Draytek VigorFly200
Contents
1. 3G Backup 4 1 1 Internet Access This page allows you to set WAN configuration with different modes Use the Connection Type drop down list to choose one of the WAN modes The corresponding page will be displayed WAN gt gt Internet Access WAN IP Configuration Connection Type DHCP w DHCP Settings Router Name VigorFly200 MAC Address Clone Enabled Static IP For static IP mode you usually receive a fixed public IP address or a public subnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface To use Static IP as the accessing protocol of the internet please choose Static mode from Connection Type drop down menu The following web page will be shown WAN gt Internet Access WAN IP Configuration Connection Type Static IP Static IP Settings IP Address 192 168 53 22 Subnet Mask 200 200 2000 Default Gateway 192 168 5 1 Primary DNS Server 168 95 1 1 Secondary DNS Serwer MAC Address Clone Enabled K IP Address Type the IP address Subnet Mask Type the subnet mask Default Gateway Type the gateway IP address VigorFly 200 Series User s Guide 69 Dr ay Te k Primary DNS Server You must specify a DNS server IP address here becau2. Dray Tek WEP 802 1x Remote Authentication Dial In User Service RADIUS is a security authentication client server protocol that supports authentication authorization and accounting which is widely used by Internet service providers It is the most common method of authenticating and authorizing dial up and tunneled network users The built in RADIUS client feature enables the router to assist the remote dial in user or a wireless station and the RADIUS server in performing mutual authentication It enables centralized remote access authentication for network management If you choose WPA Radius as the security configuration you have to specify WPA mode algorithm Radius server Radius server port and Radius server secret respectively Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID SSID Wireless Security Settings Security Mode WEP 802 1x 602 1 WEP WEP O Disable Enable Radius Server IP Address OoOo Port Shared Secret f Session Timeout lo Idle Timeout WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that 1s used to authenticate the messages sent between them Both sides must be conf
3. Please type admin admin on Username Password for admin mode Otherwise do not type any word both username and password are Null for user mode on the window and click Login on the window VigorFly 200 E Dray Tek WiFi Router System Status Quick Start Wizard Model VigorFly200 Online Status Firmware Version 1 0 0RC4a gt WAN Build Date Time r328 Thu Jan 14 17 15 46 CST 2010 gt LAN System Date Sat Jan 1 00 51 12 2000 gt NAT System Uptime Od 00 51 12 gt Firewall Operation Mode Gateway Mode gt Applications gt Wireless LAN System WAN gt System Maintenance Memory total 30076 kB Connected Type DHCP gt Diagnostics Memory left 16872 kB Link Status Connected MAC Address 00 50 7F 22 33 45 IP Address 192 168 5 21 Application Note LAN IP Mask 255 255 255 0 FAQ MAC Address 00 50 7F 22 33 44 Default Gateway 192 168 5 1 Product Registration IP Address 192 168 1 1 Primary DNS 168 95 1 1 IP Mask 255 255 255 0 Secondary DNS All Right Reserved Wireless MAC Address 00 50 7F 22 33 44 SSID DrayTek Channel T6 Main screen for admin mode operation full configuration VigorFly 200 E Dray Tek WiFi Router System Status Quick Start Wizard Model VigorFly200 Online Status Firmware Version 1 0 0RC4a gt WAN Build Date Time r328 Thu Jan 14 17 15 46 CST 2010 gt LAN System
4. 192 168 5 1 Product Registration IP Address 192 168 1 1 Primary DNS 168 95 1 1 Logout IP Mask 255 255 255 0 Secondary DNS gt Wireless MAC Address 00 50 7F 22 33 44 SSID DrayTek Channel 6 All Right Reserved 4 1 WAN Quick Start Wizard offers user an easy method to quick setup the connection mode for the router Moreover if you want to adjust more settings for different WAN modes please go to Internet Access group Basics of Internet Protocol IP Network IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid address conflicts IP addresses are publicly registered with the Network Information Centre NIC Having a unique IP address is mandatory for those devices participated in the public network but not in the private TCP IP local area networks LANs such as host PCs under the management of a router since they do not need to be accessed by the public Hence the NIC has reserved certain addresses that will never be registered publicly These are known as private IP addresses and are listed in the following ranges From 10 0 0 0 to 10 255 255 255 From 172 16 0 0 to 172 31 255 255 From 192 168 0 0 to 192 168 255 255 VigorFly 200 Series User s Guide 67 Dr ay Te k What are Public IP Address and Private IP Address As the router plays a role to manage a
5. Firm Message If the message of Request Timeout Transfer Abort appears please check 1f the connection between the computer and the Vigor is active or not And if the message of Incorrect No file name Transfer Abort appears please check if the firmware you download is correct for your Vigor router Firmware Upgrade Utility Sli Ea L Firmware Upgrade Utility E md Operation Mode Operation Mode Upgrade Upgrade Backup Setting Backup Setting Router IP Router IP sea O Ga boron OG Firmware File Firmware File Note Please turn off the Firewall protection while upgrading the firmware with Windows Vista The Firewall function can be turned off via Control Panel gt gt Security Center gt gt Firewall VigorFly 200 Series User s Guide 135 Dr ay Tek 5 6 Backing to Factory Default Setting If Necessary Sometimes a wrong connection can be improved by returning to the default settings Try to reset the router by software or hardware Warning After pressing factory default setting you will loose all settings you did before Make sure you have recorded all useful settings before you pressing Q Software Reset You can reset the router to factory default via Web page Go to System Maintenance and choose Reboot System on the web page The following screen will appear Choose Using factory default configuration and click OK After few seconds the router will return all the setting
6. 16868 kB Link Status Connected MAC Address 00 50 7F 22 33 45 IP Address 192 168 5 21 IP Mask gt 255 255 255 0 MAC Address 00 50 7F 22 33 44 Default Gateway 192 168 5 1 IP Address 192 168 1 1 Primary DNS 168 95 1 1 IP Mask 255 255 255 0 Secondary DNS MAC Address 00 50 7F 22 33 44 SSID DrayTek Channel 6 Model Display the model name of the router Firmware Version Display the firmware version of the router Build Date Time Display the date and time of the current firmware build System Date Display current time and date for the system server System Uptime Display the connection time for the system server Operation Mode Display the connection mode for the router Memory total Display the total dynamic RAM size for the whole system Memory left Display the remaining RAM size for the whole system VigorFly 200 Series User s Guide 115 Dr ay Te k MAC Address Display the MAC address of the LAN or WAN or WLAN Interface IP Address Display the MAC address of the LAN or WAN Interface IP Mask Display the subnet mask address of the LAN or WAN interface Device Type Display the device type used for wireless LAN SSID Display the SSID of this router Channel Display the channel that wireless LAN used Connected Type Display the network connection type for this router Link Status Display if current network is connected or not Default Gateway Display the gateway address of the WAN interface Primary DNS D
7. Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP Disable Enable OK WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal WPA uses shared key for authentication to the network Interval However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Click the link of RADIUS Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer http 192 168 1 1Avirelessradius asp Radius Server IP Address Port 1812 Shared Secret Session Timeout o Idle Timeout o IP Address Port Shared Secret VigorFly 200 Series User s Guide Enter the IP address of RADIUS server The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret 57 Dray Tek Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first auth
8. authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain 52 VigorFly 200 Series User s Guide idle The unit is second WPA 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Wireless LAN gt Security Settings SSID 1 SSID 2 Mode SSID 3 WPA 802 1x w Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms Pass Phrase OTKIP AES OTKIP AES Key Renewal Interval 3600 seconds PMK Cache Period Pre Authentication WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP WPA Algorithms Key Renewal Interval Click the link of RADIUS minutes Disable Enable Disable Enable Select TKIP AES or TKIP AES as the algorithm for WPA WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the col
9. button Blinking Blink when wireless traffic goes Orange through WPS Button Press this button for 2 seconds to wait for client device making network connection through WPS When the orange LED lights up the WPS will be on Interface Description WAN Connector for accessing the Internet LAN 1 4 Connectors for local networked devices USB Connector for USB storage device Pen Driver Mobile HD or printer or 3G backup Factory Restore the default settings Usage Turn on the router Press the button and keep for more than 10 O seconds Then the router will restart with the factory default configuration ON OFF Power switch PWR Connecter for a power adapter ON E OFF PWR Dray Tek 2 VigorFly 200 Series User s Guide 1 3 Hardware Installation Before starting to configure the router you have to connect your devices correctly 1 Connect this device to a modem with an Ethernet cable 2 Connect the LAN port to your computer with a RJ 45 cable 3 Connect one end of the power adapter to the Power port of this device Connect the other end to the wall outlet of electricity 4 Power on the router 5 Check the ACT WAN and LAN LEDs to assure network connections i J m a impi Power Adapter For the detailed information of LED status please refer to section 1 1 VigorFly 200 Series User s Guide 3 Dr ay T
10. the difference between AC_BE and AC_BK categories must be greater Txop It means transmission opportunity For WMM categories of AC_VI and AC_VO that need higher priorities in data VigorFly 200 Series User s Guide 113 Dr ay Te k ACM AckPolicy OK 4 6 10 Station List transmission please set greater value for them to get highest transmission opportunity Specify the value ranging from 0 to 65535 It is an abbreviation of Admission Control Mandatory It can restrict stations from using specific category class if it is checked Uncheck default value the box means the AP router will answer the response request while transmitting WMM packets through wireless connection It can assure that the peer must receive the WMM packets Click this button to save the configuration Station List provides the knowledge of connecting wireless clients now along with its status code Wireless LAN gt gt Station List Station List MAC Address Add to Access Control Client s MAC Address Display the MAC Address for the connecting client MAC Address SSID Auth Encrypt Refresh Add to Access Control Add Dray Tek Refresh Display the SSID that the wireless client connects to Display the authentication that the wireless client uses for connection with such AP Display the encryption mode used by the wireless client Click this button to refresh the status of sta
11. 192 168 5 1 DHCP Od 21 53 33 Primary DNS Secondary DNS TX Packets RX Packets TX Bytes RX Bytes 168 95 1 1 54456 85991 32644012 49413862 Detailed explanation is shown below LAN Status Dray Tek 26 VigorFly 200 Series User s Guide IP Address TX Packets RX Packets WAN Status IP GW IP Mode Up Time Primary DNS Secondary DNS TX Packets TX Rate RX Packets RX Rate Displays the IP address of the LAN interface Displays the total transmitted packets at the LAN interface Displays the total number of received packets at the LAN interface Displays the IP address of the WAN interface Displays the IP address of the default gateway Displays the type of WAN connection e g PPPoE Displays the total uptime of the interface Displays the primary DNS setting Displays the secondary DNS setting Displays the total transmitted packets at the WAN interface Displays the speed of transmitted octets at the WAN interface Displays the total number of received packets at the WAN interface Displays the speed of received octets at the WAN interface Note The words in green mean that the WAN connection of that interface is ready for accessing Internet the words in red mean that the WAN connection of that interface 1s not 2 6 Saving Configuration ready for accessing Internet Each time you click OK on the web page for saving the configuration you can find messages showing the system interaction with yo
12. Gateway 192 168 1 1 2nd Subnet Mask 255 255 255 0 Lease Time DNS Server IP Address PPPoE Passthrough L DNS Manual Setting C Frimary DNS Serwer 168 95 1 1 Secondary DNS Server 168 95 1 1 76 VigorFly 200 Series User s Guide IP Address Subnet Mask For IP Routing Usage 2 IP Address 2 Subnet Mask PPPoE Passthrough DHCP Server Configuration Enable Server Disable Server Start IP Address End IP Address Subnet Mask Default Gateway Lease Time DNS Manual Setting Primary DNS Address Secondary DNS Address VigorFly 200 Series User s Guide Type in private IP address for connecting to a local private network Default 192 168 1 1 Type in an address code that determines the size of the network Default 255 255 255 0 Click Enable to invoke this function The default setting is Disable Type in secondary IP address for connecting to a subnet Default 192 168 2 1 An address code that determines the size of the network If you want to use PPPoE server in the network via Vigor router please check this box to redirect the PPPoE frames to the specified location DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatch related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your
