. 2. Open Applications>>Dynamic DNS. 3. In the DDNS setup menu, check Enable Dynamic DNS Setup. Available settings are explained as follows: 4. 84 Item Description Enable Dynamic DNS Setup Check this box to enable DDNS function.
If Customized is specified as the service provider, the web page will be changed slightly as follows: Available settings are explained as follows: Item Description Enable Dynamic DNS Account Check this box to enable the current account. If you did check the box, you will see a check mark appeared on the Active column of the previous web page in step 3). Service Provider Select the service provider for the DDNS account. Service Type Select a service type (Dynamic, Custom or Static).
Note that such option is not available when Customized is selected as Service Provider. 5. 86 Provider Host Type the IP address or the domain name of the host which provides related service. Note that such option is available when Customized is selected as Service Provider. Service API Type the API information obtained from DDNS server. Note that such option is available when Customized is selected as Service Provider. (e.g: /dynamic/dns/update.asp?u=jo***&p=jo********&hostname=j* ***.changeip.
Disable the Function and Clear all Dynamic DNS Accounts Uncheck Enable Dynamic DNS Setup, and click Clear All button to disable the function and clear all accounts from the router. Delete a Dynamic DNS Account Click the Index number you want to delete and then click Clear All button to delete the account.
II-4-2 Schedule The Vigor device has a built-in clock which can update itself manually or automatically by means of Network Time Protocols (NTP). As a result, you can not only schedule the router to dialup to the Internet at a specified time, but also restrict Internet access to certain hours so that users can connect to the Internet only during certain hours, say, business hours. The schedule is also applicable to other functions. You have to set your time before set schedule.
Available settings are explained as follows: 3. Item Description Enable Schedule Setup Check to enable the schedule. Start Date (yyyy-mm-dd) Specify the starting date of the schedule. Start Time (hh:mm) Specify the starting time of the schedule. Duration Time (hh:mm) Specify the duration (or period) for the schedule. Action Specify which action Call Schedule should apply during the period of the schedule. Force On -Force the connection to be always on.
Office Hour: (Force On) Mon - Sun 9:00 am to 6:00 pm 1. Make sure the PPPoE connection and Time Setup is working properly. 2. Configure the PPPoE always on from 9:00 to 18:00 for whole week. 3. Configure the Force Down from 18:00 to next day 9:00 for whole week. 4. Assign these two profiles to the PPPoE Internet access profile.
II-4-3 UPnP The UPnP (Universal Plug and Play) protocol is supported to bring to network connected devices the ease of installation and configuration which is already available for directly connected PC peripherals with the existing Windows 'Plug and Play' system. For NAT routers, the major feature of UPnP on the router is “NAT Traversal”. This enables applications inside the firewall to automatically open the ports that they need to pass through a router.
II-4-4 IGMP IGMP is the abbreviation of Internet Group Management Protocol. It is a communication protocol which is mainly used for managing the membership of Internet Protocol multicast groups. Available settings are explained as follows: Item Description Enable IGMP Proxy Check this box to enable this function. The application of multicast will be executed through WAN/LTE/PVC/VLAN port. In addition, such function is available in NAT mode.
II-5 Routing Info For more detailed information about using policy route, refer to Support >>FAQ/Application Notes on www.draytek.com. Web User Interface II-5-1 Static Route Go to LAN >> Static Route. The router offers IPv4 and IPv6 for you to configure the static route. Both protocols bring different web pages. Static Route for IPv4 Available settings are explained as follows: Item Description Index The number (1 to 30) under Index allows you to open next page to set up static route.
Viewing Routing Table Displays the routing table for your reference. Add Static Routes to Private and Public Networks Here is an example (based on IPv4) of setting Static Route in Main Router so that user A and B locating in different subnet can talk to each other via the router. Assuming the Internet access has been configured and the router works properly: use the Main Router to surf the Internet. create a private subnet 192.168.10.0 using an internal Router A (192.168.1.
router, and continuously exchange of IP routing information with different subnets. 2. Click the LAN >> Static Route and click on the Index Number 1. Check the Enable box. Please add a static route as shown below, which regulates all packets destined to 192.168.10.0 will be forwarded to 192.168.1.2. Click OK. Available settings are explained as follows: Item Description Enable Click it to enable this profile. Destination IP Address Type an IP address as the destination of such static route.
Static Route for IPv6 You can set up to 40 profiles for IPv6 static route. Click the IPv6 tab to open the following page: Available settings are explained as follows: Item Description Index The number (1 to 40) under Index allows you to open next page to set up static route. Destination Address Displays the destination address of the static route. Status Displays the status of the static route. Set to Factory Default Clear all of the settings and return to factory default settings.
Network Interface Use the drop down list to specify an interface for this static route. When you finish the configuration, please click OK to save and exit this page.
This page is left blank.
Part III Security While the broadband users demand more bandwidth for multimedia, interactive applications, or distance learning, security has been always the most concerned. The firewall of the Vigor device helps to protect your local network against attack from unauthorized outsiders. It also restricts users in the local network from accessing the Internet. CSM is an abbreviation of Central Security Management which is used to filter URL content to reach a goal of security management.
III-1 Firewall While the broadband users demand more bandwidth for multimedia, interactive applications, or distance learning, security has been always the most concerned. The firewall of the Vigor device helps to protect your local network against attack from unauthorized outsiders. It also restricts users in the local network from accessing the Internet. Furthermore, it can filter out specific packets that trigger the router to build an unwanted outgoing connection.
Stateful Packet Inspection (SPI) Stateful inspection is a firewall architecture that works at the network layer. Unlike legacy static packet filtering, which examines a packet based on the information in its header, stateful inspection builds up a state machine to track each connection traversing all interfaces of the firewall and makes sure they are valid. The stateful firewall of Vigor device not only examines the header information also monitors the state of the connection.
Web User Interface Below shows the menu items for Firewall. III-1-1 General Setup General Setup allows you to adjust settings of IP Filter and common options. Here you can enable or disable the Call Filter or Data Filter. Under some circumstance, your filter set can be linked to work in a serial manner. So here you assign the Start Filter Set only. Also you can configure to Accept incoming fragmented UDP packets. Click Firewall and click General Setup to open the general setup page.
Data Filter Check Enable to activate the Data Filter function. Assign a start filter set for the Data Filter. Accept large incoming… Some on-line games (for example: Half Life) will use lots of fragmented UDP packets to transfer game data. Instinctively as a secure firewall, Vigor device will reject these fragmented packets to prevent attack unless you enable “Accept large incoming fragmented UDP or ICMP Packets”. By checking this box, you can play these kinds of on-line games.
III-1-1-2 Default Rule Page Such page allows you to choose filtering profiles including QoS, Load-Balance policy, WCF, APP Enforcement, URL Content Filter, for data transmission via Vigor device. Available settings are explained as follows: 104 Item Description Filter Select Pass or Block for the packets that do not match with the filter rules. Sessions Control The number typed here is the total sessions of the packets that do not match the filter rule configured in this page.
Codepage - This function is used to compare the characters among different languages. Choose correct codepage can help the system obtain correct ASCII after decoding data from URL and enhance the correctness of URL Content Filter. The default value for this setting is ANSI 1252 Latin I. If you do not choose any codepage, no decoding job of URL will be processed. Please use the drop-down list to choose a codepage. If you do not have any idea of choosing suitable codepage, please open Syslog.
III-1-2 Filter Setup Click Firewall and click Filter Setup to open the setup page. To edit or add a filter, click on the set number to edit the individual set. The following page will be shown. Each filter set contains up to 7 rules. Click on the rule number button to edit each rule. Check Active to enable the rule. Available settings are explained as follows: Item Description Filter Rule Click a button numbered (1 ~ 7) to edit the filter rule. Click the button will open Edit Filter Rule web page.
Available settings are explained as follows: Item Description Check to enable the Filter Rule Check this box to enable the filter rule. Comments Enter filter set comments/description. Maximum length is 14character long. Index(1-15) Set PCs on LAN to work at certain time interval only. You may choose up to 4 schedules out of the 15 schedules pre-defined in Applications >> Schedule setup. The default setting of this field is blank and the function will always work.
To set the IP address manually, please choose Any Address/Single Address/Range Address/Subnet Address as the Address Type and type them in this dialog. In addition, if you want to use the IP range from defined groups or objects, please choose Group and Objects as the Address Type. From the IP Group drop down list, choose the one that you want to apply. Or use the IP Object drop down list to choose the object that you want.
apply to. Source/Destination Port – (=) – when the first and last value are the same, it indicates one port; when the first and last values are different, it indicates a range for the port and available for this service type. (!=) – when the first and last value are the same, it indicates all the ports except the port defined here; when the first and last values are different, it indicates that all the ports except the range defined here are available for this service type.
It will be sent to Syslog server. Please refer to section Syslog/Mail Alert for more detailed information. Advance Setting Click Edit to open the following window. However, it is strongly recommended to use the default settings here. Codepage - This function is used to compare the characters among different languages. Choose correct codepage can help the system obtaining correct ASCII after decoding data from URL and enhance the correctness of URL Content Filter.
VigorNIC 132 Series User’s Guide 111
III-1-3 DoS Defense As a sub-functionality of IP Filter/Firewall, there are 15 types of detect/ defense function in the DoS Defense setup. The DoS Defense functionality is disabled for default. Click Firewall and click DoS Defense to open the setup page. Available settings are explained as follows: 112 Item Description Enable Dos Defense Check the box to activate the DoS Defense Functionality. Select All Click this button to select all the items listed below.
packets per second and 10 seconds, respectively. That means, when 2000 packets per second received, they will be regarded as “attack event” and the session will be paused for 10 seconds. Enable ICMP flood defense Check the box to activate the ICMP flood defense function. Similar to the UDP flood defense function, once if the Threshold of ICMP packets from Internet has exceeded the defined value, the router will discard the ICMP echo requests coming from the Internet.
114 Block TCP flag scan Check the box to activate the Block TCP flag scan function. Any TCP packet with anomaly flag setting is dropped. Those scanning activities include no flag scan, FIN without ACK scan, SYN FINscan, Xmas scan and full Xmas scan. Block Tear Drop Check the box to activate the Block Tear Drop function. Many machines may crash when receiving ICMP datagrams (packets) that exceed the maximum length.