13. MAC Address Optional Security Mode Encryption Type Pass Phrase Encryption Type Select TKIP or AES as the algorithm for WPA Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by Ox such as 0x321253abcde VigorFly 200 Series User s Guide 111 Dray Tek 4 6 8 AP Discovery Vigor router can scan all regulatory channels and find working APs in the neighborhood Based on the scanning result users will know which channel is clean for usage Also it can be used to facilitate finding an AP for a WDS link Notice that during the scanning process about 5 seconds no client is allowed to connect to Vigor This page is used to scan the existence of the APs on the wireless LAN Yet only the AP which is in the same channel of this router can be found Please click Scan to discover all the connected APs Wireless LAN gt gt Access Point Discovery Access Point List SSID BSSID RSS Channel Encryption Authentication kyeh_vigor2710ne 00 50 7f 62 99 28 10 1 NONE AP_ 0O0_FAE 00 50 7f 9e 60 d 8 0 2 TKIPAES WPAIPSKWPA2PSK SF 00 12 06 37 39 7b 0 3 NONE default 00 14 85 d9 54 89 0 6 NONE PM 00 0e 26 44 94 38 O 11 TKIP WPAPSEK See Channel Statistics Note During the scanning process about 5 seconds no station is allowed to connect with the router AP s MAC Address J O h APs sso e Add to WDS Settings Bridge Repeater Dray Tek SSID Display the S
14. Performing the Firmware Upgrade 133 5 6 Backing to Factory Default Setting If Necessary ccccceeeeeeeeeeeeeeeeeeeeeeeeaeeeeeeeeeeeeeeeeeeeees 136 5 7 Contacting Your Dealer cccccccseeeecccececeeeeseeceeeeeceaeeeseeeeeeeeesseeeaeceeeseuaeseeeeeeeessaaaseeeeeeeeees 136 VigorFly 200 Series User s Guide vii Dr ay Te k Preface VigorFly 200 is a compact broadband router with 802 11n WLAN network Its Ethernet WAN port can connect to VDSL VDSL2 GPON G SHDSL ADSL2 ADSL cable modem while you have fixed line The NAT throughput can easily manage time critical multimedia streaming It s easy for family or friends to hook up PCs via embedded 10 100 Ethernet LAN switch to enjoy multimedia applications Two antennas provide you with speedy WLAN networking If you are out of coverage of fixed line you can directly plug 3 5G USB modem to USB port on VigorFly 200 Or you can use WiMAX USB modem with VigorFly 200 The sharing 3 5G WiMAX connection accommodates adequate downstream upstream capacity for residential needs The integrated 802 1 1n Draft 2 0 WLAN network offers users stable and reliable wireless connections for high speed multimedia and data traffic by means of WMM WiFi Multimedia 1 1 Web Configuration Buttons Explanation Several main buttons appeared on the web pages are defined as the following ols Save and apply current settings Cancel Cancel current settings and recover to the previous
15. SSID Wireless Security Settings Security Mode Enable Wireless LAN Hide SSID SSID Security Mode VigorFly 200 Series User s Guide lt Back Next gt Finish Cancel Check the box to enable the wireless function Check this box to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN It means the identification of the wireless LAN SSID can be any text numbers or various special characters The default SSID is DrayTek We suggest you to change it Choose the wireless mode for this router Disable Disable WEP WPA PSK WPA PSE Mimed WPA WPA2 PSK WEP 802 1x WPA 802 1x WPA2 802 1x Mimxed WPA WPA2 802 1x Each encryption mode will bring out different web page and 19 Dray Tek ask you to offer additional configuration WEP If you choose WEP as the security configuration you have to specify encryption key Key 1 Key 4 and authentication mode open or shared All wireless devices must support the same WEP encryption bit size and have the same key Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID L Wireless Security Settings Security Mode WEP WEP Key 1 Key 2 Key 3 Key 4 Next gt Finish Cancel Key 1 Key 4 Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit e
16. Series User s Guide 55 Dr ay Te k Dray Tek gt RADIUS Server Setup Windows Internet Explorer E http 192 168 1 1Avireless radius asp Radius Server IP Address Port 1812 Shared Secret i Session Timeout 0 Idle Timeout IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second Mixed WPA WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication 56 VigorFly 200 Series User s Guide Wireless LAN gt gt Security Settings SSID 1 SSID 2 Mode SSID 3 Mixed WPA WPA2 802 1x Set up RADIUS Server if 802 1 is enabled WPA WPA Algorithms OTKIP AES OTKIP AES Pass Phrase Key Renewal Interval seconds PMK Cache Period io minutes
17. To ensure the security and privacy of your wireless communication we provide several prevailing standards on market WEP Wired Equivalent Privacy is a legacy method to encrypt each frame transmitted via radio using either a 64 bit or 128 bit key Usually access point will preset a set of four keys and it will communicate with each station using only one out of the four keys WPA Wi Fi Protected Access the most dominating security mechanism in industry is separated into two categories WPA personal or called WPA Pre Share Key WPA PSK and WPA Enterprise or called WPA 802 1x VigorFly 200 Series User s Guide 45 Dray Te k In WPA Personal a pre defined key is used for encryption during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which security suite you select they all will enhance the over the air data protection and or privacy on your wireless network The Vigor wireless router is very flexible and can support multiple secure connections with both WEP and WPA at the same time Below shows the menu items for Wireless LAN t Wireless LAN General Setup Security Station List 3 5 2 General Setup By c
18. Wizard Q Notice Quick Start Wizard for user mode operation is the same as for admin mode operation If your router can be under an environment with high speed NAT the configuration provide here can help you to deploy and use the router quickly The first screen of Quick Start Wizard is welcome page please click Next Quick Start Wizard Welcome to the Quick Start Wizard The next steps will guide you through a basic setup of the dewice If you want more advanced setup you should consider setting the dewice up manually e Step 1 Setup the Password Step 2 Setup the Time and Date Step 3 Setup the Internet connection WAN Step 4 Setup the Wireless Wi Fi Step 5 Save the configuration 2 4 1 Setting up the Password The first screen of Quick Start Wizard is entering login account and password After typing a new password please click Next Quick Start Wizard Administration Password Account Password Dray Tek 12 VigorFly 200 Series User s Guide 2 4 2 Setting up the Time and Date On the next page as shown below please select the Time Zone for the router installed and specify the NTP server s Then click Next for next step Quick Start Wizard Time and Date Current Time Sat Jan 1 00 16 44 UTC 2000 Inquire Time Time Zone GMT 11 00 Midway Island Samoa NTP Server NTP synchronization 2 4 3 Setting up the Internet Connection On the next page as shown below please select the
19. accessing protocol of the internet please choose PPTP L2TP from Connection Type drop down menu The following web page will be shown WAN gt gt Internet Access WAN IP Configuration Connection Type L TP Settings Server IP Username Password WAN IP Network Settings IP Address Subnet Mask Default Gateway Redial Policy MAC Address Clone 192 168 3 1 192 168 3 254 Always On Connect On Demand Mode Idle Time 5 minutes Server IP User Name Password Address Mode IP Address Subnet Mask Default Gateway Redial Policy MAC Address Clone VigorFly 200 Series User s Guide Tanca Type in the IP address of the PPTP L2TP server Type in the username provided by ISP in this field Type in the password provided by ISP in this field You can choose Static IP or DHCP as WAN IP network setting Type the IP address if you choose Static IP as the WAN IP network setting Type the subnet mask if you chose Static IP as the WAN IP Type the gateway address for this router If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Connect on Demand Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MAC Address Clone is available when the box of Enable is checked The router will detect the MAC
20. address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated into one public IP address thus you can have only one IP address on behalf of the entire internal hosts Enhance security of the internal network by obscuring the IP address There are many attacks aiming victims based on the IP address Since the attacker cannot be aware of any private IP addresses the NAT function can protect the internal network On NAT page you will see the private IP address defined in RFC 1918 Usually we use the 192 168 1 0 24 subnet for the router As stated before the NAT facility can map one or more IP addresses and or service ports into different specified services In other words the NAT function can be achieved by using port mapping methods Below shows the menu items for NAT NAT Open Port DMZ Host Session Limit VigorFly 200 Series User s Guide 79 Dr ay Te k 4 3 1 Open Ports Open Ports allows you to open a range of ports for the traffic of special applications Common application of Open Ports includes P2P application e g BT KaZaA Gnutella WinMX eMule and others Internet Camera etc Ensure that you keep the application involved up to date to avoid falling victim to any security exploits NAT gt gt Open Port Virtual Server Settings Virtual Server Settings Protocol Public Port Range Local IP Address Local Port Comment The maximum
21. appropriate connection type according to the information from your ISP There are five types offered in this page Each connection type will bring out different web page Quick Start Wizard WAN IP Configuration Connection Type DHCP Mode Router Name MAC Address Clone Enabled VigorFly 200 Series User s Guide 13 Dr ay Te k Static IP You will receive a fixed public IP address or a public subnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface Quick Start Wizard WAN IP Configuration Connection Type Static IP Settings IP Address Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server MAC Address Clone Enabled IP Address Subnet Mask Default Gateway Primary DNS Server Secondary DNS Server Enable MAC Address Clone Static IP 197 168 5 30 192 168 5 1 168 95 1 1 Type the IP address Type the subnet mask Type the gateway IP address Type in the primary IP address for the router Type in secondary IP address for necessity in the future The router will detect the MAC address automatically Or check the box to enable MAC address cloning It is available when the box of Enabled is checked Click MAC Address Clon
22. before Manually enter the MAC address of wireless client Add anew MAC address into the list Delete the selected MAC address in the list Edit the selected MAC address in the list Give up the access control set up 104 VigorFly 200 Series User s Guide OK Click it to save the access control list Cancel Clean all entries in the MAC address list 4 6 5 WPS WPS Wi Fi Protected Setup provides easy procedure to make network connection between wireless station and wireless access point vigor router with the encryption of WPA and WPA2 It is the simplest way to build connection between wireless network clients and vigor router Users do not need to select any encryption mode and type any long encryption passphrase to setup a wireless client every time He she only needs to press a button on wireless client and WPS will connect for client and router automatically Wireless Card Installed Connection via WPS C EE E S E E a i e a Station Set SSID and lt gt Encryption WPA WPA2 lt gt PIN Code Note Such function is available for the wireless station with WPS supported There are two methods to do network connection through WPS between AP and Stations pressing the Start PBC button or using PIN Code On the side of VigorFly 200 series which served as an AP press WPS button once on the front panel of the router or click Start PBC on web configuration interface On the side of a station with ne
23. examples for other operation systems please refer to the similar steps or find support notes in www draytek com 1 Goto Control Panel and then double click on Network Connections Webatork Connections 2 Right click on Local Area Connection and click on Properties i Disable a Status ___J Repair Bridge Connections Create Shortcut Rename Properties E 3 Select Internet Protocol TCP IP and then click Properties ethO Properties General Authentication Advanced Dray Tek Connect using E9 ASUSTeK Broadcom 440k 10 100 Ir Configure This connection uses the following items iw el Client for Microsoft Networks w File and Printer Sharing tor Microsoft Networks w los Packet Scheduler ag ntemmet Protocol TCP YIP R Install Lliairretall Properties Description Transmission Control Protocolslnternet Protocol The default Wide area network protocol that provides communication across diverse interconnected networks Show icon in notification area when connected Motty me when this connection has limited or no connectivity 128 VigorFly 200 Series User s Guide 4 Select Obtain an IP address automatically and Obtain DNS server address automatically Internet Protocol TCP IP Properties General _Altemate Configuration i You can get IF settings assigned automatica
24. licensed software of other vendors Defects which do not significantly affect the usability of the product will not be covered by the warranty We reserve the right to revise the manual and online documentation and to make changes from time to time in the contents hereof without obligation to notify any person of such revision or changes Web registration is preferred You can register your Vigor router via http www draytek com Due to the continuous evolution of DrayTek technology all routers will be regularly upgraded Please consult the DrayTek web site for more information on newest firmware tools and documents http www draytek com i Dray Tek European Community Declarations Manufacturer DrayTek Corp Address No 26 Fu Shing Road HuKou County HsinChu Industrial Park Hsin Chu Taiwan 303 Product VigorFly 200 Series Router DrayTek Corp declares that VigorFly 200 is in compliance with the following essential requirements and other relevant provisions of R amp TTE Directive 1999 5 EEC The product conforms to the requirements of Electro Magnetic Compatibility EMC Directive 2004 108 EC by complying with the requirements set forth in EN55022 Class B and EN55024 Class B The product conforms to the requirements of Low Voltage LVD Directive 2006 95 EC by complying with the requirements set forth in EN60950 1 Regulatory Information Federal Communication Commission Interference Statement This equipment has been t