VigorNIC 132 Series User’s Guide 115
Application Notes A-1 How to Configure Certain Computers Accessing to Internet We can specify certain computers (e.g., 192.168.1.10 ~ 192.168.1.20) accessing to Internet through Vigor device. Others (e.g., 192.168.1.31 and 192.168.1.32) outside the range can get the source from LAN only. The way we can use is to set two rules under Firewall. For Rule 1 of Set 2 under Firewall>>Filter Setup is used as the default setting, we have to create a new rule starting from Filter Rule 2 of Set 2. 116 1.
3. Info Check the box of Check to enable the Filter Rule. Type the comments (e.g., block_all). Choose Block If No Further Match for the Filter setting. Then, click OK. In default, the router will check the packets starting with Set 2, Filter Rule 2 to Filter Rule 7. If Block If No Further Match for is selected for Filter, the firewall of the router would check the packets with the rules starting from Rule 3 to Rule 7. The packets not matching with the rules will be processed according to Rule 2. 4.
118 6. A dialog box will be popped up. Choose Range Address as Address Type by using the drop down list. Type 192.168.1.10 in the field of Start IP, and type 192.168.1.20 in the field of End IP. Then, click OK to save the settings. The computers within the range can access into the Internet. 7. Now, check the content of Source IP is correct or not. The action for Filter shall be set with Pass Immediately. Then, click OK to save the settings.
8. Both filter rules have been created. Click OK. Now, all the settings are configured well. Only the computers with the IP addresses within 192.168.1.10 ~ 192.168.1.20 can access to Internet.
III-2 Central Security Management (CSM) CSM is an abbreviation of Central Security Management which is used to filter the URL content to reach a goal of security management. URL Content Filter To provide an appropriate cyberspace to users, Vigor device equips with URL Content Filter not only to limit illegal traffic from/to the inappropriate web sites but also prohibit other web feature where malicious code may conceal.
Web User Interface III-2-1 URL Content Filter Profile To provide an appropriate cyberspace to users, Vigor device equips with URL Content Filter not only to limit illegal traffic from/to the inappropriate web sites but also prohibit other web feature where malicious code may conceal. Once a user type in or click on an URL with objectionable keywords, URL keyword blocking facility will decline the HTTP request to that web page thus can limit user’s access to the website.
Administration Message You can type the message manually for your necessity. Default Message - You can type the message manually for your necessity or click this button to get the default message which will be displayed on the field of Administration Message. You can set eight profiles as URL content filter. Simply click the index number under Profile to open the following web page. Available settings are explained as follows: 122 Item Description Profile Name Type a name for the CSM profile.
Log None – There is no log file will be recorded for this profile. Pass – Only the log about Pass will be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. URL Access Control Enable URL Access Control - Check the box to activate URL Access Control. Note that the priority for URL Access Control is higher than Restrict Web Feature.
Web Feature Enable Restrict Web Feature - Check this box to make the keyword being blocked or passed. Action - This setting is available only when Either: URL Access Control First or Either: Web Feature First is selected. Pass - Allow accessing into the corresponding webpage with the keywords listed on the box below. Block - Restrict accessing into the corresponding webpage with the keywords listed on the box below.
Application Notes A-1 How to Create an Account for MyVigor The website of MyVigor (a server located on http://myvigor.draytek.com) provides several useful services (such as Anti-Spam, Web Content Filter, Anti-Intrusion, and etc.) to filtering the web pages for the sake of protecting your system. To access into MyVigor for getting more information, please create an account for MyVigor. Create an Account via MyVigor Web Site 1. Access into http://myvigor.draytek.com. Find the line of Not registered yet?.
3. Type your personal information in this page and then click Continue. 4. Choose proper selection for your computer and click Continue. 5. Now you have created an account successfully. Click START.
6. Check to see the confirmation email with the title of New Account Confirmation Letter from myvigor.draytek.com. 7. Click the Activate my Account link to enable the account that you created. The following screen will be shown to verify the register process is finished. Please click Login. 8. When you see the following page, please type in the account and password (that you just created) in the fields of UserName and Password.
A-2 How to Block Facebook Service Accessed by the Users via URL Content Filter A. Block the web page containing the word of “Facebook” 128 1. Open Object Settings>>Keyword Object. Click an index number to open the setting page. 2. In the field of Contents, please type facebook. Configure the settings as the following figure. 3. Open CSM>>URL Content Filter Profile. Click an index number to open the setting page. 4. Configure the settings as the following figure. 5.
6. Click the Default Rule tab. Choose the profile just configured from the drop down list in the field of URL Content Filter. Now, users cannot open any web page with the word “facebook” inside. B. Disallow users to play games on Facebook 1. Open Object Settings>>Keyword Object. Click an index number to open the setting page. 2. In the field of Contents, please type apps.facebook. Configure the settings as the following figure.
130 3. Open CSM>>URL Content Filter Profile. Click an index number to open the setting page. 4. Configure the settings as the following figure. 5. When you finished the above steps, please open Firewall>>General Setup. 6. Click the Default Rule tab. Choose the profile just configured from the drop down list in the field of URL Content Filter. Now, users cannot open any web page with the word “facebook” inside.
Part IV Management There are several items offered for the Vigor device system setup: System Status, TR-069, Administrator Password, Configuration Backup, Syslog /Mail Alert, Time and Date, Management, Reboot System, and Firmware Upgrade.
IV-1 System Maintenance For the system setup, there are several items that you have to know the way of configuration: System Status, TR-069, Administrator Password, Configuration Backup, Syslog /Mail Alert, Time and Date, Management, Reboot System, and Firmware Upgrade. Below shows the menu items for System Maintenance.
Web User Interface IV-1-1 System Status The System Status provides basic network settings of Vigor device. It includes LAN and WAN interface information. Also, you could get the current running firmware version or firmware related information from this presentation. Available settings are explained as follows: Item Description Model Name Display the model name of the router. Firmware Version Display the firmware version of the router.
- Display the IP address of the WAN interface. Default Gateway - Display the assigned IP address of the default gateway. IPv6 134 Address - Display the IPv6 address for LAN. Scope - Display the scope of IPv6 address. For example, IPv6 Link Local could only be used for direct IPv6 link. It can't be used for IPv6 internet. Internet Access Mode – Display the connection mode chosen for accessing into Internet.
IV-1-2 TR-069 This device supports TR-069 standard. It is very convenient for an administrator to manage a TR-069 device through an Auto Configuration Server, e.g., VigorACS. Available settings are explained as follows: Item Description ACS Server On Choose the interface for the router connecting to ACS server. ACS Server URL/Username/Password – Such data must be typed according to the ACS (Auto Configuration Server) you want to link.
Port – Sometimes, port conflict might be occurred. To solve such problem, you might change port number for CPE. Username and Password – Type the username and password that VigorACS can use to access into such CPE. Periodic Inform Settings The default setting is Enable. Please set interval time or schedule time for the router to send notification to CPE. Or click Disable to close the mechanism of notification. STUN Settings The default is Disable.
IV-1-3 Administrator Password This page allows you to set new password. Available settings are explained as follows: Item Description Administrator Password Old Password - Type in the old password. The factory default setting for password is “admin”. New Password -Type in new password in this field. The length of the password is limited to 23 characters. Confirm Password -Type in the new password again. When you click OK, the login window will appear.
IV-1-4 Configuration Backup Backup the Configuration Follow the steps below to backup your configuration. 1. Go to System Maintenance >> Configuration Backup. The following page will be popped-up, as shown below. Available settings are explained as follows: 138 Item Description Restore Choose File – Click it to specify a file to be restored.
4. Click Save button, the configuration will download automatically to your computer as a file named config.cfg. The above example is using Windows platform for demonstrating examples. The Mac or Linux platform will appear different windows, but the backup function is still available. Info Backup for Certification must be done independently. The Configuration Backup does not include information of Certificate. Restore Configuration 1. Go to System Maintenance >> Configuration Backup.
IV-1-5 Syslog/Mail Alert SysLog function is provided for users to monitor router. Available settings are explained as follows: Item Description SysLog Access Setup Enable - Check Enable to activate function of syslog. Syslog Save to – Check Syslog Server to save the log to Syslog server. Router Name Display the name for such router configured in System Maintenance>>Management. If there is no name here, simply lick the link to access into System Maintenance>>Management to set the router name.
function while using e-mail application. User Name - Type the user name for authentication. Password - Type the password for authentication. Enable E-mail Alert - Check the box to send alert message to the e-mail box while the router detecting the item(s) you specify here. Click OK to save these settings. For viewing the Syslog, please do the following: 1. Just set your monitor PC’s IP address in the field of Server IP Address 2. Install the Router Tools in the Utility within provided CD.
IV-1-6 Time and Date It allows you to specify where the time of the router should be inquired from. Available settings are explained as follows: Item Description Current System Time Click Inquire Time to get the current time. Use Browser Time Select this option to use the browser time from the remote administrator PC host as router’s system time. Use Internet Time Select to inquire time information from Time Server on the Internet using assigned protocol.
IV-1-7 Management This page allows you to manage the settings for Internet/LAN Access Control, Access List from Internet, Management Port Setup, TLS/SSL Encryption Setup, CVM Access Control and Device Management. The management pages for IPv4 and IPv6 protocols are different. For IPv4 Available settings are explained as follows: Item Description Router Name Type in the router name provided by ISP.
Internet Access Control Allow management from the Internet - Enable the checkbox to allow system administrators to login from the Internet. There are several servers provided by the system to allow you managing the router from Internet. Check the box(es) to specify. Disable PING from the Internet - Check the checkbox to reject all PING packets from the Internet. For security issue, this function is enabled by default.
For IPv6 Available settings are explained as follows: Item Description Management Access Control Allow management from the Internet - Enable the checkbox to allow system administrators to login from the Internet. There are several servers provided by the system to allow you managing the router from Internet. Check the box(es) to specify. Disable PING from the Internet - Check the checkbox to disable all PING packets from the Internet. For security issue, this function is enabled by default.
IV-1-8 Reboot System The Web user interface may be used to restart your router. Click Reboot System from System Maintenance to open the following page. Index (1-15) in Schedule Setup - You can type in four sets of time schedule for performing system reboot. All the schedules can be set previously in Applications >> Schedule web page and you can use the number that you have set in that web page.
IV-1-9 Firmware Upgrade Download the newest firmware from DrayTek's web site or FTP site. The DrayTek web site is www.DrayTek.com (or local DrayTek's web site) and FTP site is ftp.DrayTek.com. Click System Maintenance>> Firmware Upgrade to launch the Firmware Upgrade Utility. Choose the right firmware by clicking Select. Then, click Upgrade. The system will upgrade the firmware of the router automatically. Click OK. The following screen will appear. Please execute the firmware upgrade utility first.