25. most popular DDNS service providers such as www dyndns org www no ip com www dtdns com www changeip com www dynamic nameserver com You should visit their websites to register your own domain name for the router Applications gt gt Dynamic DNS Dynamic DNS configuration Service Provider Domain name Username Password Cancel Service Provider Select the service provider for the DDNS account If you choose None such function will be disabled Domain name Type in one domain name that you applied previously Use the drop down list to choose the desired domain Username Type in the login name that you set for applying domain Password Type in one domain name that you applied previously Use the drop down list to choose the desired domain Click OK button to activate the settings You will see your setting has been saved 3 5 Wireless LAN 3 5 1 Basic Concepts Over recent years the market for wireless communications has enjoyed tremendous growth Wireless technology now reaches or 1s capable of reaching virtually every location on the surface of the earth Hundreds of millions of people exchange information every day via wireless communication products The Vigor router is designed for maximum flexibility and efficiency of a small office home Any authorized staff can bring a built in WLAN client PDA or notebook into a meeting room for conference without laying a clot of LAN cable or drilling Dray Tek 44 VigorFl
26. saved settings Clear Clear all the selections and parameters settings including selection from drop down list All the values must be reset with factory default settings Add Add new settings for specified item Edit Edit the settings for the selected item Delete Delete the selected item with the corresponding settings Note For the other buttons shown on the web pages please refer to the following chapters for detailed explanation VigorFly 200 Series User s Guide l Dr ay Te k 1 2 LED Indicators and Connectors Before you use the Vigor router please get acquainted with the LED indicators and connectors first Status Explanation The system is not ready or is failed Blinking The system is ready and can work normally A USB device is connected and active Blinking The data is transmitting WAN The WAN port is connected Blinking It will blink while transmitting data LAN 1 4 On A normal connection is through its corresponding port DrayTek LAN is disconnected VigorFly 200 Blinking Data is transmitting sending receiving ACT WLAN Wireless access point is ready Green Wireless access point is not ready LED on Blinking Blink when wireless traffic goes WLAN Green through button WPS The WPS is off Orange Blinking Blink with 1 second cycle for 2 LED on Orange minutes WPS is enabled and waiting WLAN for wireless client to connect with it
27. the Internet CONNECTION cc ceececcccceccceseeeeeeeeeeseeseeeeeeeeeesaeeeseeeeeesessaaaaeeeeess 13 2 4 4 Setting up the Wireless CONNECTION cccecccccccceeccaeeseeeeeeeeeeeaeeesseeeeeeesaaaseeeeeeeeessaaaeeees 19 2 4 5 Saving the Wizard Configuration ccccccccccceeceseeseeeeeeeeeseeeeeeeceeeeeseeeeeeceeseessaaaeeeeeeess 26 PERE tc 116 o ee eet een nn E eee Rete E E ee eee eee 26 2 6 SAVING CONFIQUIATION ccccceccccsseeseeceeeeeeeaeeeesecceeeeesaaeeeeeeeeeseaseaseeeceeeesesaeaaeeeeeeeesssaaaeeseeeees 27 User Mode ORT AOI iessen eranan i EE raa aa 29 ANAD a ee eee ee eee 29 3 1 1 NU MI NCC OS otras ec fad state tela e amtedisechna a R 31 Pa eG il BAe 0 0 eee ene een ee ee eee 37 Z EAN eee eee ee ee ee ee ee ee ee 38 MARE E E MN SO E A E EAA E AA oncaeaiyae cana selon AA E A EA 39 eG NAT a E E E eee ee ee 41 SS ONEONE EA E A 41 Oe DZ HO e E actacn oouaeseeranadeesenseandea cea 42 3 AAD DU CANONS sasssa aE E EAE AE EET E Ari AEAN Ea EERE 44 ga OY WANS DN pre E E E 44 FEN IE CLAN aea a E E 44 Tar 2 O 78 g 6 ra E ee a eee eee 44 CRAE 91 2 ESE 0 o Reine epee eee eS ee eco en ce eee eee ee eee ee 46 So fo fo EAI E ee ee E E eee ee E ee ee ee 48 Bese UMIVETSAL VCO G ALON anti tusssancenamannin susimnetaunstadia a 58 Fo Foro E gt 1 6 i gt Ree rR eee eee eee eee eee 60 VigorFly 200 Series User s Guide v Dr ay Te k 3 6 System MAINtENANCE cccccccccessseeceeeeeceaeees
28. we ee we eee ee a a m The major difference between these two modes is that while in Repeater mode the packets received from one peer AP can be repeated to another peer AP through WDS links Yet in Bridge mode packets received from a WDS link will only be forwarded to local wired or wireless hosts In other words only Repeater mode can do WDS to WDS packet forwarding In the following examples hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links However hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2 so a a WDS Link Host with Host with _ Host with bridge Interface 1 bridge Interface 2 bridge Interface 3 Click WDS from Wireless LAN menu The following page will be shown Dray Tek 108 VigorFly 200 Series User s Guide Wireless LAN gt WDS Settings WDS Settings Mode Security Key Security Disabled WEP OTKIP OaAesS ee Key Peer Mac Address N OO Mode Security Key Peer Mac Address Phy Mode OK VigorFly 200 Series User s Guide Bridge Mode Disable Bridge Mode Repeater Mode Disabled WEP OTKIP O AES Peer Mac Address Phy Mode CEK w Security O Disabled WEP TKIP QO AES Loo Peer Mac Address E E a D Aa E E Security O Disabled WEP OTKIP AES Peer Mac Address OO CO Choose the mode for WDS setting Disable mode will n
29. which is provided and required by some ISPs Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP Type the PPP username optional Type the PPP password optional 74 VigorFly 200 Series User s Guide 4 2 LAN Local Area Network LAN is a group of subnets regulated and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP FLAN General Setup Static Route Basics of LAN The most generic function of Vigor router is NAT It creates a private subnet of your own As mentioned previously the router will talk to other public hosts on the Internet by using public IP address and talking to local hosts by using its private IP address What NAT does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding Internet a Public IP Address Private Subnet Router IP Addres DHCP Server SELCLLLI In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that you can set up a public subnet or call second subnet that each host is equipped with a public IP address As a part of the public subnet the Vigor r
30. widely accepted standards PPP and Ethernet It connects users through an Ethernet to the Internet with a common broadband medium such as a single DSL line wireless device or cable modem All the users over the Ethernet can share a common connection PPPoE is used for most of DSL modem users All local users can share one PPPoE connection for accessing the Internet Your service provider will provide you information about user name password and authentication mode VigorFly 200 Series User s Guide ifs Dr ay Te k If your ISP provides you the PPPoE connection please select PPPoE for this router The following page will be shown Quick Start Wizard WAN IP Configuration Connection Type PPPoE Settings Username Password Confirm Password Redial Policy MAC Address Clone Enabled User Name Password Confirmed Password Redial Policy MAC Address Clone Always On w Connect On Demand Mode Idle Time 5 minutes d i Assign a specific valid user name provided by the ISP Assign a valid password provided by the ISP Type the password again for confirmation If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Always On Always On Connect On Deman d Always On Choose it to enable router always keep connection Connect On Demand If the connection has been idled over the value the router will drop the connection Idle Time Set the t
31. will detect the MAC address automatically The result will be displayed in the field of MAC Address Dray Tek 36 VigorFly 200 Series User s Guide MAC Address Clone Enabled CIE MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them 3 1 2 3G Backup This page is used to setup 3G backup function If you enable 3G backup make sure your WAN connection type is not in 3G mode When the WAN connection is broken router will try to keep the connection with 3G mode After WAN connection is recovered router will disconnect the 3G connection automatically WAN gt gt 3G backup 3G Backup Configuration C Enable 3G Backup SIM PIN code Modem Initial String default AT amp F Modem Initial String ATEOV1X18D28C150 0 default ATEOQV1X1 amp D28 amp C150 0 APN Name internet default internet Modem Dial String ATDT 99 default ATDT 99 PPP Usemame PPP Password Enable 3G Backup Check this box to enable the 3G backup feature SIM PIN code Type PIN code of the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please cont
32. with restrictions in France Please see the user manual for the applicable networks on your product Dray Tek iv VigorFly 200 Series User s Guide Table of Contents 1 PR CTACC coea E E EEE 1 1 1 Web Configuration Buttons Explanation cccccccccccccceseeeeeeeeeeeeeeeeeeaeeeeeeeeessaeaeeeeeeeeesssaaaaeees 1 1 2 LED Indicators and Connectors 2 0 0 cccceeecccceeeceeeeeeeeeeeeeeeaeeseeeceeeeesseaeseueeeesssaaeseeeeeeesssuaaaeses 2 1 3 Hardware Installation jatasctniscaectanosicmqeslecissateucieniicinvtosoaieiicsionat avnedeeuend osuitelsadind dandoedanseccenanbeessauneeecasiens 3 Mee FAL AS UIO ae en A baa edeuncoaeonnids aseoumubiomdaauieidawnens 4 Configuring Basic Settings ccscscecssseesesseeceseecsseseeneeeeenseseeneesenseesensessoaes 9 2 1 Two Level Managemen t cccccccsssecccesseeecceeseeessaueeecsaueecseuseeessaeeecsaueeeessgeeeessageeessaneeessages 9 2 2 Accessing Web Page sercsscmensnreerinns irais rE EEEE AAEREN Eria 9 2 3 Changing Password ccccccceeccsseseeceeeeeecaaeeeceeeeeesaeeesseeeeeeeseeaeaaeeeeeeessseeaseseeessssaaaeeeeeeeeees 10 24 UIE Star Wiza in a wneanantbirden aia anaimantwnpanatiniersiatansnmigecnds 12 2 4 1 Setting up the PASSWONG o2scassciadctasneszascelsasexaedeieesandevedesseleocgetededsesasseedebaseecanavierdedexsanleeesees 12 2 4 2 Setting up the Time and Date cccccccccsssseeeeeceeseceeeeseeeeeeeeeeeeeeeeeeeaaeeeeessaageeesesaaseeess 13 2 4 3 Setting up
33. your computer s infrared port and turn the printer on Server Properties D 2 Sea Windows will automatically install the printer for you Set Up Faxing To continue click Next Create Shortcut Delete Rename EERE Cancel Close 4 Add Printer Wizard Local or Network Printer The wizard needs to know which type of printer to set up _ Automatically detect and install my Plug and Play printer O A network printer or a printer attached to another computer e Tosetup a network printer that is not attached to a print server LD use the Local printer option 5 In this dialog choose Create a new port Type of port and use the drop down list to select Standard TCP IP Port Click Next Add Printer Wizard Select a Printer Port Computers communicate with printers through ports Select the port you want your printer to use If the port is not listed you can create a new port Use the following port LPT Recommended Punter Port Note Most computers use the LPT 1 port to communicate witha local printer g The connector for this port should look somethina like this Create a new port Type of port Standard TCP IP Port VigorFly 200 Series User s Guide 5 Dr ay Tek 6 In the following dialog type 192 168 1 1 router s LAN IP in the field of Printer Name or IP Address and type IP_192 168 1 1 as the port name Then click Next Add Standard TC
34. your printer came with an installation disk click Have Disk If your printer is not listed consult your printer documentation for compatible printer software Manufacturer paves AST o a e v This driver is digitally signed Windows Update Tell me why driver signing is important 10 For the final stage you need to go back to Control Panel gt Printers and edit the property of the new printer you have added amp Brother HL 1070 Properties General Sharing Ports Advanced Device Settings _ 8 Brother HL 1070 Print to the following ports Documents will print to the first free checked port Port Description Printer O 3 250 Standard TCP IP Port Epson Stylus COLOR 1160 O P_1 Standard TCP IP Port O IF_1 Standard TCP IP Port HP Laserdet 1300 O P_1 Standard TCP IP Port O P_1 Standard TCP IP Port M IP_1 Standard TCPAP Port Brother HL 1070 O PDF Local Port PDF995 Cw 11 Select LPR on Protocol type p1 number 1 as Queue Name Then click OK Next please refer to the red rectangle for choosing the correct protocol and UPR name Configure Standard CP IP Port Monitor Port Settings Port Name IP_192 168 1 1 Printer Name or IP Address 192 168 1 1 Protocol Baw LPR Raw Settings LPR Settings Queue Name CILPR Byte Counting Enabled C SNMP Status Enabled L i
35. 0 VigorFly 200 Series User s Guide ANRA Terminal bash Last logi s Sot don 3 B224118 on ttypi Welcome to Barwin Vigorla draytekd ping 192 165 1 1 PING 192 166 1 1 192 168 1 1 56 dota bytes 64 bytes from 192 165 1 1 icmp seg 8 trl 255 tinmesH 755 me 64 bytes from 192 166 1 1 icmp seg 1 ttl 755 timesB 697 me 64 bytes from 192 165 1 1 icmp_seg 2 ttl 255 timesh 716 m 64 bytes from 192 168 171 icmp seg 3 ttl 255 tinesh 7S1 ie 64 bytes from 192 165 1 1 icmp seget ttl 255 timesB 72 ME AC 197 165 1 1 ping statistics E pockets transmitted 5 packet received BM pocket loss round trip minfava may B 697 A 725 6 755 ME Vigoria draytekt f 5 4 Checking If the ISP Settings are OK or Not Open WAN gt gt Internet Access page and then check whether the ISP settings are set correctly Use the Connection Type drop down list to choose Static IP DHCP PPPoE PPTP L2TP for reviewing the settings that you configured previously gt WAN internet Access 3G Backup WAN gt Internet Access WAN IP Configuration Connection Type Static IP DHCP Settings PPPoE L2TP PPTP 3G USB Modem Router Name MAC Address Clone VigorFly 200 Series User s Guide 131 Dray Tek For Static Users 1 Choose Static IP as the connection type WAN gt gt Internet Access WAN IP Configuration Connection Type Static IP Settings IP Address Subnet Mask 200 200 200 0 Default Gateway 192 168 5 1 Primary
36. 2 1 is enabled WPA WPA Algorithms OTKIP AES OTKIP AES Pass Phrase Key Renewal Interval seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP Disable Enable OK WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal WPA uses shared key for authentication to the network Interval However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Click the link of RADIUS Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer http 192 168 1 1Avirelessradius asp Radius Server IP Address Port 1812 Shared Secret Session Timeout o Idle Timeout o IP Address Port Shared Secret VigorFly 200 Series User s Guide Enter the IP address of RADIUS server The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret 0 Dray Tek Session Timeout Idle