This page is left blank.
Part V Others Define objects such as IP address, service type, keyword, file extension and others. These pre-defined objects can be applied in CSM.
V-1 Objects Settings For IPs in a range and service ports in a limited range usually will be applied in configuring router’s settings, therefore we can define them with objects and bind them with groups for using conveniently. Later, we can select that object/group that can apply it. For example, all the IPs in the same department can be defined with an IP object (a range of IP address).
Web User Interface V-1-1 IP Object You can set up to 192 sets of IP Objects with different conditions. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the object profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2.
Available settings are explained as follows: Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose a proper interface. For example, the Direction setting in Edit Filter Rule will ask you specify IP or IP range for WAN or LAN/RT/VPN or any IP address.
selected. 3. Subnet Mask Type the subnet mask if the Subnet Address type is selected. Invert Selection If it is checked, all the IP addresses except the ones listed above will be applied later while it is chosen. After finishing all the settings here, please click OK to save the configuration. Below is an example of IP objects settings.
V-1-2 IP Group This page allows you to bind several IP objects into one IP group. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the group profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2.
Available settings are explained as follows: 3. Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Interface Choose WAN, LAN or Any to display all the available IP objects with the specified interface. Available IP Objects All the available IP objects with the specified interface chosen above will be shown in this box. Selected IP Objects Click >> button to add the selected IP objects in this box.
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: 3. 156 Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Address Type Determine the address type for the IPv6 address. Select Single Address if this object contains one IPv6 address only.
V-1-4 IPv6 Group This page allows you to bind several IPv6 objects into one IPv6 group. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the group profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2.
Available settings are explained as follows: 3. Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Available IPv6 Objects All the available IPv6 objects with the specified interface chosen above will be shown in this box. Selected IPv6 Objects Click >> button to add the selected IPv6 objects in this box. After finishing all the settings, please click OK to save the configuration.
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Protocol Specify the protocol(s) which this profile will apply to. Source/Destination Port Source Port and the Destination Port columns are available for TCP/UDP protocol.
3. After finishing all the settings, please click OK to save the configuration. V-1-6 Service Type Group This page allows you to bind several service types into one group. Available settings are explained as follows: 160 Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the group profile.
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Group column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: 3. Item Description Name Type a name for this profile. Maximum 15 characters are allowed. Available Service Type Objects All the available service objects that you have added on Objects Setting>>Service Type Object will be shown in this box.
V-1-7 Keyword Object You can set 200 keyword object profiles for choosing as black /white list in CSM >>URL Web Content Filter Profile. Available settings are explained as follows: 162 Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the object profile.
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: 3. Item Description Name Type a name for this profile, e.g., game. Maximum 15 characters are allowed. Contents Type the content for such profile. For example, type gambling as Contents.
V-1-8 Keyword Group This page allows you to bind several keyword objects into one group. The keyword groups set here will be chosen as black /white list in CSM >>URL /Web Content Filter Profile. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the group profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g.
Available settings are explained as follows: Item Description Name Type a name for this group. Maximum 15 characters are allowed. Available Keyword Objects You can gather keyword objects from Keyword Object page within one keyword group. All the available Keyword objects that you have created will be shown in this box. Selected Keyword Objects 3. Click this box. button to add the selected Keyword objects in After finishing all the settings, please click OK to save the configuration.
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Profile column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: 3. 166 Item Description Profile Name Type a name for this profile. The maximum length of the name you can set is 7 characters. Type a name for such profile and check all the items of file extension that will be processed in the router.
Part VI Troubleshooting This part will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the web configuration.
VI-1Diagnostics This section will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the web configuration. Please follow sections below to check your basic installation status stage by stage. Checking if the hardware status is OK or not. Checking if the network connection settings on your computer are OK or not. Pinging the router from your computer. Checking if the ISP settings are OK or not.
Web User Interface Fisrt, take a look at the menu items under Diagnostics. Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor device. VI-1-1 Dial-out Triggering Click Diagnostics and click Dial-out Triggering to open the web page. The internet connection (e.g., PPPoE) is triggered by a package sending from the source IP address.
VI-1-2 Routing Table Click Diagnostics and click Routing Table to open the web page. Available settings are explained as follows: 170 Item Description Refresh Click it to reload the page.
VI-1-3 ARP Cache Table Click Diagnostics and click ARP Cache Table to view the content of the ARP (Address Resolution Protocol) cache held in the router. The table shows a mapping between an Ethernet hardware address (MAC Address) and an IP address. Available settings are explained as follows: Item Description Refresh Click it to reload the page.
VI-1-4 IPv6 Neighbour Table The table shows a mapping between an Ethernet hardware address (MAC Address) and an IPv6 address. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click IPv6 Neighbour Table to open the web page. Available settings are explained as follows: 172 Item Description Refresh Click it to reload the page.
VI-1-5 DHCP Table The facility provides information on IP address assignments. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click DHCP Table to open the web page. and Available settings are explained as follows: Item Description Index It displays the connection item number. IP Address It displays the IP address assigned by this router for specified PC.
HOST ID It displays the host ID name of the specified PC. Refresh Click it to reload the page. VI-1-6 NAT Sessions Table Click Diagnostics and click NAT Sessions Table to open the list page. Available settings are explained as follows: 174 Item Description Private IP:Port It indicates the source IP address and port of local PC. #Pseudo Port It indicates the temporary port of the router used for NAT. Peer IP:Port It indicates the destination IP address and port of remote host.
VI-1-7 DNS Cache Table Click Diagnostics and click DNS Cache Table to open the web page. The record of domain Name and the mapping IP address for answering the DNS query from LAN will be stored on Vigor device’s Cache temporarily and displayed on Diagnostics >> DNS Cache Table. Available settings are explained as follows: Item Description Clear Click this link to remove the result on the window. Refresh Click it to reload the page. When an entry’s TTL is larger than….
VI-1-8 Ping Diagnosis Click Diagnostics and click Ping Diagnosis to open the web page. or Available settings are explained as follows: 176 Item Description IPV4 /IPV6 Choose the interface for such function. Ping through Use the drop down list to choose the WAN/LTE interface that you want to ping through or choose Unspecified to be determined by the router automatically. Ping to Use the drop down list to choose the destination that you want to ping.
displayed on the screen. Clear Click this link to remove the result on the window. VI-1-9 Data Flow Monitor This page displays the running procedure for the IP address monitored and refreshes the data in an interval of several seconds. Click Diagnostics and click Data Flow Monitor to open the web page. You can click IP Address, TX rate, RX rate or Session link for arranging the data display.
Sessions Display the session number that you specified in Limit Session web page. Action Block - can prevent specified PC accessing into Internet within 5 minutes. Unblock –The device with the IP address will be blocked for five minutes. The remaining time will be shown on the session column. Click it to cancel the IP address blocking. Current /Peak/Speed 178 Current means current transmission rate and receiving rate for WAN interface.
VI-1-10 Trace Route Click Diagnostics and click Trace Route to open the web page. This page allows you to trace the routes from router to the host. Simply type the IP address of the host in the box and click Run. The result of route trace will be shown on the screen. or Available settings are explained as follows: Item Description IPv4 / IPv6 Click one of them to display corresponding information for it. Trace through Use the drop down list to choose the interface that you want to ping through.
Protocol Use the drop down list to choose the protocol that you want to ping through. Host/IP Address It indicates the IP address of the host. Trace Host/IP Address It indicates the IPv6 address of the host. Run Click this button to start route tracing work. Clear Click this link to remove the result on the window. VI-1-11 IPv6 TSPC Status IPv6 TSPC status web page could help you to diagnose the connection status of TSPC.
VI-1-12 DSL Status Such page is useful for RD debug or web technician.
VI-2 Checking If the Hardware Status Is OK or Not Follow the steps below to verify the hardware status. 182 1. Check the power line and LAN cable connections. Refer to “I-2 Hardware Installation” for details. 2. Make sure the ACT LED on the card blink once per second. 3. If not, it means that there is something wrong with the hardware status. Simply back to “I-2 Hardware Installation” to execute the hardware installation again. And then, try again.
VI-3 Checking If the Network Connection Settings on Your Computer Is OK or Not Sometimes the link failure occurs due to the wrong network connection settings. After trying the above section, if the link is stilled failed, please do the steps listed below to make sure the network connection settings is OK. For Windows Info The example is based on Windows 7. As to the examples for other operation systems, please refer to the similar steps or find support notes in www.DrayTek.com. 1.
184 4. Select Internet Protocol Version 4 (TCP/IP) and then click Properties. 5. Select Obtain an IP address automatically and Obtain DNS server address automatically. Finally, click OK.
For Mac OS 1. Double click on the current used Mac OS on the desktop. 2. Open the Application folder and get into Network. 3. On the Network screen, select Using DHCP from the drop down list of Configure IPv4.
VI-4 Pinging the Device from Your Computer The default gateway IP address of the device is 192.168.1.1. For some reason, you might need to use “ping” command to check the link status of the device. The most important thing is that the computer will receive a reply from 192.168.1.1. If not, please check the IP address of your computer. We suggest you setting the network connection as get IP automatically. (Please refer to the previous section VI-3) Please follow the steps below to ping the router correctly.
VigorNIC 132 Series User’s Guide 187
VI-5 Checking If the ISP Settings are OK or Not If WAN connection cannot be up, check if the LEDs (according to the LED explanations listed on section I-2) are correct or not. If the LEDs are off, please: Change the Physical Type from Auto negotiation to other values (e.g., 100M full duplex). Next, change the physical type of modem (e.g., DSL/FTTX(GPON)/Cable modem) offered by ISP with the same value configured in Vigor device. Check if the LEDs on Vigor device are on or not.
VI-6 Backing to Factory Default Setting If Necessary Sometimes, a wrong connection can be improved by returning to the default settings. Try to reset the router by software or hardware. Such function is available in Admin Mode only. Info After pressing factory default setting, you will loose all settings you did before. Make sure you have recorded all useful settings before you pressing. The password of factory default is null. Software Reset You can reset the router to factory default via Web page.
VI-7 Contacting DrayTek If the router still cannot work correctly after trying many efforts, please contact your dealer for further help right away. For any questions, please feel free to send e-mail to support@DrayTek.com.
This page is left blank.