37. 55 255 0 Default Gateway 192 168 5 1 Primary DNS 168 95 1 1 Secondary DNS 00 50 7F 22 33 44 192 168 1 1 255 255 255 0 00 50 7F 22 33 44 DrayTek 6 Display the model name of the router Display the firmware version of the router Display the date and time of the current firmware build Display current time and date for the system server Display the connection time for the system server Display the connection mode for the router Display the total dynamic RAM size for the whole system Display the remaining RAM size for the whole system Display the MAC address of the LAN or WAN or WLAN Interface Display the MAC address of the LAN or WAN Interface Display the subnet mask address of the LAN or WAN 61 Dray Tek interface Device Type Display the device type used for wireless LAN SSID Display the SSID of this router Channel Display the channel that wireless LAN used Connected Type Display the network connection type for this router Link Status Display if current network is connected or not Default Gateway Display the gateway address of the WAN interface Primary DNS Display the specified primary DNS setting Secondary DNS Display the specified secondary DNS setting 3 6 2 User Password This page allows you to set new password for user operation System Maintenance gt User Password User Settings Account Type in the name for login Password Type in new password in this filed When yo
38. 7MHz Chan 2462MHz Channe 246 MHz Chan Click it to save and apply such setting This feature can enhance the performance in data transmission about 40 more by checking Tx Burst It is active only when both sides of Access Point and Station in wireless client invoke this function at the same time That is the wireless client must support this feature and invoke the function too Note Vigor N61 wireless adapter supports this function Therefore you can use and install it into your PC for matching with Packet OVERDRIVE refer to the following picture of Vigor N61 wireless utility window choose Enable for TxBURST on the tab of Option If such mode is enabled the access point can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to service all wireless stations within its coverage Check this box to enable the function Besides it will be displayed on the Wireless LAN for you to access for detailed configuration r Wireless LAN General Setup Security Access Control WPS WDS AF Discovery Universal Repeater WMM Configuration Station List Open Wireless LAN gt gt Universal Repeater Please refer to the corresponding section for detailed information 94 VigorFly 200 Series User s Guide 4 6 3 Security This page allows you to set security with d
39. 802 1x Set up RADIUS Server if 802 1 is enabled WPA WPA Algorithms OTKIP AES TKIP AES Pass Phrase Key Renewal Interval seconds PMK Cache Period minutes Pre Authentication Disable Enable WEP Key 1 CY Key 2 Key 3 Key 4 Cd 802 1x WEP Disable Enable WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal WPA uses shared key for authentication to the network Interval However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With the pre authentication procedure defined in IEEE 802 111 specification the pre four way handshake can reduce handoff delay perceivable by a mobile node It makes roaming faster and more secure Only valid in WPA2 Enable Enable IEEE 802 1X Pre Authentication Disable Disable IEEE 802 1X Pre Authentication Click the link of RADIUS Server to access into the following page for more settings VigorFly 200
40. DNS Server 168 95 1 1 Secondary DNS Serwer MAC Address Clone Enabled 2 Check if IP Address IP Mask and IP Router are set correctly must identify with the values from your ISP For PPPoE Users 1 Choose PPPoE as the connection type WAN gt gt Internet Access WAN IP Configuration Connection Type PPPoE Settings Username fo Password Fo Confirm Password Redial Policy Always On Connect On Demand Mode Idle Time 5 minutes MAC Address Clone Enabled F 2 Check if Username and Password are set correctly must identify with the values from your ISP Dray Te k 132 VigorFly 200 Series User s Guide For PPTP L2TP Users l Choose PPTP L2TP as the connection type WAN gt Internet Access WAN IP Configuration Connection Type L TP Settings Server IP Username Password WAN IP Network Settings IP Address 192 168 3 1 Subnet Mask Default Gateway 192 168 3 254 Redial Policy Always On w Connect On Demand Mode Idle Time 5 minutes MAC Address Clone Enabled O OK Check if Username Password IP address Subnet Mask are entered with correct values that you get from your ISP 5 5 Forcing Vigor Router into TFTP Mode for Performing the Firmware Upgrade l So ee eS 10 Press and hold the Factory Reset button The system will power off and power on the Vigor Router Release the Factory Reset button when the ACT LED and its neighbor LED
41. Date Sat Jan 1 00 49 30 2000 gt NAT System Uptime Od 00 49 30 gt Applications Operation Mode Gateway Mode gt Wireless LAN gt System Maintenance System WAN gt Diagnostics Memory total 30076 kB Connected Type DHCP Memory left 16880 kB Link Status Connected MAC Address 00 50 7F 22 33 45 Application Note IP Address 192 168 5 21 FAQ LAN IP Mask 255 255 255 0 Product Registration MAC Address 00 50 7F 22 33 44 Default Gateway 192 168 5 1 Logout IP Address 192 168 1 1 Primary DNS 168 95 1 1 OA IP Mask 255 255 255 0 Secondary DNS All Right Reserved Wireless MAC Address 00 50 7F 22 33 44 SSID DrayTek Channel 6 Main screen for user mode operation simple configuration Note The home page will change slightly in accordance with the type of the router you have 10 VigorFly 200 Series User s Guide 3 To change the password please access into Admin Mode Then go to System Maintenance page and choose Administration Password System Maintenance gt gt Administration Password Adminstrator Settings Account admin Password Coe Apply 4 Type new user name in the field of Account and new password in the field of Password Then click OK to continue 5 Now the password has been changed Next time use the new username password to access the Web Configurator of this router Username Password VigorFly 200 Series User s Guide 11 Dr ay Te k 2 4 Quick Start
42. N packets for a period defined in Timeout The goal for this is prevent the TCP SYN packets attempt to exhaust the limited resource of Vigor router By default the threshold and timeout values are set to 50 packets per second and 10 seconds respectively Check the box to activate the UDP flood defense function Once detecting the Threshold of the UDP packets from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent UDP packets for a period defined in Timeout The default setting for threshold and timeout are 150 packets per second and 10 seconds respectively Check the box to activate the ICMP flood defense function Similar to the UDP flood defense function once if the Threshold of ICMP packets from Internet has exceeded the defined value the router will discard the ICMP echo requests coming from the Internet The default setting for threshold and timeout are 50 packets per second and 10 seconds respectively Port Scan attacks the Vigor router by sending lots of packets to many ports in an attempt to find ignorant services would respond Check the box to activate the Port Scan detection Whenever detecting this malicious exploration behavior the Vigor router will send out a warning Check the box to activate the Block Ping of Death function This attack involves the perpetrator sending overlapping packets to the target hosts so that those target hosts will hang once they re co
43. OK to activate them PPTP L2TP To use PPTP L2TP as the accessing protocol of the internet please choose PPTP L2TP from Connection Type drop down menu The following web page will be shown VigorFly 200 Series User s Guide k Dray Tek WAN gt gt Internet Access WAN IP Configuration Connection Type L TP Settings Server IP Username Password WAN IP Network Settings IP Address Subnet Mask Default Gateway Redial Policy MAC Address Clone Enabled Static 192 168 3 1 293 295 235 0 192 168 3 254 Always On Connect On Demand Mode Idle Time minutes Server IP User Name Password Address Mode IP Address Subnet Mask Default Gateway Redial Policy MAC Address Clone Dray Tek Type in the IP address of the PPTP L2TP server Type in the username provided by ISP in this field Type in the password provided by ISP in this field You can choose Static IP or DHCP as WAN IP network setting Type the IP address if you choose Static IP as the WAN IP network setting Type the subnet mask if you chose Static IP as the WAN IP Type the gateway address for this router If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Connect on Demand ha Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value he
44. P IP Printer Port Wizard Add Port For which device do you want to add a port Enter the Printer Name or IP address and a port name for the desired device Printer Name or IP Address 192 168 1 1 Port Name IP_192 168 1 1 7 Click Standard and choose Generic Network Card Add Standard TCP IP Printer Port Wizard Additional Port Information Required The device could not be identified The detected device is of unknown type Be sure that 1 The device is properly configured 2 The address on the previous page is correct Either correct the address and perform another search on the network by returning to the previous wizard page or select the device type if you are sure the address is corect 8 Completing the Add Standard TCP IP Printer Port Wizard You have selected a port with the following charactenstics SNMP No Protocol RAW Pot 100 Device 192 168 1 1 Pot Name IP_192 168 1 1 Adapter Type Generic Network Card To complete this wizard click Finish j Cancel Dray Tek 6 VigorFly 200 Series User s Guide 9 Now your system will ask you to choose right name of the printer that you installed onto the router Such step can make correct driver loaded onto your PC When you finish the selection click Next Add Printer Wizard Install Printer Software The manufacturer and model determine which printer software to use Select the manufacturer and model of your printer If
45. P mode Wireless LAN gt Universal Repeater Universal Repeater Parameters SSID MAC Address Optional Security Mode Encryption Type WEP Keys Key 1 Key 2 Key 3 O Key 4 SSID Set a name for the router to be identified MAC Address Optional Type the MAC address of the Access Point that VigorFly 200 wants to connect to Security Mode There are several modes provided for you to choose Each mode will bring up different parameters e g WEP keys Pass Phrase for you to configure 110 VigorFly 200 Series User s Guide Open Shared Mode Wireless LAN gt Universal Repeater Universal Repeater Parameters SSID MAC Address Optional Security Mode Encryption Type WEP Keys Key 1 Key 2 Key 3 Key 4 Cancel Encryption Type Choose None to disable the WEP Encryption Data sent to the AP will not be encrypted To enable WEP encryption for data transmission please choose WEP WEP Keys Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and WPA PSK Mode and WPA2 PSK Mode Wireless LAN gt Universal Repeater Universal Repeater Parameters SSID
46. PPP username optional Type the PPP password optional MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them VigorFly 200 Series User s Guide 7 Dray Tek 4 1 2 3G Backup This page is used to setup 3G backup function If you enable 3G backup make sure your WAN connection type is not in 3G mode When the WAN connection is broken router will try to keep the connection with 3G mode After WAN connection is recovered router will disconnect the 3G connection automatically WAN gt gt 3G backup 3G Backup Configuration C Enable 3G Backup SIM PIN code Modem Initial String1 Moder Initial Stringz APN Name Modem Dial String PPP Username PPP Password Enable 3G Backup SIM PIN code Modem Initial String1 2 APN Name Modem Dial String PPP Username PPP Password Dray Tek default AT amp F default ATEOV1X1 amp D2 amp C1S0 0 default internet default ATDT 95 Check this box to enable the 3G backup feature Type PIN code of the SIM card that will be used to access Internet Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN means Access Point Name
47. RL y Web Content Filter At present there are three content filters offered here for you to choose Check Proxy Java or ActiveX and click OK The system will filter and block the web pages according to the item you specified here Web URL Filter Settings URL type the URL of the web site in the field of URL and click Add The new link with the URL you specified will be shown on this page The system will filter and block the web pages according to the item you specified here Dray Tek 86 VigorFly 200 Series User s Guide Firewall gt gt Content Filtering Web Content Filter Filters O Proxy O Java O Activex Co Cera Web URL Filter Settings Current Web URL Filters No URL Add a URL filter uR Canal To delete the URL setting simply click that one and click Delete to remove it Firewall gt gt Content Filtering Web Content Filter Filters O Proxy O Java O Activex Web URL Filter Settings Current Web URL Filters o No URL 10 www hotmial com Dae Cancel Add a URL filter jur aad Caneel 4 5 Applications Below shows the menu items for Applications r Applications Dynamic DNS 302 1d Spanning Tree ITD IGMP UPnP 4 5 1 Dynamic DNS The ISP often provides you with a dynamic IP address when you connect to the Internet via your ISP It means that the public IP address assigned to your router changes each time you acc
48. S proxy server and maintain a DNS cache If the IP address of a domain name is already in the DNS cache the router will resolve the domain name immediately Otherwise the router forwards the DNS query packet to the external DNS server by establishing a WAN e g DSL Cable connection After finishing all the settings here please click OK to activate them 3 3 NAT Usually the router serves as an NAT Network Address Translation router NAT is a mechanism that one or more private IP addresses can be mapped into a single public one Public IP address is usually assigned by your ISP for which you may get charged Private IP addresses are recognized only among internal hosts When the outgoing packets destined to some public server on the Internet reach the NAT router the router will change its source address into the public IP address of the router select the available public port and then forward it At the same time the router shall list an entry in a table to memorize this address port mapping relationship When the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes Save cost on applying public IP address and apply efficient usage of IP address NAT allows the internal IP addresses of local hosts to be translated int