Part VII Telnet Commands 192 VigorNIC 132 Series User’s Guide
Accessing Telnet of VigorNIC 132 This chapter also gives you a general description for accessing telnet and describes the firmware versions for the routers explained in this manual. Info For Windows 7 user, please make sure the Windows Features of Telnet Client has been turned on under Control Panel>>Programs. Type cmd and press Enter. The Telnet terminal will be open later. In the following window, type Telnet 192.168.1.1 as below and press Enter.
For users using previous Windows system (e.g., 2000/XP), simply click Start >> Run and type Telnet 192.168.1.1 in the Open box as below. Next, type admin/admin for Account/Password. And, type ? to get a list of valid/common commands.
Telnet Command: adsl txpct /adsl rxpct This command allows the user to adjust the percentage of data transmission (receiving/transmitting) for QoS application. Syntax adsl txpct [auto:percent] adsl rxpct [auto:percent] Parameter Description auto It means auto detection of ADSL transmission packet. percent Specify the percentage of ADSL transmission packet. Available range is 10-100.
Parameter Description ? Display the command syntax of “adsl ppp”. pvc_no It means the PVC number and the adjustable range is from 0 (Channel-1) to 7(Channel-8). Encap Different numbers represent different modes. 0 : VC_MUX, 1: LLC/SNAP, 2: LLC_Bridge, 3: LLC_Route, 4: VCMUX_Bridge 5: VCMUX_Route, 6: IPoE. Proto It means the protocol used to connect Internet. Different numbers represent different protocols. 0: PPPoA, 1: PPPoE, 2: MPoA. Modu 0: T1.413, 2: G.
AcquireIP: Dhcp_client(1) Idle timeout:-1 Username=draytek Password=draytek Telnet Command: adsl bridge This command can specify a LAN port (LAN1 to LAN4) for mapping to certain PVC, and the mapping port/PVC will be operated in bridge mode. Syntax adsl bridge [pvc_no/status/save/enable/disable] [on/off/clear/tag tag_no] [service type] [px ... ] Syntax Description Parameter Description pvc_no It means pvc number and must be between 0(Channel 1) to 7(Channel 8).
Telnet Command: adsl idle This command can make the router accessing into the idle status. If you want to invoke the router again, you have to reboot the router by using “reboot” command. Syntax adsl idle [on | tcpmessage | tcpmessage_off] Syntax Description Parameter Description on DSL is under test mode. DSL debug tool mode is off. DSL debug tool mode is on. DSL debug tool mode is off. tcpmessage tcpmessage_off Example > % % > % adsl idle on DSL is under [IDLE/QUIET] test mode.
Telnet Command: adsl oamlb This command is used to test if the connection between CPE and CO is OK or not. Syntax adsl oamlb [n][type] adsl oamlb chklink [on/off] adsl oamlb [log_on/log_off] Syntax Description Parameter Description n It means the total number of transmitted packets. type It means the protocol that you can use. 1 – for F4 Seg-to-Seg (VP level) 2 – for F4 End-to-End (VP level) 4 – for F5 Seg-to-Seg (VC level) 5 – for F5 End-to-End (VC level) chklink Check the DSL connection.
Telnet Command: adsl annex This command can display the annex interface of this router. Example > adsl annex % hardware is annex B. % modem code is annex B; built at 01/15,07:34. Telnet Command: adsl automode This command is used to add or remove ADSL modes (such as ANNEXL, ANNEXM and ANNEXJ) supported by Multimode. Syntax adsl automode [add|remove|set|default|show] [adsl_mode] Syntax Description Parameter Description add It means to add ADSL mode. remove It means to remove ADSL mode.
----------------------------------------------------------------------------Bin SNR Gain Bi - Bin SNR Gain Bi - Bin SNR Gain Bi - Bin SNR Gain Bi dB .1dB ts dB .1dB ts dB .1dB ts dB .1dB ts --- ----- ---- -- - --- ----- ---- -- - --- ----- ---- -- - --- ----- ---- ---- ----- ---- -- - --- ----- ---- -- - --- ----- ---- -- - --- ----- ---- -Bin SNR Gain Bi - Bin SNR Gain Bi - Bin SNR Gain Bi - Bin SNR Gain Bi dB .1dB ts dB .1dB ts dB .1dB ts dB .
This command allows you to configure user-defined CPE vendor ID. Syntax adsl vendorid [status/on/off/ set vid0 vid1] Syntax Description Parameter Description status Display current status of user-defined vendor ID. on Enable the user-defined function. off Disable the user-defined function. set vid0 vid1 It means to set user-defined vendor ID with vid0 and vid1. The vendor ID shall be set with HEX format, ex: 00fe7244: 79612f21.
0 1 0 1 2 200 2 3 0 3 4 0 4 5 0 5 6 0 6 7 0 7 8 0 > adsl atm mbs 2 300 max % MBS is 300 for pvc 2. Telnet Command: adsl pvcbinding This command can configure PVC to PVC binding. Such command is available only for PPPoE and MPoA 1483 Bridge mode. Syntax adsl pvcbinding [pvc_x pvc_y | status | -1 ] Syntax Description Parameter Description pvc_x It means the PVC number for the source. pvc_y It means the PVC number that the source PVC will be bound to. status Display a table for PVC binding group.
ITU Version[0] : b5004946 ITU Version[1] : 544e0000 VDSL Firmware Version : 05-04-08-00-00-06 Power Management Mode : DSL_G997_PMS_NA Test Mode : DISABLE ---------------------- ATU-C Info --------------------------------Far Current Attenuation : 0 dB Far SNR Margin : 0 dB CO ITU Version[0] : 00000000 CO ITU Version[1] : 00000000 DSLAM CHIPSET VENDOR : < unknown > > Telnet Command: vdsl idle This command can make the router accessing into the idle status.
This command can display the annex interface of this router. Example > vdsl annex % hardware is annex A. % ADSL modem code is annex A Telnet Command: vdsl showbins This command can display the allocation for each Bin (Tone) SNR, Gain, and Bits. Syntax vdsl showbins [startbin endbin | up] Syntax Description Parameter Description startbin endbin up The number is between 0 ~ 4092. The number is between 4 ~ 4095. Show upstream information.
Type “off” for disabling such function. Example > vdsl optn default trellis [US] = ON, [DS] = ON. bitswap [US] = 0, [DS] = 0. [0: default(ON), 1: ON, 2: OFF] sra [US] = 0, [DS] = 0. [0: default(=3), 2: OFF, 3: ON , 4: DYNAMIC_SOS] retx [US] = ON, [DS] = ON. aelem ON G.Vector ON Telnet Command: vdsl savecfg This command can save the configuration into FLASH with a file format of cfg.
Parameter Description co It means DSLAM (Digital Subscriber Line Access Multiplexer) or CO (Central Office). cpe It means CPE (Customer Premise Equipment). Example > vdsl inventory co xDSL inventory info only available in showtime. > vdsl inventory cpe G.994 vendor ID : 0XB5004946544E5444 G.994.1 country code : 0XB500 G.994.1 provider code : IFTN G.994.
ServerIP[1]:4 -------index: 2 inactive-----UserName[2]: PassWord[2]: ServerIP[2]:0 > 208 VigorNIC 132 Series User’s Guide
Telnet Command: csm ucf It is used to configure settings for URL control filter profile. Syntax csm ucf show csm ucf setdefault csm ucf msg MSG csm ucf obj INDEX [-n PROFILE_NAME | -l [P|B|A|N] | uac | wf ] csm ucf obj INDEX -n PROFILE_NAME csm ucf obj INDEX -p VALUE csm ucf obj INDEX -l P|B|A|N csm ucf obj INDEX uac csm ucf obj INDEX wf Syntax Description Parameter Description show It means to display all of the profiles. setdefault It means to return to default settings for all of the profile.
Profile Index: 1 Profile Name:[game] Log:[none] Priority Select : [Bundle : Pass] [ ]Enable URL Access Control Action:[pass] [ ]Prevent web access from IP address. No Obj NO. Object Name --- -------- --------------------------------No Grp NO. Group Name --- -------- --------------------------------- Telnet Command: csm ucf obj INDEX uac It means to configure the settings regarding to URL Access Control (uac).
> csm ucf obj 1 uac -i E Profile Index: 1 Profile Name:[game] Log:[none] Priority Select : [Bundle : Pass] [ ]Enable URL Access Control Action:[pass] [v]Prevent web access from IP address. No Obj NO. Object Name --- -------- --------------------------------No Grp NO.
Telnet Command: csm ucf obj INDEX wf It means to configure the settings regarding to Web Feature (wf). Syntax csm ucf obj INDEX wf -v csm ucf obj INDEX wf -e csm ucf obj INDEX wf -d csm ucf obj INDEX wf -a P|B csm ucf obj INDEX wf -s WEB_FEATURE csm ucf obj INDEX wf -u WEB_FEATURE csm ucf obj INDEX wf -f File_Extension_Object_index Syntax Description Parameter Description INDEX It means to specify the index number of CSM profile, from 1 to 8.
[ ]Enable Restrict Web Feature Action:[pass] File Extension Object Index : [0] [V] Cookie [ ] Proxy [ ] Upload Profile Name : [] Telnet Command: ddns log Displays the DDNS log. Example >ddns log > Telnet Command: ddns time Sets and displays the DDNS time. Syntax ddns time Syntax Description Parameter Description Update in minutes Type the value as DDNS time. The range is from 1 to 14400.
its parameter(s). ATTACK_F It means to specify the name of flooding attack(s) or portscan, e.g., synflood, udpflood, icmpflood, or postscan. THRESHOLD It means the packet rate (packet/second) that a flooding attack will be detected. Set a value larger than 20. TIMEOUT It means the time (seconds) that a flooding attack will be blocked. Set a value larger than 5. -a It means to enable the defense function for all attacks listed in ATTACK_0.
-a n It means to set PPP Authentication Type and n means different types (represented by 0-1). n=0: PAP/CHAP (this is default setting) n=1: PAP Only -t n It means to set connection duration and n means different conditions. n=-1: Always-on n=1 ~ 999: Idle time for offline (default 180 seconds) -i It means that PPPoE server will assign an IP address specified here for CPE (PPPoE client). If you type 0.0.0.0 as the , ISP will assign suitable IP address for you.
> ip 2ndsubnet enable 2nd subnet enabled! Telnet Command: ip 2ndaddr This command allows to set the IP routed subnet for the router. Syntax ip pubaddr ? ip pubaddr <2nd subnet IP address> Syntax Description Parameter Description ? Display an IP address which allows users set as the second subnet IP address. 2nd subnet IP address Specify an IP address. The system will set the one that you specified as the second subnet IP address.
Telnet Command: ip aux This command is used for configuring WAN IP Alias. Syntax ip aux add [IP] [Join to NAT Pool][wanX] ip aux remove [index][wanX] Syntax Description Parameter Description add It means to create a new WAN IP address. remove It means to delete an existed WAN IP address. IP It means the auxiliary WAN IP address. Join to NAT Pool 0 (disable) or 1 (enable). wanX Add or remove an address for WAN interface. index Type the index number of the table displayed on your screen.
2 3 Enable Enable 172.16.3.56 172.16.3.113 No No Telnet Command: ip addr This command allows users to set/add a specified LAN IP your router. Syntax ip addr [IP address] Syntax Description Parameter Description IP address It means the LAN IP address. Example >ip addr 192.168.50.1 % Set IP address OK !!! Info 218 When the LAN IP address is changed, the start IP address of DHCP server are still the same.
Telnet Command: ip nmask This command allows users to set/add a specified netmask for your router. Syntax ip nmask [IP netmask] Syntax Description Parameter Description IP netmask It means the netmask of LAN IP. Example > ip nmask 255.255.0.0 % Set IP netmask OK !!! Telnet Command: ip arp ARP displays the matching condition for IP and MAC address.
Example > ip arp accept status Accept illegal source mac arp: disable Accept illegal dest mac arp: disable Accept VRRP mac into arp table: disable > ip arp status [ARP Table] Index IP Address MAC Address 1 192.168.1.113 00-05-5D-E4-D8-EE Netbios Name A1000351 Telnet Command: ip dhcpc This command is available for WAN DHCP.
DHCP Server IP WAN Ipm WAN Netmask WAN Gateway Primary DNS Secondary DNS Leased Time Leased Time T1 Leased Time T2 Leased Elapsed Leased Elapsed T1 Leased Elapsed T2 : : : : : : : : : : : : 172.16.3.7 172.16.3.40 255.255.255.0 172.16.3.1 168.95.192.1 0.0.0.0 259200 129600 226800 259194 129594 226794 Telnet Command: ip ping This command allows users to ping IP address of WAN1/WAN2/PVC3/PVC4/PVC5 for verifying if the WAN connection is OK or not.
Example >ip tracert 22.128.2.62 WAN1 Traceroute to 22.128.2.62, 30 hops max 1 172.16.3.7 10ms 2 172.16.1.2 10ms 3 Request Time out. 4 168.95.90.66 50ms 5 211.22.38.134 50ms 6 220.128.2.62 50ms Trace complete Telnet Command: ip telnet This command allows users to access specified device by telnet. Syntax ip telnet [IP address][Port] Syntax Description Parameter Description IP address Type the WAN or LAN IP address of the remote device. Port Type a port number (e.g., 23). Available settings: 0 ~65535.
Telnet Command: ip wanrip This command allows users to set the RIP (routing information protocol) of WAN IP. Syntax ip wanrip [ifno] -e [0/1] Syntax Description Parameter Description ifno It means the connection interface. 1: WAN1,2: WAN2, 3: PVC3,4: PVC4,5: PVC5 Note: PVC3 ~PVC5 are virtual WANs. -e It means to disable or enable RIP setting for specified WAN interface. 1: Enable the function of setting RIP of WAN IP. 0: Disable the function.
Telnet Command: ip route This command allows users to set static route. Syntax ip route add [dst] [netmask][gateway][ifno][rtype] ip route del [dst] [netmask][rtype] ip route status ip route cnc ip route default [wan1/wan2/off/?] ip route clean [1/0] Syntax Description Parameter Description add It means to add an IP address as static route. del It means to delete specified IP address. status It means current status of static route. dst It means the IP address of the destination.
Telnet Command: ip igmp_proxy This command allows users to enable/disable igmp proxy server. Syntax ip igmp_proxy set ip igmp_proxy reset ip igmp_proxy wan ip igmp_proxy t_home[on/off/show/help] ip igmp_proxy query ip igmp_proxy ppp [0/1] ip igmp_proxy status Syntax Description Parameter Description set It means to enable proxy server. reset It means to disable proxy server. wan It means to specify WAN interface for IGMP service. t_home It means to specify t_home proxy server for using.
Telnet Command: ip dmz Specify MAC address of certain device as the DMZ host.
[block/unblock][IP] It means to block/unblock the specified IP address. Block: The IP cannot access Internet through the router. Unblock: The specified IP can access Internet through the router. add It means to add the session limits in an IP range. del It means to delete the session limits in an IP range. IP1-IP2 It means the range of IP address specified for this command. num It means the number of the session limits, e.g., 100. p2pnum It means the number of the session limits, e.g.
tx It means to set transmission rate for bandwidth limit. rx It means to set receiving rate for bandwidth limit. shared It means that the bandwidth will be shared for the IP range. Example > ip bandwidth default 200 800 > ip bandwidth add 192.168.1.50-192.168.1.100 10 60 > ip bandwidth status IP range: 192.168.1.50 - 192.168.1.100 : Tx:10K Rx:60K Current ip Bandwidth limit is turn off Auto adjustment is off Telnet Command: ip bindmac This command allows users to set IP-MAC binding for LAN host.
Example > ip bindmac add 192.168.1.46 00:50:7f:22:33:55 just for test > ip bindmac show ip bind mac function is turned ON IP : 192.168.1.
Telnet Command: ip maxnatuser This command is used to set the maximum number of NAT users. Syntax ip maxnatuser user no Syntax Description Parameter Description User no A number specified here means the total NAT users that Vigor device supports. 0 – It means no limitation. Example > ip maxnatuser 100 % Max NAT user = 100 Telnet Command: ip6 addr This command allows users to set the IPv6 address for your router.
Telnet Command: ip6 dhcp req_opt This command is used to configure option-request settings for DHCPv6 client. Syntax ip6 dhcp req_opt [LAN|WAN1|WAN2|iface#] [- | ... ] Syntax Description Parameter Description req_opt It means option-request. LAN|WAN1|WAN2|iface# It means to specify LAN or WAN interface for such address. [ |…] The available commands with parameters are listed below. […] means that you can type in several commands in one line.
[ |…] The available commands with parameters are listed below. […] means that you can type in several commands in one line. -a It means to show current DHCPv6 status. -p [IAID] It means to request identity association ID for Prefix Delegation. -n [IAID] It means to request identity association ID for Non-temporary Address. -c [parameter] It means to send rapid commit to server. -i [parameter] It means to send information request to server.
Example > > > > % % % % % ip6 dhcp server -d FF02::1 ip6 dhcp server -i ff02::1 ip6 dhcp server -x ff02::3 ip6 dhcp server -a Interface LAN has following DHCPv6 server settings: DHCPv6 server disabled maximum address of the pool: FF02::3 minimum address of the pool: FF02::1 1st DNS IPv6 Addr: FF02::1 Telnet Command: ip6 internet This command allows you to configure settings for accessing Internet. Syntax ip6 internet -W n -M n [- | ...
= IPv4 address or URL (maximum 63 characters). -d It means to set the primary DNS Server IP. = type an IPv6 address for first DNS server. -D It means to set the secondary DNS Server IP. = type an IPv6 address for second DNS server. -t It means to set IPv6 PPP WAN test mode for DHCP or RADVD. = type IPv6 address. -V It means to view IPv6 Internet Access Profile. -o It means to set AICCU always on.
WAN2 :: LAN :: > VigorNIC 132 Series User’s Guide 00-00-00-00-00-00 CONNECTED NONE 235
Telnet Command: ip6 pneigh This command allows you to add a proxy neighbour. Syntax ip6 pneigh -s inet6_addr [LAN|WAN1|WAN2] ip6 pneigh -d inet6_addr [LAN|WAN1|WAN2] ip6 pneigh -a [inet6_addr] [-N LAN|WAN1|WAN2] Syntax Description Parameter Description -s It means to add a proxy neighbour. -d It means to delete a proxy neighbour. -a It means to show proxy neighbour status. inet6_addr Type an IPv6 address LAN|WAN1|WAN2 Specify an interface for the proxy neighbor.
PREFIX/PREFIX-LEN _EXPIRES_ _NEXT-HOP_ I/F METRIC STATE FLAGS -----------------------------------------------------------------------FE80::/128 0 0 UNICAST U LAN 0 UNICAST U LAN 256 UNICAST U LAN 1024 UNICAST UGA 0 UNICAST UC LAN 256 UNICAST U LAN -1 :: FE80::250:7FFF:FE00:0/128 0 LAN :: FE80::/64 0 FE80::/16 0 FE80::250:7FFF:FE12:100 FF02::1/128 LAN 0 FF02::1 FF00::/8 0 ::/0 UNREACHABLE ! 0 Telnet Command: ip6 ping This command allows you to pin an IPv6 address or a
Telnet Command: ip6 tracert This command allows you to trace the routes from the router to the host. Syntax ip6 tracert [IPV6 address/Host][LAN//WAN1/WAN2] Syntax Description Parameter Description IPV6 address/Host It means to specify the IPv6 address or host for ping.
Status: Connected > Telnet Command: ip6 radvd This command allows you to enable or disable RADVD server. Syntax Ip6 radvd –s [1|0] [lifetime] ip6 radvd –V Syntax Description Parameter Description -s It means to enable or disable the default lifetime of the RADVD server. 1: Enable the RADVD server. 0: Disable the RADVD server. Lifetime It means to set the lifetime. The lifetime associated with the default router in units of seconds. It’s used to control the lifetime of the prefix.
management through Internet. index It means the number (1, 2 and 3) allowed to be configured for IPv6 management. prefix It means to type the IPv6 address which will be used for accessing Internet. prefix-length It means to type a fixed value as the length of the prefix. remove It means to remove (delete) the specified index number with IPv6 settings. flush It means to clear the IPv6 access table. http|telnet|ping|https|ssh These protocols are used for accessing Internet.