49. SID of the AP scanned by this router BSSID Display the MAC address of the AP scanned by this router RSSI Display the signal strength RSSI is the abbreviation of Receive Signal Strength Indication Channel Display the wireless channel used for the AP that is scanned by this router Encryption Display the encryption mode for the scanned AP Authentication Display the authentication type that the scanned AP applied Scan It is used to discover all the connected AP The results will be shown on the box above this button Statistics It displays the statistics for the channels used by APs AP s MAC Address If you want the found AP applying the WDS settings please type in the AP s MAC address AP s SSID To specify an AP to be applied with WDS settings you can specify MAC address or SSID for the AP Here is the place that you can type the SSID of the AP Add Click Bridge or Repeater for the specified AP Next click Add Later the MAC address of the AP will be added and be shown on WDS settings page 112 VigorFly 200 Series User s Guide 4 6 9 WMM Configuration WMM is an abbreviation of Wi Fi Multimedia It defines the priority levels for four access categories derived from 802 1d prioritization tabs The categories are designed with specific types of traffic voice video best effort and low priority data There are four accessing categories AC_BE AC_BK AC_VI and AC_VO for WMM APSD automatic power save delivery is a
50. Timeout 4 6 4 Access Control Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Set the maximum time that a wireless device may remain idle The unit is second For additional security of wireless access the Access Control facility allows you to restrict the network access right by controlling the wireless LAN MAC address of client Only the valid MAC address that has been configured can access the wireless LAN interface By clicking the Access Control a new web page will appear as depicted below so that you could edit the clients MAC addresses to control their access rights deny or allow Wireless LAN gt Access Control SSID 1 SSID 2 SSID 3 Policy Index MAC Address Filter MAC Address 12 34 12 34 11 51 Client s MAC Address r Policy MAC Address Filter Client s MAC Address Add Delete Edit Cancel Dray Tek Select to enable any one of the following policy or disable the policy Choose Activate MAC address filter to type in the MAC addresses for other clients in the network manually Choose Isolate WLAN from LAN will separate all the WLAN stations from LAN based on the MAC Address list Activate MAC address filter yaa MAC address filter Blocked MAC address filter Display all MAC addresses that are edited
51. VigorFly 200 Series User s Guide 7 Dr ay Tek The printer can be used for printing now Most of the printers with different manufacturers are compatible with vigor router Note 1 Some printers with the fax scanning or other additional functions are not supported If you do not know whether your printer is supported or not please visit www draytek com to find out the printer list Open Support gt FAQ find out the link of Printer Server and click it then click the What types of printers are compatible with Vigor router link About DrayTek Products Support Partners Contact Us Home gt Support gt FAQ FAQ Basic FAQ 01 What are the differences among these firmware file formats Basic How could get the telnet command for routers Advanced How can backup restore my configuration settings VPN DHCP How do reset clear the router s password How to bring back my router to its default value VETAS SE VoIP How do tell the type of my Vigor Router is AnnexA or AnnexB For ADSL model only QoS Ways for firmware upgrade ISDN Why is SNMP removed in firmware 2 3 6 and above for Vigor2200 Series routers Firewall IP Filter 09 failed to upgrade Vigor Router s firmware from my Mac machine constantly what should aes 7 do Printer Server 10 How to upgrade firmware of Vigor Router remotely Hee Ve Me 11cR FAQ Printer Se
52. WiFi Router Wey Tek gorFly200 _ Your reliable networking solutions partner User s Guide V1 0 VigorFly 200 Wi Fi Router User s Guide Version 1 0 Date 01 02 2010 Dr ay Tek ii VigorFly 200 Series User s Guide Copyright Information Copyright Declarations Trademarks Copyright 2010 All rights reserved This publication contains information that is protected by copyright No part may be reproduced transmitted transcribed stored in a retrieval system or translated into any language without written permission from the copyright holders The following trademarks are used in this document Microsoft is a registered trademark of Microsoft Corp e Windows Windows 95 98 Me NT 2000 XP Vista and Explorer are trademarks of Microsoft Corp Apple and Mac OS are registered trademarks of Apple Inc Other products may be trademarks or registered trademarks of their respective manufacturers Safety Instructions and Approval Safety Instructions Warranty Be a Registered Owner Firmware amp Tools Updates VigorFly 200 Series User s Guide Read the installation guide thoroughly before you set up the router The router is a complicated electronic unit that may be repaired only be authorized and qualified personnel Do not try to open or repair the router yourself Do not place the router in a damp or humid place e g a bathroom The router should be used in a shel
53. able IEEE 802 1X Pre Authentication Click the link of RADIUS Server to access into the following page for more settings VigorFly 200 Series User s Guide 101 Dr ay Te k Dray Tek gt RADIUS Server Setup Windows Internet Explorer E http 192 168 1 1Avireless radius asp Radius Server IP Address Port 1812 Shared Secret i Session Timeout 0 Idle Timeout IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second Mixed WPA WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication 102 VigorFly 200 Series User s Guide Wireless LAN gt gt Security Settings SSID 1 SSID 2 Mode SSID 3 Mixed WPA WPA2 802 1x Set up RADIUS Server if 80
54. act to your ISP PPP Username Type the PPP username optional PPP Password Type the PPP password optional After finishing all the settings here please click OK to activate them VigorFly 200 Series User s Guide 37 Dr ay Te k 3 2 LAN Local Area Network LAN is a group of subnets regulated and ruled by router The design of network structure is related to what type of public IP addresses coming from your ISP Basics of LAN The most generic function of Vigor router is NAT It creates a private subnet of your own As mentioned previously the router will talk to other public hosts on the Internet by using public IP address and talking to local hosts by using its private IP address What NAT does is to translate the packets from public IP address to private IP address to forward the right packets to the right host and vice versa Besides Vigor router has a built in DHCP server that assigns private IP address to each local host See the following diagram for a briefly understanding Internet a Public IP Address Private Subnet Router IP Addres DHCP Server SLLELLLI e y In some special case you may have a public IP subnet from your ISP such as 220 135 240 0 24 This means that you can set up a public subnet or call second subnet that each host is equipped with a public IP address As a part of the public subnet the Vigor router will serve for IP routing to help hosts in the public subnet to communicate wi
55. address automatically The result will be displayed in the field of 35 Dray Tek MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them 3G USB Modem If your router connects to a 3G modem and you want to access Internet via 3G modem choose 3G as connection type and type the required information in this web page WAN gt gt Internet Access WAN IP Configuration Connection Type 3G USB Modem 3G USB Modem Settings SIM PIN code Modem Initial Stringi default AT amp F Modem Initial String default ATEOV1X1 amp D2 amp C150 0 APN Name internet default internet Modem Dial String ATDT 99 default ATDT 99 PPP Username PPP Password MAC Address Clone Enabled SIM PIN code Type PIN code of the SIM card that will be used to access Internet Modem Initial String1 2 Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN Name APN means Access Point Name which is provided and required by some ISPs Modem Dial String Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP PPP Username Type the PPP username optional PPP Password Type the PPP password optional MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router
56. addresses If the 1st IP address of your router is 192 168 1 1 the starting IP address must be 192 168 1 2 or greater but smaller than 192 168 1 254 Enter a value of the IP address pool for the DHCP server to end with when issuing IP addresses Type in an address code that determines the size of the network Default 255 255 255 0 24 Enter a value of the gateway IP address for the DHCP server The value is usually as same as the Ist IP address of the router which means the router is the default gateway It allows you to set the leased time for the specified PC If this function is enabled LAN PCs use Primary DNS Server and Secondary DNS Server as their DNS servers Otherwise LAN PCs use the router as their DNS server and the router will do DNS proxy for them You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server If your ISP does not provide it the router will automatically apply default DNS Server IP address 194 109 6 66 to this field You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provide it the router will 40 VigorFly 200 Series User s Guide automatically apply default secondary DNS Server IP address 194 98 0 1 to this field If both the Primary IP and Secondary IP Address fields are left empty the router will assign its own IP address to local users as a DN
57. aecantecaccccudin snsdecascsudiesanenceedenesstensangidcuossasenesneqecegandedtenpsbecpsaacenads 88 AET D a E E E 88 A ATGM a E E pack E E E E E E 89 420 9 UPDP CONOUG sessin EE EE a AR AiE 89 A6 Wireless LAN ireegts tera ccelos cet axa teers senate o e a a a E E AAN E Enie 91 BOA BaS CONCEDII S sranna E EE EE 91 402 Genera o eD ennan EE EEE NE 92 AO To ECON e E E ee eee E eee ee ee ee 95 TOA 6161 11 CONTO beire E eee eee E E 104 sateen ctype ects a esate cease seaneeaide toe semmneea eee sea nectee 105 AOON eee ee ee eee E eee ere 107 4 6 7 Unversal ACD SE CN oir carecinacicncens ais sunnatnnvaamatnsnasiubecuann sdasteniconanShukaeanlaeadeannaeais wenlecananntaatenancuanen 110 A Oi AF PIS COV GI a sancrsvesanenodeinmesatrinnduesntonctercsnesstabesuutsapstess tober E ATS 112 4 6 9 WMM Configuration cccccccsssssseccecccceeessseeeeecccesauseeeeeeceeeeaaaeeeeeesseeaausseeeeeeesssaaaageeness 113 G56 WO ANON 1S eer a E a T 114 4 7 System MAINTENANCE cccccccssseecccceeesecececeeseeeccseaseeeeeseeuuseeeeeseaseceeeesaaeceeessaaeeeesseneeeeenaaas 115 4 7 1 System Status cccc cccescceececssccessseeeceeeccsccsseeeeeceesecccesseeeeeeensceseeeaeeceeccccesseesereeeseccoesseses 115 4 7 2 Administration Password cccccceeececseeeeeeeeeeeeeceeeeeesaaeseeeseaeeeseeeeessaueeeessseeesseeeesaaeees 116 7 er a 12 Pa WO 0 Ee ne ee ee ee ee 116 4 7 4 Configuration el UND fects atect atic etce cat ckeie ctu casatacetine tena teins padiie
58. at is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer E http 192 168 1 1Avireless radius asp Radius Server IP Address Port 1812 Shared Secret Session Timeout o Idle Timeout VigorFly 200 Series User s Guide 99 Dray Tek IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that 1s used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second Dray Tek 100 VigorFly 200 Series User s Guide WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field bel
59. b configuration Please follow sections below to check your basic installation status stage by stage Checking if the hardware status is OK or not Checking if the network connection settings on your computer are OK or not Pinging the router from your computer Checking if the ISP settings are OK or not Backing to factory default setting if necessary If all above stages are done and the router still cannot run normally it is the time for you to contact your dealer for advanced help 5 1 Checking If the Hardware Status Is OK or Not Follow the steps below to verify the hardware status 1 Check the power line and WLAN LAN cable connections Refer to 1 3 Hardware Installation for details 2 Turn on the router Make sure the ACT LED blink once per second and the correspondent LAN LED is bright iey B yigorFly 24 3 If not it means that there is something wrong with the hardware status Simply back to 1 3 Hardware Installation to execute the hardware installation again And then try again VigorFly 200 Series User s Guide 127 Dr ay Te k 5 2 Checking If the Network Connection Settings on Your Computer Is OK or Not Sometimes the link failure occurs due to the wrong network connection settings After trying the above section if the link is stilled failed please do the steps listed below to make sure the network connection settings is OK For Windows The example is based on Windows XP As to the
60. blink simultaneously Change your PC IP address to 192 168 1 10 Open Firmware Upgrade Utility and key in Router IP 192 168 1 1 manually Install Router Tools on one computer that connects to Vigor Router s LAN port Make sure the computer can ping Vigor s LAN IP Default IP is 192 168 1 1 Run Router Tools gt gt Firmware Upgrade Utility Input Vigor s LAN IP manually or use the button to select Indicate the firmware location Note There are two firmware types The rst firmware format will make the configurations be back to default settings after upgrading firmware The all firmware format will remain the former configurations after upgrading firmware Input the Password if you have set one then click Send VigorFly 200 Series User s Guide 133 Dr ay Te k Firmware Upgrade Utility Ed Operation Mode Upgrade Backup Setting Router IP 192 168 1 1 Im Firmware File mw Fassword Time Qube Sec 11 There is a bar showing the upgrading process Firmware Upgrade Utility aag Operation Mode Upgrade Backup Setting Router IP Waiting Detecting router activity Please wait Don t power off or reset router during waiting Send 12 When the firmware upgrade is successful the following window will pop up Dray Te k 134 VigorFly 200 Series User s Guide Operation Mode Upgrade Backup Setting Router IP 197 165 1 1
61. can choose Static IP or DHCP as address mode setting Type the IP address if you choose Static IP as the WAN IP network setting Type the subnet mask if you chose Static IP as the WAN IP If you want to connect to Internet all the time you can choose Always On Always On EVER Connect On Demand Always On Choose it to enable router always keep connection Connect On Demand If the connection has been idled over the value the router will drop the connection Idle Time Set the timeout for breaking down the Internet after passing through the time without any action The unit is seconds The range is XX XX It is available when the box of Enabled is checked Click Clone MAC Address The router will detect the MAC i Dray Tek address automatically And the result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next 3G USB Modem If you want to access Internet by 3G USB modem choose this mode as the protocol and type the required information in this web page Quick Start Wizard WAN IP Configuration Connection Type 3G USB Modem Settings SIM PIN code Modem Initial Stringi Modem Initial String2 APN Name Modem Dial String PPP Username PPP Password MAC Addr
62. ccess List List P Subnet Mask 255 255 255 255 32 255 255 255 255 32 255 255 255 255 32 S Enable HT TP ICMP Enable the checkbox to allow system administrators to login Ping Telnet from the Internet There are several servers provided by the system to allow you managing the router from Internet Check the box es to specify Access List You could specify that the system administrator can only login from a specific host or network defined in the list A maximum of three IPs subnet masks is allowed List IP Indicate an IP address allowed to login to the router Subnet Mask Represent a subnet mask allowed to login to the router 4 7 8 Reboot System The Web Configurator may be used to restart your router for using current configuration Click Reboot System from System Maintenance to open the following page System Maintenance gt gt Reboot System Reboot System Do You want to reboot your router Using current configuration Using factory default configuration Click Yes The router will take 5 seconds to reboot the system VigorFly 200 Series User s Guide 121 Dray Tek Note When the system pops up Reboot System web page after you configure web settings please click Yes to reboot your router for ensuring normal operation and preventing unexpected errors of the router in the future 4 7 9 Firmware Upgrade Before upgrading your router firmware you need to install the Router Tools The Firmwar
63. ckets that do not match with any rule will be blocked Type the MAC address for the router Type the destination IP address for applying such rule Type the source IP address for applying such rule Specify the protocol s which this filter rule will apply to Determine the port range for the destination 84 VigorFly 200 Series User s Guide Source Port Range Determine the port range for the source Action Accept the packets that match with such rule will be accepted Drop the packets that match with such rule will be blocked Comment Enter filter set comments description Maximum length is 23 character long OK Click this button to save such profile Cancel Click this button to cancel current operation 4 4 3 System Security Stateful Packet Inspection SPI is a firewall architecture that works at the network layer Unlike legacy static packet filtering which examines a packet based on the information in its header stateful inspection builds up a state machine to track each connection traversing all interfaces of the firewall and makes sure they are valid The stateful firewall of Vigor router not just examine the header information also monitor the state of the connection The purpose of this is to enable the SPI firewall for the filtering incoming packets and outgoing packets Simply check the box and click OK Firewall gt gt System Security 4 4 4 Content Filtering Web Content Filter We all kn
64. cte tb ddeenmnsenen a bceeesaecapactandeches 117 Dray Tek vi VigorFly 200 Series User s Guide 4 7 5 Syslog Mail Alert cccccccccsscssscesssseneeeeeeeeeeenseeeescccasssseeeneeeeeeeeeeessscccassesseeeeeeeeeeeeessees 119 4 7 6 Time and Date wicisienscannwunttscilennenawceiinatadie smunesnedionannavancaiusiweneauniiecinauaniietwusindiwamentdvaeacenside 120 4 7 7 WIAIAG SIMCMU se enrecinslen siren unranscnciaten ianesncai tna cindlen iureuaaiteSirsaswad wane silurbipammaniiiesinaie dideeicad sehen ames tduwsaieenaoun 121 4 7 8 Reboot SY SICIN sitnine Ea aaraa aaia 121 4 7 9 Firmware Upgrade ccccccssssseecccsesseceeceesseeeccscaseeeecssauseeeecssaseeeecseagseesecseaseesessagseeees 122 BO IAC MO SCS aea a E E E E E E 123 GB VV Sle LOO iesse esan a E a nana a a i ea ar 123 do DROP TADE ae E E E E S 124 A UPON ATE anane AEE N EEE 124 Trouble Shooting assssnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnn nnnm 127 5 1 Checking If the Hardware Status Is OK or Not nnnnnnnn00annnnnnnnnnnnnnnnnnnsnnnnnnnossnnnnnnnersnnnnnna 127 5 2 Checking If the Network Connection Settings on Your Computer Is OK or Not 128 5 3 Pinging the Router from Your Computer ccccccssseseeeceeeeeecaeeeeeeeeeeeeseeaeseeeeesssseaegeeeeeeees 130 5 4 Checking If the ISP Settings are OK or NoOt cccccsseeeeeeeeeeeeeeeeeeeeeeeeeeaaaeeaaeeeeeeeeeeeeeeeeees 131 5 5 Forcing Vigor Router into TFTP Mode for
65. ction by 3G USB Modem For 3G mobile communication through Access Point is popular more and more Vigor router adds the function of 3G network connection for such purpose By connecting 3G USB Modem to the USB port of Vigor router it can support HSDPA UMTS EDGE GPRS GSM and the future 3G standard HSUPA etc Vigor router with 3G USB Modem allows you to receive 3G signals at any place such as your car or certain location holding outdoor activity and share the bandwidth for using by more people Users can use four LAN ports on the router to access Internet Also they can access Internet via wireless function of Vigor router and enjoy the powerful firewall bandwidth management VPN VoIP features of Vigor router Mobile Coffee shop Internet lt VolP Web surfing E mail Instant messaging etc N VPN 3 5G HSDPA US odem After connecting into the router 3G USB Modem will be regarded as the second WAN port However the original Ethernet WAN still can be used and Load Balance can be done in the router Besides 3G USB Modem also can be used as backup device Therefore when WAN is not available the router will use 3 5G for supporting automatically The supported 3G USB Modem will be listed on DrayTek web site Please visit www draytek com for more detailed information Below shows the menu items for WAN Dray Tek 30 VigorFly 200 Series User s Guide EWAN Internet Access 3G Backup 3 1 1 Internet Access This pag
66. d Benefits for DrayTek Members Receiving e news letters about latest firmware version for your purchased products Software and firmware available online for download Chances to win prizes Many more benefits only for DrayTek members are coming soon Dray Tek 66 VigorFly 200 Series User s Guide Admin Mode Operation This chapter will guide users to execute advanced full configuration through admin mode operation 1 Open a web browser on your PC and type http 192 168 1 1 The window will ask for typing username and password 2 Please type admin admin on Username Password for administration operation Now the Main Screen will appear Be aware that Admin mode will be displayed on the bottom left side WiFi Router VigorFly 200 Dray Tek System Status Auto Logout Quick Start Wizard Model VigorFly200 Online Status Firmware Version 1 0 0RC4a gt WAN Build Date Time r328 Thu Jan 14 17 15 46 CST 2010 gt LAN System Date Sat Jan 1 00 51 12 2000 NAT System Uptime 0d 00 51 12 p Firewall Operation Mode Gateway Mode gt Applications gt Wireless LAN System WAN gt System Maintenance Memory total 30076 kB Connected Type DHCP gt Diagnostics Memory left 16872 kB Link Status Connected MAC Address 00 50 7F 22 33 45 IP Address 192 168 5 21 Application Note LAN IP Mask 255 255 255 0 FAQ MAC Address 00 50 7F 22 33 44 Default Gateway
67. ddress Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them PPPoE To choose PPPoE as the accessing protocol of the internet please select PPPoE from the Internet Access menu The following web page will be shown VigorFly 200 Series User s Guide 33 Dr ay Te k WAN gt Internet Access WAN IP Configuration Connection Type PPPoE PPPoE Settings Username Password Confirm Password Redial Policy Connect On Demand Mode Idle Time minutes MAC Address Clone Enabled Username Type in the username provided by ISP in this field Password Type in the password provided by ISP in this field Redial Policy If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Connect on Demand w Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them Dray Tek 34 VigorFly 200 Series User s Guide PPTP L2TP To use PPTP L2TP as the
68. e The router will detect the MAC address automatically And the result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next Dray Tek 14 VigorFly 200 Series User s Guide DHCP It is not necessary for you to type any IP address manually Simply choose this type and the system will obtain the IP address automatically from DHCP server Quick Start Wizard WAN IP Configuration Connection Type DHCP w DHCP Mode Router Name VigorFly200 MAC Address Clone Enabled F DHCP Mode Router Name Default setting is VigorFly200 Enable The router will detect the MAC address automatically Or check the box to enable MAC address cloning MAC Address Clone It is available when the box of Enabled is checked Click MAC Address Clone The router will detect the MAC address automatically And the result will be displayed in the field of MAC Address MAC Address Clone Enabled l MAC Address MAC Address Clone Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next PPPoE PPPoE stands for Point to Point Protocol over Ethernet It relies on two
69. e Upgrade Utility is included in the tools The following web page will guide you to upgrade firmware by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click Maintenance gt gt Firmware Upgrade to launch the Firmware Upgrade Utility System Maintenance gt gt Firmware Upgrade Firmware Update Select a firmware file ie Click Upgrade to upload the file Click Browse to locate the newest firmware and click Upgrade During the process of upgrade do not turn off your router Dray Te k 122 VigorFly 200 Series User s Guide 4 8 Diagnostics Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router Below shows the menu items for Diagnostics Diagnostics System Log DHCP Table 4 8 1 System Log Click Diagnostics and click System Log to open the web page Diagonostics gt gt System Log System Log Information Clear Refresh Jan 4 00 26 17 VigorFly200 syslog into syslogd started BusyBox v1 12 1 Jan 4 00 26 17 VigorFly200 user notice kernel klogd started BusyBox vl1 12 1 2009 12 27 19 0 Clear Click it to clear this page Refresh Click it to reload the page VigorFly 200 Series User s Guide 123 Dr ay Te k 4 8 2 DHCP Table The facility provides i
70. e allows you to set WAN configuration with different modes Use the Connection Type drop down list to choose one of the WAN modes The corresponding page will be displayed WAN gt gt Internet Access WAN IP Configuration Connection Type DHCP k DHCP Settings Router Name MAC Address Clone Static IP For static IP mode you usually receive a fixed public IP address or a public subnet namely multiple public IP addresses from your DSL or Cable ISP service providers In most cases a Cable service provider will offer a fixed public IP while a DSL service provider will offer a public subnet If you have a public subnet you could assign an IP address or many IP address to the WAN interface To use Static as the accessing protocol of the internet please choose Static IP mode from Connection Type drop down menu The following web page will be shown WAN gt Internet Access WAN IP Configuration Connection Type Static IP Static IP Settings IP Address 192 168 5 22 Subnet Mask 200 200 2000 Default Gateway 192 168 5 1 Primary DNS Server 168 95 1 1 Secondary DNS Server MAC Address Clone Enabled OK IP Address Type the IP address Subnet Mask Type the subnet mask VigorFly 200 Series User s Guide 31 Dr ay Te k Default Gateway Type the gateway IP address Primary DNS Server You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server I
71. e k 1 4 Printer Installation You can install a printer onto the router for sharing printing All the PCs connected this router can print documents via the router The example provided here is made based on Windows XP 2000 For Windows 98 SE Vista please visit www draytek com Internet Ti T Before using it please follow the steps below to configure settings for connected computers or wireless clients 1 Connect the printer with the router through USB parallel port 2 Open Start gt Settings gt Printer and Faxes Documents BG Control Panel Settings Wr Control Panel E Network Connections amp Printers and Faxes of Taskbar and Start Menu Search Help and Support Run Log OFF coco lee Turn OFF Computer Start d fo o 4 Internet Explorer Mace 3 Open File gt Add a New Computer A welcome dialog will appear Please click Next Dray Tek 4 VigorFly 200 Series User s Guide Add Printer Wizard Welcome to the Add Printer Wizard This wizard helps you install a printer or make printer connections e If you have a Plug and Play printer that connects LD through a USB port for any other hot pluggable port such as IEEE 1394 infrared and so on you do not need to use this wizard Click Cancel to close the wizard and then plug the printer s cable Printers and Faxes Edit View Favorites Tools into your computer or point the printer toward
72. ease follow the steps below to ping the router correctly For Windows L 2 4 Open the Command Prompt window from Start menu gt Run Type command for Windows 95 98 ME or cmd for Windows NT 2000 XP Vista The DOS command dialog will appear w Command Prompt Microsoft Windows HP Version 5 1 2688 CC Copyright 1985 2001 Microsoft Corp D Documents and Settings faerping 192 168 1 1 Pinging 192 168 1 1 with 32 bytes of data Reply from 192 168 1 1 bytes 32 time lt ims TTL 255 Reply from 192 168 1 1 bytes 32 time lt ims Reply from 192 168 1 1 bytes 32 time lt ims Reply from 192 168 1 1 bytes 32 time lt ims TTL 255 Ping statistics for 192 168 1 1 Packets Sent 4 Received 4 Lost A tz loss Approximate round trip times in milli seconds Minimum Hms Maximum ms Average Ams D Documents and Settings fae gt _ Type ping 192 168 1 1 and press Enter If the link is OK the line of Reply from 192 168 1 1 bytes 32 time lt Ims TTL 255 will appear If the line does not appear please check the IP address setting of your computer For MacOs Terminal 1 2 3 4 Dray Tek Double click on the current used MacOs on the desktop Open the Application folder and get into Utilities Double click Terminal The Terminal window will appear Type ping 192 168 1 1 and press Enter If the link is OK the line of 64 bytes from 192 168 1 1 icmp_seq 0 ttl 255 time xxxx ms will appear 13