% Tx packets = 408, Tx bytes = 32160, Rx packets = 428, Rx bytes = 33636 > ip6 online 1 % WAN 1 online status : % IPv6 WAN1 Disabled % Default Gateway : :: % UpTime : 0:00:00 % Interface : DOWN % IPv6 DNS Server: :: Static % IPv6 DNS Server: :: Static % IPv6 DNS Server: :: Static % Tx packets = 0, Tx bytes = 0, Rx packets = 0, Rx bytes = 0 Telnet Command: ip6 aiccu This command allows you to set IPv6 settings for WAN interface with connection type of AICCU.
ip6 ntp –h ip6 ntp –v ip6 ntp –p [0/1] Syntax Description Parameter Description –h It is used to display the usage of such command. -v It is used to show the NTP state. -p <0/1> It is used to specify NTP server for IPv6. 0 – Auto 1 – First Query IPv6 NTP Server. Example > ip6 ntp -p 1 % Set NTP Priority: IPv6 First Telnet Command: ipf view IPF users to view the version of the IP filter, to view/set the log flag, to view the running IP filter rules.
Syntax ipf set [Options] ipf set [SET_NO] rule [RULE_NO] [Options] Syntax Description Parameter Description Options There are several options provided here, such as -v, -c [SET_NO], -d [SET_NO],… and etc. SET_NO It means to specify the index number (from 1 to 12) of filter set. RULE_NO It means to specify the index number (from 1 to 7) of filter rule set. -v Type “-v” to view the configuration of general set. -c [SET_NO] It means to setup Call Filter, e.g., -c 2.
Setting saved. > ipf set -d 2 #set data filter start from set 2 Setting saved.
o - indicates “object”. g - indicates “group”. obj - indicates index number of object or index number of group. Available settings range from 1-192. For example, “-s g 3" means the third source IP group profile. –s u
| It means to configure source IP address including address type, start IP address, end IP address and address mask. u – It means “user defined”. Address Type - Type the number (representing different address type).: 2 – Port OP, range is 0-3, 0:==, 1:!=, 2:>, 3:< 4 – Port range of the Start Port Number, range is 1-65535. 6 – Port range of the End Port Number, range is 1-65535. 246 -F It means the Filter action you can specify. 0 –Pass Immediately, 1 – Block Immediately, 2 – Pass if no further match, 3 – Block if no further match. -q It means the classification for QoS. 1– Class 1, 2 – Class 2, 3 – Class 3, 4 – Other -l It means load balance policy.
Example > ipf rule 2 1 -e 1 -s "o 1" -d "o 2" -S "o 1" -F 2 > ipf rule 2 1 -v Filter Set 2 Rule 1: Status : Enable Comments: xNetBios -> DNS Index(1-15) in Schedule Setup: , , , Direction : LAN -> WAN Source IP : Group1, Destination IP: Group2, Service Type : TCP/UDPGroup1, Fragments : Don't Care Pass or Block : Block Immediately Branch to Other Filter Set: None Max Sessions Limit : 32000 Current Sessions : 0 Mac Bind IP : Non-Strict Qos Class : None APP Enforcement : None URL Conte
Parameter Description -r It means to refresh the flowtrack. -e It means to enable or disable the flowtrack. 0: Disable 1: Enable -f It means to show the sessions state of flowtrack. If you do not specify any IP address, then all the session state of flowtrack will be displayed. -b It means to show all of IP sessions state. - i [IP address] It means to specify IP address (e.g,, -i 192.168.2.55). -p[value] It means to type a port number (e.g., -p 1024). Available settings are 0 ~ 65535.
a: flush all logs c: flush the call log f: flush the IP filter log w: flush the WAN log -h It means to show this usage help. -p It means to show PPP/MP log. -t It means to show all logs saved in the log buffer. -w It means to show WAN log. -x It means to show packet body hex dump. Example > log -w 25:36:25.580 ---->DHCP (WAN-5) Len = 548XID = 0x7880fdd4 Client IP = 0.0.0.0 Your IP = 0.0.0.0 Next server IP = 0.0.0.0 Relay agent IP = 0.0.0.0 25:36:33.
Example > mngt ftpport 21 % Set FTP server port to 21 done. Telnet Command: mngt httpport This command allows users to set HTTP port for management. Syntax mngt httpport [Http port] Syntax Description Parameter Description Http port It means to enter the number for HTTP port. The default setting is 80. Example > mngt httpport 80 % Set web server port to 80 done. Telnet Command: mngt httpsport This command allows users to set HTTPS port for management.
Telnet Command: mngt sshport This command allows users to set SSH port for management. Syntax mngt sshport [ssh port] Syntax Description Parameter Description ssh port It means to type the number for SSH port. The default setting is 22. Example > mngt sshport 23 % Set ssh port to 23 done. Telnet Command: mngt noping This command is used to pass or block Ping from LAN PC to the internet.
Telnet Command: mngt defenseworm This command can block specified port for passing through the router. Syntax mngt defenseworm [on] mngt defenseworm [off] mngt defenseworm [add port] mngt defenseworm [del port] mngt defenseworm [viewlog] mngt defenseworm [clearlog] Syntax Description Parameter Description on It means to activate the function of defense worm packet out. off It means to inactivate the function of defense worm packet out. add port It means to add a new TCP port for block.
Internet. http/https/ftp/telnet/ssh/t r069 It means to specify one of the servers/protocols for enabling or disabling. on/off on – enable the function. off – disable the function. Example > mngt Enable Remote please rmtcfg ftp on server fail configure function has been disabled enable by enter mngt rmtcfg enable > mngt rmtcfg enable %% Remote configure function has been enabled. > mngt rmtcfg ftp on %% FTP server has been enabled.
list It can display current setting for your reference. add It means adding a new entry. index It means to specify the number of the entry. ip addr It means to specify an IP address. mask It means to specify the subnet mask for the IP address. remove It means to delete the selected item. flush It means to remove all the settings in the access list. Example > mngt accesslist add 1 192.168.1.89 255.255.255.0 %% Set OK.
Set Community set to DK Manager Host IP set to 192.168.1.1 Trap Community set to trapcom Notification Host IP set to 10.20.3.40 Trap Timeout set to 88 seconds Telnet Command: object ip obj This command is used to create an IP object profile.
> object ip obj 1 -n marketing > object ip obj 1 -a 1 192.168.1.45 > object ip obj 1 -v IP Object Profile 1 Name :[marketing] Interface:[Any] Address type:[single] Start ip address:[192.168.1.45] End/Mask ip address:[0.0.0.0] Invert Selection:[0] Telnet Command: object ip grp This command is used to integrate several IP objects under an IP group profile.
[1:][0] [2:][0] [3:][0] [4:][0] [5:][0] [6:][0] [7:][0] > object ip grp 2 -i 1 > object ip grp 2 -a 1 2 IP Group Profile 2 Name :[First] Interface:[Lan] Included ip object index: [0:][1] [1:][2] [2:][0] [3:][0] [4:][0] [5:][0] [6:][0] [7:][0] VigorNIC 132 Series User’s Guide 257
Telnet Command: object ipv6 obj This comman is used to create an IP object profile. Syntax object ip obj setdefault object ip obj INDEX -v object ip obj INDEX -n NAME object ip obj INDEX -i INTERFACE object ip obj INDEX -s INVERT object ip obj INDEX -a TYPE [START_IP] [END/MASK_IP] Syntax Description Parameter Description setdefault It means to return to default settings for all profiles. INDEX It means the index number of the specified object profile.
Interface:[Any] Address type:[single] Start ip address:[192.168.1.45] End/Mask ip address:[0.0.0.0] Invert Selection:[0] Telnet Command: object ipv6 grp This command is used to integrate several IP objects under an IP group profile. Syntax object ip grp setdefault object ip grp INDEX -v object ip grp INDEX -n NAME object ip grp INDEX -i INTERFACE object ip grp INDEX -a IP_OBJ_INDEX Syntax Description Parameter Description setdefault It means to return to default settings for all profiles.
[7:][0] > object ip grp 2 -i 1 > object ip grp 2 -a 1 2 IP Group Profile 2 Name :[First] Interface:[Lan] Included ip object index: [0:][1] [1:][2] [2:][0] [3:][0] [4:][0] [5:][0] [6:][0] [7:][0] Telnet Command: object service obj This command is used to create service object profile.
same, it indicates one port; when the starting port and ending port values are different, it indicates a range for the port and available for this service type. 1=not equal(!=), when the starting port and ending port values are the same, it indicates all the ports except the port defined here; when the starting port and ending port values are different, it indicates that all the ports except the range defined here are available for this service type.
NAME: Type a name with less than 15 characters. Example: object service grp 8 -n bruce -a SER_OBJ_INDEX It means to specify service object profiles for the group profile. Example: :object service grp 3 -a 1 2 3 4 5 The service object profiles with index number 1,2,3,4 and 5 will be group under such profile.
PAGE: type the page number. show It means to show the contents for all of the profiles. INDEX It means the index number of the specified keyword profile. -v It means to view the information of the specified keyword profile. -n NAME It means to define a name for the keyword profile. NAME: Type a name with less than 15 characters. -a CONTENTS It means to set the contents for the keyword profile.
-d It means to disable the specific CATEGORY or FILE_EXTENSION CATEGORY|FILE_EXTENSION CATEGORY: Image, Video, Audio, Java, ActiveX, Compression, Executation Example: object fe obj 1 -e Image FILE_EXTENSION: ".bmp", ".dib", ".gif", ".jpeg", ".jpg", ".jpg2", ".jp2", ".pct", ".pcx", ".pic", ".pict", ".png", ".tif", ".tiff", ".asf", ".avi", ".mov", ".mpe", ".mpeg", ".mpg", ".mp4", ".qt", ".rm", ".wmv", ".3gp", ".3gpp", ".3gpp2", ".3g2", ".aac", ".aiff", ".au", ".mp3", ".m4a", ".m4p", ".ogg", ".ra", ".
-----------------------------------------------------------------------------Executation category: [ ].bas [ ].bat [ ].com [ ].exe [ ].inf [ ].pif [ ].reg [ ].
Telnet Command: port This command allows users to set the speed for specific port of the router. Syntax port [1, wan2, all] [AN, 100F, 100H, 10F, 10H, status] port status port wanfc Syntax Description Parameter Description 1, 2, 3, 4, 5, 6, wan2, all It means the number of LAN port and WAN port. AN… 10H It means the physical type for the specific port. AN: auto-negotiate. 100F: 100M Full Duplex. 100H: 100M Half Duplex. 10F: 10M Full Duplex. 10H: 10M Half Duplex.
-f It means to flush all portmaps (useful for diagnostics). -l List all settings. Example > portmaptime -t 86400 -u 300 -i 10 > portmaptime -l ------ Current setting -----TCP Timeout : 86400 sec. UDP Timeout : 300 sec. IGMP Timeout : 10 sec. TCP WWW Timeout: 60 sec. TCP SYN Timeout: 60 sec. Telnet Command: qos setup This command allows user to set general settings for QoS. Syntax qos setup [- | ...
Example > qos setup -m 3 -i 9500 -o 8500 -r 3:20 -u 1 -p 50 -t 1 WAN1 QOS mode is both Wan 1 is XDSL model ,don,t need to set up Wan 1 is XDSL model ,don,t need to set up WAN1 class 3 ratio set to 20 WAN1 udp bandwidth control set to enable WAN1 udp bandwidth limit ratio set to 50 WAN1 Outbound TCP ACK Prioritizel set to enable QoS WAN1 set complete; restart QoS > 268 VigorNIC 132 Series User’s Guide
Telnet Command: qos class This command allows user to set QoS class. Syntax qos class -c [no] –[a|e|d] [no][- | ... ] Syntax Description Parameter Description [ |…] The available commands with parameters are listed below. […] means that you can type in several commands in one line. -h Type it to display the usage of this command. -c Specify the inde number for the class. Available value for contains 1, 2 and 3. The default setting is class 1.
-u Define service type. Available value: 1~40. -S Show the content for specified DSCP ID/Service type. -V <1/2/3> Show the rule in the specified class. […] It means that you can type in several commands in one line. Example > qos class -c 2 -n draytek -a -m 1 -l 192.168.1.50:192.168.1.80 Following setting will set in the class2 class 2 name set to draytek Add a rule in class2 Class2 the 1 rule enabled Set local address type to Range, 192.168.1.50:192.168.1.
Example > qos type -a draytek -t 6 -p 510:1330 service name set service type set Port type set to Service Port set > to draytek to 6:TCP Range to 510 ~ 1330 Telnet Command: quit This command can exit the telnet command screen. Telnet Command: show lan1/lan2/dhcp This command displays current status of LAN IP address settings. Example > > show lan1 %% 1st subnet settings: %% IP address: 192.168.1.1 %% Subnet mask: 255.255.255.
Telnet Command: show dmz This command displays current status of DMZ host. Example > show dmz % WAN1 DMZ mapping status: Index Status WAN1 aux IP Private IP ---------------------------------------------------1 Disable 0.0.0.0 2 Disable 192.168.1.65 % WAN2 DMZ mapping status: Index Status WAN2 aux IP Private IP ---------------------------------------------------1 Disable 0.0.0.
6 0 0 0.0.0.0 7 0 0 0.0.0.0 8 0 0 0.0.0.0 9 0 0 0.0.0.0 10 0 0 0.0.0.0 11 0 0 0.0.0.0 12 0 0 0.0.0.0 13 0 0 0.0.0.0 14 0 0 0.0.0.0 15 0 0 0.0.0.0 16 0 0 0.0.0.0 17 0 0 0.0.0.0 18 0 0 0.0.0.0 19 0 0 0.0.0.0 20 0 0 0.0.0.0 --- MORE --- ['q': Quit, 'Enter': New Lines, 'Space 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Bar': Next Page] Telnet Command: show portmap This command displays the table of NAT Active Sessions.
% Current Session Used(include waiting for free): 0 % WAN1 Current Session Usage: 0 % WAN2 Current Session Usage: 0 Telnet Command: show status This command displays current status of LAN and WAN connections. Example > show status System Uptime:70:12:46 LAN Status Primary DNS:8.8.8.8 IP Address:192.168.1.1 Secondary DNS:8.8.4.
DSLAM CHIPSET VENDOR : < unknown > Telnet Command: show statistic This command displays statistics for WAN interface. Syntax show statistic show statistic reset [interface] Syntax Description Parameter Description reset It means to reset the transmitted/received bytes to Zero. interface It means to specify WAN1 ~WAN5 (including multi-PVC) interface for displaying related statistics.
Telnet Command: srv dhcp public This command allows users to configure DHCP server for second subnet. Syntax srv dhcp public start [IP address] srv dhcp public cnt [IP counts] srv dhcp public status srv dhcp public add [MAC Addr XX-XX-XX-XX-XX-XX] srv dhcp public del [MAC Addr XX-XX-XX-XX-XX-XX/all/ALL] Syntax Description Parameter Description start It means the starting point of the IP address pool for the DHCP server.
Example > srv dhcp dns1 168.95.1.1 % srv dhcp dns1 % Now: 168.95.1.1 (IP Routed Subnet dns same as NAT Subnet dns) Telnet Command: srv dhcp dns2 This command allows users to set Secondary IP Address for DNS Server in LAN. Syntax srv dhcp dns2 [?] srv dhcp dns2 [DNS IP address] Syntax Description Parameter Description ? It means to display current IP address of DNS 2 for the DHCP server. DNS IP address It means the IP address that you want to use as DNS2.
Telnet Command: srv dhcp frcdnsmanl This command can force the router to invoke DNS Server IP address. Syntax srv dhcp frcdnsmanl [on] srv dhcp frcdnsmanl [off] Syntax Description Parameter Description ? It means to display the current status. on It means to use manual setting for DNS setting. Off It means to use auto settings acquired from ISP.
Telnet Command: srv dhcp ipcnt This command allows users to specify IP counts for DHCP server. Syntax srv dhcp ipcnt [?] srv dhcp ipcnt [IP counts] Syntax Description Parameter Description ? It means to display current used IP count number. IP counts It means the number that you have to specify for the DHCP server. Example > srv dhcp ipcnt ? % srv dhcp ipcnt % Now: 150 Telnet Command: srv dhcp off This function allows users to turn off DHCP server.
Syntax srv dhcp startip [?] srv dhcp startip [IP address] Syntax Description Parameter Description ? It means to display current used start IP address. IP address It means the IP address that you can specify for the DHCP server as the starting point. Example > srv dhcp startip 192.168.1.53 This setting will take effect after rebooting. Please use "sys reboot" command to reboot the router.
Telnet Command: srv dhcp leasetime This command can set the lease time for the DHCP server. Syntax srv dhcp leasetime [?] srv dhcp leasetime [Lease Time (sec)] Syntax Description Parameter Description ? It means to display current leasetime used for the DHCP server. Lease Time (sec) It means the lease time that DHCP server can use. The unit is second. Example > srv dhcp leasetime ? % srv dhcp leasetime
Telnet Command: srv dhcp primWINS This command can set the primary IP address for the DHCP server. Syntax srv dhcp primWINS [WINS IP address] srv dhcp primWINS clear Syntax Description Parameter Description WINS IP address It means the IP address of primary WINS server. clear It means to remove the IP address settings of primary WINS server. Example > srv dhcp primWINS 192.168.1.88 > srv dhcp primWINS ? %% srv dhcp primWINS %% srv dhcp primWINS clear % Now: 192.168.1.
Telnet Command: srv dhcp expired_RecycleIP This command can set the time to check if the IP address can be assigned again by DHCP server or not. Syntax srv dhcp expRecycleIP Syntax Description Parameter Description sec time It means to set the time (5~300 seconds) for checking if the IP can be assigned again or not. Example Vigor> srv dhcp expRecycleIP 250 % DHCP expired_RecycleIP = 250 Telnet Command: srv dhcp tftp This command can set the TFTP server as the DHCP server.
Parameter Description -h It means to display usage of this command. -l It means to display all the user defined DHCP options. -d[idx] It means to delete the option number by specifying its index number. -e [1 or 0] It means to enable/disable custom option feature. 1:enable 0:disable -c It means to set option number. Available number ranges from 0 to 255. -v It means to set option number by typing string. -a It means to set the option value by specifying the IP address.
Telnet Command: srv nat dmz This command allows users to set DMZ host. Before using this command, please set WAN IP Alias first. Syntax srv nat dmz n m [- | … ] Syntax Description Parameter Description n It means to map selected WAN IP to certain host. 1: wan1 2: wan2 m It means the index number of the DMZ host. Default setting is “1” (WAN 1). It is only available for Static IP mode. If you use other mode, you can set 1 ~ 8 in this field.
status It means to display current status for checking. Example > srv nat ipsecpass status %% Status: IPsec ESP pass-thru and IKE src_port:500 preservation is OFF. Telnet Command: srv nat openport This command allows users to set open port settings for NAT server. Syntax srv nat openport n m [- | … ] Syntax Description Parameter Description n It means the index number for the profiles. The range is from 1 to 20. m It means to specify the sub-item number for this profile.
%% Status: Enable %% Comment: games %% Private IP address: 192.168.1.100 Index Protocal Start Port End Port ***************************************************************** 1. TCP 23 83 %% Status: Disable %% Comment: %% Private IP address: 0.0.0.0 Index Protocal Start Port End Port ***************************************************************** %% Status: Disable %% Comment: %% Private IP address: 0.0.0.
table It means to display Port Redirection Configuration Table. Example > srv nat portmap add 1 game tcp 80 192.168.1.
6 7 8 9 10 11 12 13 14 15 16 17 18 19 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 20 0 0 0.0.0.0 0 --- MORE ----- ['q': Quit, 'Enter': New Lines, 'Space Bar': Next Page] Telnet Command: srv nat showall This command allows users to view a summary of NAT port redirection setting, open port and DMZ settings.
cmd It means to send command to the client. acc It means to set the client authentication account and password. traffic [on/off/status/tx/rx] It means to turn on/off or display the data transmission from the client. Example > switch -i 1 traffic on External Device NO. 1 traffic statistic function is enable Telnet Command: switch status This command is used to check if auto discovery for external devices is enabled or disabled.
Telnet Command: sys cfg This command reset the router with factory default settings. When a user types this command, all the configuration will be reset to default setting. Syntax sys cfg default sys cfg status Syntax Description Parameter Description default It means to reset current settings with default values. status It means to display current profile version and status. Example > sys cfg status Profile version: 3.0.
Telnet Command: sys domainname This command can set and remove the domain name of the system when DHCP mode is selected for WAN. Syntax sys domainname [wan1/wan2] [Domain Name Suffix] sys domainname [wan1/wan2] clear Syntax Description Parameter Description wan1/wan2 It means to specify WAN interface for assigning a name for it. Domain Name Suffix It means the name for the domain of the system. The maximum number of characters that you can set is 40.
Interface 7 Ethernet: Status: DOWN IP Address: 0.0.0.0 MAC: 00-50-7F-00-00-05 Interface 8 Ethernet: Status: DOWN IP Address: 0.0.0.0 MAC: 00-50-7F-00-00-06 Netmask: 0x00000000 Netmask: 0x00000000 Interface 9 Ethernet: Status: DOWN IP Address: 0.0.0.