73. eeceeeeeaeeeseeeeeeeesseeeaseeeeeeesssaeaaseeeeeessaaaeeeeeeeeees 61 CO STM aU eg taste vps E E E E EA 61 SAAD SSM I es WO EA A nda en A S E E A E E E E 62 BeOS Hmo and 1D AIG ersi a 62 3 6 4 Firmware Upgrade sscan a a Ea aN E a iaa 63 ul DONO SUC S aiaee EE E aE 64 A V E LO ea a E E E eases oeheseoiecueenateteescenesteinoes 64 Lhee DHCP 9 aE EE E E eee 64 3G UPO AG aa EN E E E E EE E 65 AANG HELA CCOO cara sae e E wistrcoajeen an cemea deans ose naneciaalaanion Mean end 69 7a G Ba KUD anne ee ee ene eee ee eee ee ee eee ee ee 74 Ae CAN capt ce tea ciate bates E E ad sade ese ednaesenenneteceepen tees 75 4 2 1 General SE UUD sarrin innana neie a ia ia ia 76 eA ROUTE sceri e eiai EN aea iaa aae 78 ANAT e E A E E E R E ee ee eee 79 MODEN FOS ae a E E E E E E e 80 A DMZ OS e S E E E 81 aae OS SION IMAM E E A A E A E E E 82 AA FON a E E EE E E yiecsesnneanatseadasbeusaee ase 82 waT DOS DEIENE E aa eee E E en eee 83 4 4 2 MAC IP Port Filtering cccccsscccccccceesssseeeeeeccceeeaseeeeeceseeeauseeceeeesseeaagseeeeesseaaagseeeeeesess 84 4 4 3 System Security ccccccccccccceessseeeeeccceessseceeeecsseauuseeceeeeeseeeausaeeeeeesssaaaaaaeeesssssasseeeeeeees 85 4 4 4 Content Filtering ccc cccccccccsssssseceeceeeeeeseeceeeeeeeeeeaeeceeeeesseeeeseeeeeeeessuaeaeeceeeesssaaaaeeeseeees 85 sO APPIA ON S serieren Ea eE EEEE ENE OEN EEE EENE ENDED EEEE EN 87 AN MOAN DN eeina E E E E E EON 87 452 80210 Spanning WCC ssec
74. el VigorFly 200 Series User s Guide OK Check the box to enable wireless function At present the router can connect to Mixed 11b 11g 11g Only 11b Only Mixed 11g 11n 11n Only and Mixed 11b 11g 11n stations simultaneously Simply choose Mixed 11b 11g 11n mode Mixed 11b 11q iib On lig On iin Onl Mixed 11b 11q Mixed 1 1 Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wireless LAN Depending on the wireless utility the user may only see the information except SSID or just cannot see any thing about Vigor wireless router while site surveying The system allows you to set three sets of SSID for different usage Set a name for the router to be identified Check this box to make the wireless clients stations with the same SSID not accessing for each other Means the channel of frequency of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea of 93 Dray Tek Dray Tek OK Packet OVERDRIVE Universal Repeater choosing the frequency please select AutoSelect to let system determine for you 2437MHz Channel 6 AutoSelect 2412MHz Channel 1 2417MHz Channel 2 2422MHz Channel 3 242 7MHz Channel 4 2432MHz Channel 243i MHz C 44 AMHz Channel 7 HMHz Channel amp 152MHz Channel 9 245
75. eless LAN Depending on the wireless utility the user may only see the information except SSID or just cannot see any thing about Vigor wireless router while site surveying The system allows you to set three sets of SSID for different usage Set a name for the router to be identified Check this box to make the wireless clients stations with the same SSID not accessing for each other Means the channel of frequency of the wireless LAN The default channel is 6 You may switch channel if the selected channel is under serious interference If you have no idea of choosing the frequency please select AutoSelect to let system determine for you 243 MHz Channel 6 AutoSelect 2412MHz Channel 1 241 MHz Channel 2 2422MHz Channel 3 2427MHz Channel 4 24352MHz Channel 5 Z43 Mbiz Channel 6 2442MHz Channel 7 244 T MHz Channel 3 2452MHz Channel 9 245 MHz Channel 10 2462MHz Channel 11 246 MHz Channel 12 This feature can enhance the performance in data transmission about 40 more by checking Tx Burst It is active only when both sides of Access Point and Station in wireless client invoke this function at the same time That is the wireless client must support this feature and invoke the function too Note Vigor N61 wireless adapter supports this function Therefore you can use and install it into your PC for matching with Packet OVERDRIVE refer to the following picture of Vigor N61 wireles
76. entication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second 3 5 4 Universal Repeater This menu is available only when it is enabled in Wireless LAN gt gt General Setup It allows you to specify which AP that remote client can connect to VigorFly 200 can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to serve all wireless stations within its coverage Note While using Universal Repeater Mode the access point will demodulate the received signal Please check if this signal is noise for the operating network then have the signal modulated and amplified again The output power of this mode is the same as that of WDS and normal AP mode Wireless LAN gt gt Universal Repeater Universal Repeater Parameters SSID MAC Address Optional fe Security Mode Encryption Type WEP Keys Key 1 Key 2 Key 3 O Key 4 SSID Set a name for the router to be identified MAC Address Optional Type the MAC address of the Access Point that VigorFly 200 wants to connect to Security Mode There are several modes provided for you to choose Each mode will bring up different parameters e g WEP keys Pass Phrase for you to configure Dray Tek 58 VigorFly 200 Series User s Guide Open Shared Mode Wireless LAN gt Un
77. ess Clone Enabled SIM PIN code Modem Initial String1 2 APN Name Modem Dial String PPP Username PPP Password MAC Address Clone Dray Tek 3G USB Modem default ATF ATEOV1X1 amp D2 amp C150 default ATEOV1X1 amp D2 amp C1S0 0 internet default internet ATDT 992 default ATDT 99 Type PIN code of the SIM card that will be used to access Internet Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN means Access Point Name which is provided and required by some ISPs Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP Type the PPP username optional Type the PPP password optional It is available when the box of Enabled is checked Click MAC Address Clone The router will detect the MAC address automatically And the result will be displayed in the 18 VigorFly 200 Series User s Guide field of MAC Address MAC Address Clone Enabled aCaE MAC Address MAC Address Clone Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next 2 4 4 Setting up the Wireless Connection Now you have to set up the wireless connection Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID
78. ess the Internet The Dynamic DNS feature lets you assign a domain name to a dynamic WAN IP address It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server Once the router is online you will be able to use the registered domain name to access the router or internal virtual servers from the Internet It is particularly helpful if you host a web server FTP server or other server behind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service providers Basically Vigor routers are compatible with the DDNS services supplied by most popular DDNS service providers such as www dyndns org www no ip com VigorFly 200 Series User s Guide 87 Dr ay Te k www dtdns com www changeip com www dynamic nameserver com You should visit their websites to register your own domain name for the router Applications gt gt Dynamic DNS Dynamic DNS configuration Service Provider Domain name Username Password Service Provider Select the service provider for the DDNS account If you choose None such function will be disabled Domain name Type in one domain name that you applied previously Use the drop down list to choose the desired domain Username Type in the login name that you set for applying domain Password Type in the password that you set for ap
79. ested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 This device may accept any interference received including interference that may cause undesired operation Please visit http www draytek com user AboutRegulatory php This product is designed for 2 4GHz WLAN network throughout the EC region and Switzerland
80. f MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them Dray Tek 70 VigorFly 200 Series User s Guide PPPoE To choose PPPoE as the accessing protocol of the internet please select PPPoE from the Internet Access menu The following web page will be shown WAN gt Internet Access WAN IP Configuration Connection Type PPPoE Settings Username Password Confirm Password Redial Policy MAC Address Clone Enabled Always On Connect On Demand Mode Idle Time 5 minutes Username Password Confirm Password Redial Policy MAC Address Clone OK Type in the username provided by ISP in this field Type in the password provided by ISP in this field Re enter the password for confirmation If you want to connect to Internet all the time you can choose Always On Otherwise choose Connect on Demand Connect on Demand Connect on Demand Idle Time Set the timeout for breaking down the Internet after passing through the time without any action When you choose Connect on Demand you have to type value here MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled aCaE MAC Address MAC Address Clone After finishing all the settings here please click
81. f your ISP does not provide it the router will automatically apply default DNS Server IP address 198 95 1 1 to this field Secondary DNS Server You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provide it the router will automatically apply default secondary DNS Server IP address MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them Dray Tek 32 VigorFly 200 Series User s Guide DHCP DHCP allows a user to obtain an IP address automatically from a DHCP server on the Internet If you choose DHCP mode the DHCP server of your ISP will assign a dynamic IP address for your router automatically It is not necessary for you to assign any setting WAN gt gt Internet Access WAN IP Configuration Connection Type DHCP Settings Router Name VigorFly200 MAC Address Clone Router Name Type in a name for the router It must be the same as the name used in Syslog MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC A
82. fault Gateway 192 168 5 1 IP Address 192 168 1 1 Primary DNS 168 95 1 1 IP Mask 255 255 255 0 Secondary DNS All Right Reserved Wireless MAC Address 00 50 7F 22 33 44 SSID DrayTek Channel 6 Quick Start Wizard offers user an easy method to quick setup the connection mode for the router Moreover if you want to adjust more settings for different WAN modes please go to WAN group Basics of Internet Protocol IP Network IP means Internet Protocol Every device in an IP based Network including routers print server and host PCs needs an IP address to identify its location on the network To avoid address conflicts IP addresses are publicly registered with the Network Information Centre NIC Having a unique IP address is mandatory for those devices participated in the public network but not in the private TCP IP local area networks LANs such as host PCs under the management of a router since they do not need to be accessed by the public Hence the NIC has reserved certain addresses that will never be registered publicly These are known as private IP addresses and are listed in the following ranges From 10 0 0 0 to 10 255 255 255 From 172 16 0 0 to 172 31 255 255 From 192 168 0 0 to 192 168 255 255 VigorFly 200 Series User s Guide 29 Dr ay Te k What are Public IP Address and Private IP Address As the router plays a role to manage and further protect its LAN it interconnects
83. filter rules or a secondary firewall Click DMZ Host to open the following page NAT gt gt DMZ Host DMZ Settings DMZ Settings DM IP Address Canal DMZ Settings Check this box to enable the DMZ Host function DMZ IP Address Enter the private IP address of the DMZ host OK Click this button to save such profile Cancel Click this button to clear information on this page VigorFly 200 Series User s Guide 43 Dr ay Te k 3 4 Applications Below shows the menu items for Applications r Applications Dynamic DNS 3 4 1 Dynamic DNS The ISP often provides you with a dynamic IP address when you connect to the Internet via your ISP It means that the public IP address assigned to your router changes each time you access the Internet The Dynamic DNS feature lets you assign a domain name to a dynamic WAN IP address It allows the router to update its online WAN IP address mappings on the specified Dynamic DNS server Once the router is online you will be able to use the registered domain name to access the router or internal virtual servers from the Internet It is particularly helpful if you host a web server FTP server or other server behind the router Before you use the Dynamic DNS feature you have to apply for free DDNS service to the DDNS service providers The router provides up to three accounts from three different DDNS service providers Basically Vigor routers are compatible with the DDNS services supplied by
84. formation By clicking the Security Settings a new web page will appear so that you could configure the settings Dray Tek 48 VigorFly 200 Series User s Guide Wireless LAN gt Security Settings SSID 1 SSID 2 SSID 3 Mode Set up RADIUS Server if 802 1 is enabled WPA WPA Algorithms TKIP AES TKIP AES Pass Phrase Po Key Renewal Interval 3600 seconds PMK Cache Period minutes Pre Authentication Disable Enable WEP key 4 802 1x WEP Disable Enable Mode There are several modes provided for you to choose Disable WPA2 PSK Mixed WPA WPA2 PSK WEP 802 1x WPA 802 1x WPA2 802 1x Mixed WPA WPA2 802 1x Disable The encryption mechanism is turned off WEP Accepts only WEP clients and the encryption key should be entered in WEP Key VigorFly 200 Series User s Guide 49 Dr ay Tek SSID 1 SSID 2 SSID 3 Mode WEP ka Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms TKIP AES TKIP AES Pass Phrase fe Key Renewal Interval seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP key 1 Key 2 O key 3 y O key 4 802 1x WEP Disable Enable WEP Key1 Key4 Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level T
85. groups of host PCs Each of them has a private IP address assigned by the built in DHCP server of the Vigor router The router itself will also use the default private IP address 192 168 1 1 to communicate with the local hosts Meanwhile Vigor router will communicate with other network devices through a public IP address When the data flow passing through the Network Address Translation NAT function of the router will dedicate to translate public private addresses and the packets will be delivered to the correct host PC in the local area network Thus all the host PCs can share a common Internet connection Get Your Public IP Address from ISP In ADSL deployment the PPP Point to Point style authentication and authorization is required for bridging customer premises equipment CPE Point to Point Protocol over Ethernet PPPoE connects a network of hosts via an access device to a remote access concentrator or aggregation concentrator This implementation provides users with significant ease of use Meanwhile it provides access control billing and type of service according to user requirement When a router begins to connect to your ISP a serial of discovery process will occur to ask for a connection Then a session will be created Your user ID and password is authenticated via PAP or CHAP with RADIUS authentication system And your IP address DNS server and other related information will usually be assigned by your ISP Network Conne