Telnet Command: sys name This command can set and remove the name for the router when DHCP mode is selected for WAN. Syntax sys name [wan1] [ASCII string] sys name [wan1] clear Syntax Description Parameter Description wan1 It means to specify WAN interface for assigning a name for it. ASCII string It means the name for router. The maximum character that you can set is 20. Example > > % % % sys name wan1 drayrouter sys name ? sys name
Telnet Command: sys autoreboot This command allows users to restart the router automatically within a certain time. Syntax sys autoreboot [on/off/hour(s)] Syntax Description Parameter Description on/off On – It means to enable the function of auto-reboot. Off – It means to disable the function of auto-reboot. hours It means to set the time schedule for router reboot. For example, if you type “2” in this field, the router will reboot with an interval of two hours.
This command can display current version for the system. Example > sys version Router Model: VigorNIC 132Vn+ Version: 3.7.4.1 English Profile version: 3.0.0 Status: 1 (0x49165e6c) Router IP: 192.168.1.1 Netmask: 255.255.255.0 Firmware Build Date/Time: Mar 20 2014 14:09:50 Router Name: drayrouter Revision: 40055 2860_374 VDSL2 Firmware Version: 05-04-08-00-00-06 Telnet Command: sys qrybuf This command can display the system memory status and leakage list.
off It means to turn off pulling buffer. Example > sys pollbuf on % Buffer polling is on! > sys pollbuf off % Buffer polling is off! Telnet Command: sys britask This command can improve triple play quality. Syntax sys britask [on] sys britask [off] Syntax Description Parameter Description on It means to turn on the bridge task for improving the triple play quality. off It means to turn off the bridge task.
set [parm] [value] It means to set parameters for tr-069. getnoti [parm] It means to get parameter notification value. setnoti [parm] [value] It means to set parameter notification value. log It means to display the TR-069 log. debug [on/off] on: turn on the function of sending debug message to syslog. off: turn off the function of sending debug message to syslog. save It means to save the parameters to the flash memory of the router.
--- MORE ----- ['q': Quit, 'Enter': New Lines, 'Space Bar': Next Page] Telnet Command: sys sip_alg This command can turn on/off SIP ALG (Application Layer Gateway) for traversal. Syntax sys sip_alg [1] sys sip_alg [0] Syntax Description Parameter Description 1 It means to turn on SIP ALG. 0 It means to turn off SIP ALG.
DTMFPSER, CALLERID (Case-Insensitive). log It means the dump log buffer. Example > sys diag_log status Status: diag_log is Enabled. lineno : 10000. level : 3.
(0: disable, 1:enable ) -t <0/1/2> Set daylight saving type. (0:default, 1:time range, 2:yearly) If “0” is used, Vigor system will use the default settings as daylight saving configuration. -s Set the starting point for date range type. : after 2013 : 1 ~ 12 : 1 ~ 31 : 0 ~ 23 For example, sys daylightsave -s 2014 3 10 12 -d Set the ending point for date range type.
-l Show DNS IPv4 entry in the DNS cache table. -s Show DNS IPv6 entry in the DNS cache table. -v Show TTL limit value in the DNS cache. -t Set TTL limit value in the DNS cache. 0:no limit or “n” seconds (n >= 5) -c Clear DNS cache table. Example > sys dnsCacheTbl -t 20 % Set TTL limit: 20 seconds. % When TTL larger than 20s , delete the DNS entry in the router's DNS cache tabl e.
-c Enable / disable Call Log. (0: disable, 1:enable) -w Enable / disable WAN Log. (0: disable, 1:enable) -r Enable / disable Router/DSL Information. (0: disable, 1:enable) -t Enable / disable AlertLog Setup. (0: disable, 1:enable) -o Type the AlertLog Port (ranges from 1-65535). Example > sys syslog -a 1 -s 1 -i 192.168.1.
5 - GMT-08:00 Pacific Time (US & Canada) 6 - GMT-08:00 Tijuana 7 - GMT-07:00 Mountain Time (US & Canada) 8 - GMT-07:00 Arizona 9 - GMT-06:00 Central Time (US & Canada) 10 - GMT-06:00 Saskatchewan 11 - GMT-06:00 Mexico City, Tegucigalpa 12 - GMT-05:00 Eastern Time (US & Canada) 13 - GMT-05:00 Indiana (East) 14 - GMT-05:00 Bogota, Lima, Quito 15 - GMT-04:00 Atlantic Time (Canada) 16 - GMT-04:00 Caracas, La Paz 17 - GMT-04:00 Santiago 18 - GMT-03:30 Newfoundland 19 - GMT-03:00 Brasilia 20 - GMT-03:00 Buenos Ai
57 - GMT+08:00 Singapore 58 - GMT+08:00 Taipei 59 - GMT+08:00 Perth 60 - GMT+09:00 Seoul 61 - GMT+09:00 Osaka, Sapporo, Tokyo 62 - GMT+09:00 Yakutsk 63 - GMT+09:30 Darwin 64 - GMT+09:30 Adelaide 65 - GMT+10:00 Canberra, Melbourne, Sydney 66 - GMT+10:00 Brisbane 67 - GMT+10:00 Hobart 68 - GMT+10:00 Vladivostok 69 - GMT+10:00 Guam, Port Moresby 70 - GMT+11:00 Magadan, Solomon Is. 71 - GMT+11:00 New Caledonia 72 - GMT+12:00 Fiji, Kamchatka, Marshall Is.
This command can enable UPnP function. Example >upnp on UPNP start. Telnet Command: upnp nat This command can display IGD NAT status. Example > upnp nat ? ****************** IGD NAT Status **************** ((0)) InternalClient >>192.168.1.10<<, RemoteHost >>0.0.0.0<< InternalPort >>21<<, ExternalPort >>21<< PortMapProtocol >>TCP<< The tmpvirtual server index >>0<< PortMapLeaseDuration >>0<<, PortMapEnabled >>0<< Ftp Example [MICROSOFT] ((1)) InternalClient >>0.0.0.0<<, RemoteHost >>0.0.0.
serviceType urn:schemas-upnp-org:service:WANCommonInterfaceConfig:1 serviceId urn:upnp-org:serviceId:WANCommonIFC1 SCPDURL /upnp/WComIFCX.xml controlURL /upnp?control=WANCommonIFC1 eventURL /upnp?event=WANCommonIFC1 UDN uuid:2608d902-03e2-46a5-9968-4a54ca499148 . . . Telnet Command: upnp subscribe This command can show all UPnP services subscribed. Example > upnp on UPNP start.
****************** Temp virtual server status **************** ((0)) real_addr >>192.168.1.10<<, pseudo_addr >>172.16.3.229<< real_port >>0<<, pseudo_port >>0<< hit_portmap_index >>0<< The protocol >>TCP<< time >>0<< ((1)) real_addr >>0.0.0.0<<, pseudo_addr >>0.0.0.
%Disable Vigor Bridge Function! Telnet Command: vigbrg status This command can show whether the Vigor Bridge Function is enabled or disabled.
Telnet Command: vigbrg cfgip This command allows users to transfer a bridge modem into ADSL router by accessing into and adjusting specified IP address. Users can access into Web UI of the router to manage the router through the IP address configured here. Syntax vigbrg cfgip [IP Address] Syntax Description Parameter Description IP Address It means to type an IP address for users to manage the router. Example > > % % vigbrg cfgip 192.168.1.15 vigbrg cfgip ? Vigor Bridge Config IP, Now: 192.168.1.
>wan ppp_mru 1 ? % Now: 1492 > wan ppp_mru 1 1490 > > wan ppp_mru 1 ? % Now: 1490 > wan ppp_mru 1 1492 > wan ppp_mru 1 ? % Now: 1492 Telnet Command: wan mtu / wan mtu2 This command allows users to adjust the size of MTU for WAN1/WAN2. Syntax wan mtu [value] wan mtu2 [value] Syntax Description Parameter Description value It means the number of MTU for PPP. The available range is from 1000 to 1500. For Static IP/DHCP, the maximum number will be 1500. For PPPoE, the maximum number will be 1492.
> wan DF_check on %DF bit check enable! > wan DF_check off %DF bit check disable (reset DF bit)! Telnet Command: wan disable This command allows you to disable WAN connection. Example > wan disable WAN %WAN disabled. Telnet Command: wan enable This command allows you to disable wan connection. Example > wan enable WAN %WAN1 enabled. Telnet Command: wan forward This command allows you to enable or disable the function of WAN forwarding. The packets are allowed to be transmitted between different WANs.
TX Packets=0, TX Rate(Bps)=0, RX Packets=0, RX Rate(Bps)=0 Primary DNS=0.0.0.0, Secondary DNS=0.0.0.
Telnet Command: wan detect This command allows you to configure WAN connection detection. When Ping Detection is enabled (for Static IP or DHCP or PPPoE mode), Router pings specified IP addresses to detect the WAN connection. Syntax wan detect [wan1/wan2][on/off/always_on] wan detect [wan1/wan2] target [ip addr] wan detect [wan1/wan2] ttl [value] wan detect status Syntax Description Parameter Description on Enable ping detection. The IP address of the target shall be set.
Syntax wan lb [wan1/wan2/…] on wan lb [wan1/wan2/…] off wan lb status Syntax Description Parameter Description wan1/wan2 Specify which WAN will be applied with load balance. on Make WAN interface as the member of load balance. off Cancel WAN interface as the member of load balance. status Show the current status. Example > wan lb status WAN1: on WAN2: on WAN3: on WAN4: on WAN5: on Telnet Command: wan mvlan This command allows you to configure multi-VLAN for WAN and LAN.
Range is from 0 to 7. px It means LAN port. Available setting number is from 2 to 4. Port number 1 is locked for NAT usage. keeptag It means Multi-VLAN packets will keep their VLAN headers to LAN. Example PVC 7 will map to LAN port 2/3/4 in bridge mode; service type is Normal. No tag added.
wan vlan wan [#] [adsl/vdsl] [enable/disable] wan vlan wan [#] [adsl/vdsl] pri [value] wan vlan stat Syntax Description Parameter Description wan [#] Specify which WAN interface will be tagged. tag [value] Type a number for tagging on WAN interface. enable/disable Enable: Specified WAN interface will be tagged. Disable: Disable the function of tagging on WAN interface. stat Display current VLAN status.