86. h as the number of thresholds is identified as an attack and the Vigor router will activate its defense mechanism to mitigate in a real time manner Below shows the menu items for Firewall Firewall DoS Defense MACAP Port Filtering System security Content Filtering Dray Tek 82 VigorFly 200 Series User s Guide 4 4 1 DoS Defense As a sub functionality of IP Filter Firewall there are 5 types of detect defense function in the DoS Defense setup The DoS Defense functionality is disabled for default Click Firewall and click DoS Defense to open the setup page Firewall gt gt Dos Defense Dos Defense Setup C Enable DoS Defense C Enable SYN flood defense C Enable UDP flood defense C Enable ICMP flood defense Select All packets sec packets sec Threshold Threshold packets sec Threshold C Enable Furtive port scanner detection L Enable Ping of Death defense Enable Dos Defense Enable SYN flood defense Enable UDP flood defense Enable ICMP flood defense Enable Furtive port scanner detection Enable Ping of Death Defense VigorFly 200 Series User s Guide Cancel Clear All Check the box to activate the DoS Defense Functionality Check the box to activate the SYN flood defense function Once detecting the Threshold of the TCP SYN packets from the Internet has exceeded the defined value the Vigor router will start to randomly discard the subsequent TCP SY
87. he allowed content is the ASCII characters from 33 to 126 except and Dray Tek 50 VigorFly 200 Series User s Guide WPA PSK or WPA2 PSK or Mixed WPA WPA2 PSK Accepts only WPA clients and the encryption key should be entered in PSK The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication SSID 1 SSID 2 Mode SSID 3 WPA PSE we Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms Pass Phrase OTKIP aAES OTKIP AES Ox321253 Key Renewal Interval 3600 seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP Disable Enable WPA Algorithm Select TKIP AES or TKIP AES as the algorithm for WPA Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by Ox such as 0x321253abcde Key Renewal WPA uses shared key for authentication to the network Interval e WEP 802 1x However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key The built in RADIUS client feat
88. her computer Settings Show icon in notikication area when connected Advanced Settings Services Select the services running on your network that Internet users can access Ftp Exanple menmegr 192 169 29 11 131 35 60654 UDP menmegr 192 168 2911 7824 13251 UDP menmegr 192 168 29 17 8 89 E3231 TCF The reminder as regards concern about Firewall and UPnP Can t work with Firewall Software Enabling firewall applications on your PC may cause the UPnP function not working properly This is because these applications will block the accessing ability of some network ports Security Considerations Activating the UPnP function on your network may incur some security threats You should consider carefully these risks before activating the UPnP function gt Some Microsoft operating systems have found out the UPnP weaknesses and hence you need to ensure that you have applied the latest service packs and patches gt Non privileged users can control some router functions including removing and adding port mappings Dray Tek i VigorFly 200 Series User s Guide The UPnP function dynamically adds port mappings on behalf of some UPnP aware applications When the applications terminate abnormally these mappings may not be removed 4 6 Wireless LAN 4 6 1 Basic Concepts Over recent years the market for wireless communications has enjoyed tremendous growth Wireless technology
89. ifferent modes for SSID 1 2 and 3 respectively After configuring the correct settings please click OK to save and invoke it By clicking the Security Settings a new web page will appear so that you could configure the settings Wireless LAN gt gt Security Settings SSID 1 SSID 2 Mode SSID 3 Disable Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms Pass Phrase Key Renewal Interval PMK Cache Period Pre Authentication WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP Mode Disable TKIP AES TKIP AES seconds minutes Disable Enable Disable Enable Cana There are several modes provided for you to choose Disable Mixed WPA WPA2 PSK WEP 802 1x WPA 802 1x WPA2 802 1x Mixed WPA WPA2 802 1x The encryption mechanism is turned off e WEP Accepts only WEP clients VigorFly 200 Series User s Guide and the encryption key should be entered in WEP Key 95 Dray Tek SSID 1 SSID 2 SSID 3 Mode WEP ka Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms TKIP AES TKIP AES Pass Phrase fe Key Renewal Interval seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP key 1 Key 2 O key 3 y O key 4 802 1x WEP Disable Enable WEP Key1 Key4 Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 he
90. ign a port for the Syslog protocol Choose the severity level for the system log entry Error Check Enable to activate function of mail alert The IP address of the SMTP server Assign a mail address for sending mails out Assign a path for receiving the mail from outside Type the user name for authentication Type the password for authentication Check the box of User Login to send alert message to the e mail box while the router detecting the item s you specify here Click OK to save these settings For viewing the Syslog please do the following VigorFly 200 Series User s Guide ng Dray Tek 1 Just set your monitor PC s IP address in the field of Server IP Address 2 Install the Router Tools in the Utility within provided CD After installation click on the Router Tools gt gt Syslog from program menu fay Router Tools 73 5 1 2 About Router Tools jE Uninstall Router Tools 3 5 1 Visit DrayTek Web Site o 3 From the Syslog screen select the router you want to monitor Be reminded that in Network Information select the network adapter used to connect to the router Otherwise you won t succeed in retrieving information from the router fit DrayTek Syslog 3 6 1 Gateway IP Fixed TX Packets reese a ia i LAN Status TX Packets RX Packets WAN IP Fixed RX Packets RX Rate ee a e On Line Routers Host Name vivian IP Addre
91. igured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second Dray Tek 22 VigorFly 200 Series User s Guide WPA 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID SSID Wireless Security Settings Security Mode WPA WPA Algorithms Key Renewal Interval Radius Server IP Address Port Shared Secret Session Timeout Idle Timeout WPA Algorithms Key Renewal Interval IP Address Port Shared Secret Session Timeout Idle Timeout VigorFly 200 Series User s Guide d DrayTek WFPA 802 1x H TKIP AES OTKIP AES 3600 seconds Select TKIP AES or TKIP AES as the algorithm for WPA WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security bu
92. imeout for breaking down the Internet after passing through the time without any action The unit is seconds The range is XX XX It is available when the box of Enabled is checked Click MAC Address Clone The router will detect the MAC address automatically And the result will be displayed in the field of MAC Address MAC Address Clone Enabled l MAC Address MAC Address Clone Besides if you want to change the MAC address for WAN interface simply click Enable and type the MAC address in this field manually After finishing the settings here please click Next Dray Tek 16 VigorFly 200 Series User s Guide PPTP L2TP If you click PPTP L2TP as the connection type please manually enter the Username Password provided by your ISP and all the required information Quick Start Wizard WAN IP Configuration Connection Type L2TF Settings L2TP Server IP Address Username Password WAN IP Network Settings IP Address Subnet Mask Default Gateway Redial Policy MAC Address Clone Enabled L2TP PPTP Server IP Address User Name Password WAN IP Network Settings IP Address Subnet Mask Redial Policy MAC Address Clone VigorFly 200 Series User s Guide 192 168 3 1 192 168 3 2534 Always On Connect On Demand Mode Idle Time 5 minutes d Specify the IP address of the PPTP L2TP server Assign a specific valid user name provided by the ISP Assign a valid password provided by the ISP You
93. ing of such routing rule Netmask Type the netmask for such routing rule if you choose Net as Range setting Gateway Type the gateway address for such routing rule Interface Choose WAN or LAN as the interface for such route Comment Type words as notification for such routing OK Click this button to save current configuration and display on the routing table below Cancel Click this button to clear current configuration Dray Tek 78 VigorFly 200 Series User s Guide 4 3 NAT Usually the router serves as an NAT Network Address Translation router NAT is a mechanism that one or more private IP addresses can be mapped into a single public one Public IP address is usually assigned by your ISP for which you may get charged Private IP addresses are recognized only among internal hosts When the outgoing packets destined to some public server on the Internet reach the NAT router the router will change its source address into the public IP address of the router select the available public port and then forward it At the same time the router shall list an entry in a table to memorize this address port mapping relationship When the public server response the incoming traffic of course is destined to the router s public IP address and the router will do the inversion based on its table Therefore the internal host can communicate with external host smoothly The benefit of the NAT includes Save cost on applying public IP
94. isplay the specified primary DNS setting Secondary DNS Display the specified secondary DNS setting 4 7 2 Administration Password This page allows you to set new password for admin operation System Maintenance gt gt Administration Password Adminstrator Settings Account Password admin Account Password Type in the name for login Type in new password in this filed When you click OK the login window will appear Please use the new login name and password to access into the web configurator for admin operation again 4 7 3 User Password This page allows you to set new password for user operation System Maintenance gt gt User Password User Settings Account Password Account Type in the name for login Password Type in new password in this filed VigorFly 200 Series User s Guide Dray Tek he When you click OK the login window will appear Please use the new password to access into the web configurator for user operation again 4 7 4 Configuration Backup Backup the Configuration Follow the steps below to backup your configuration 1 Goto System Maintenance gt gt Configuration Backup The following windows will be popped up as shown below System Maintenance gt gt Configuration Backup Configuration Backup Restoration Restoration Select a configuration file ec Click Restore to upload the file Restore Click Backup to download current running configuratio
95. iversal Repeater Universal Repeater Parameters SSID MAC Address Optional Security Mode Encryption Type WEP Keys O key 1 ae iia E Encryption Type Choose None to disable the WEP Encryption Data sent to the AP will not be encrypted To enable WEP encryption for data transmission please choose WEP WEP Keys Four keys can be entered here but only one key can be selected at a time The format of WEP Key is restricted to 5 ASCII characters or 10 hexadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and WPA PSK Mode and WPA2 PSK Mode Wireless LAN gt Universal Repeater Universal Repeater Parameters SSID MAC Address Optional ooo Security Mode WPA PSK Encryption Type Pass Phrase Encryption Type Select TKIP or AES as the algorithm for WPA Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by Ox such as 0x321253abcde VigorFly 200 Series User s Guide 59 Dray Tek 3 5 5 Station List Station List provides the knowledge of connecting wireless clients now along with its status code Wireless LAN gt Station List Station List MAC Address SSID MAC Address Display the MAC Address for the connecting client SSID Display the SSID of the connecting client Au
96. k PPPoE Passthrough DHCP Server Configuration Enable Server Disable Server Start IP Address End IP Address Subnet Mask Default Gateway Lease Time DNS Manual Setting Primary DNS Address Secondary DNS Address Dray Tek network Default 192 168 1 1 Type in an address code that determines the size of the network Default 255 255 255 0 Click Enable to invoke this function The default setting is Disable Type in secondary IP address for connecting to a subnet Default 192 168 2 1 An address code that determines the size of the network If you want to use PPPoE server in the network via Vigor router please check this box to redirect the PPPoE frames to the specified location DHCP stands for Dynamic Host Configuration Protocol The router by factory default acts a DHCP server for your network so it automatically dispatch related IP settings to any local user configured as a DHCP client It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your network If you want to use another DHCP server in the network other than the Vigor Router s you can let Relay Agent help you to redirect the DHCP request to the specified location Let the router assign IP address to every host in the LAN Let you manually assign IP address to every host in the LAN Enter a value of the IP address pool for the DHCP server to start with when issuing IP
97. licking the General Setup a new web page will appear so that you could configure the SSID and the wireless channel Please refer to the following figure for more information General Setting IEEE 602 11 General Setup Mode Mixed 11b 119 11n Hide SSID SSID Isolate Member Oo m E PF m o E m Hide SSID Prevent SSID from being scanned Isolate Member Wireless clients stations with the same SSID cannot access for each other SS1D4 Reserved for Universal Repeater mode so it s not listed Channel AutoSelect Packet OVERDRIVE Tx Burst Note 1 Tx Burst only supports 11g mode 2 The same technology must also be supported in clients to boost WLAN performance Universal Repeater Enable Note If Universal Repeater is enabled one additional wireless interface is treated as WAN port The wireless AP interface and the ethernet ports are LAN ports Enable Wireless LAN Check the box to enable wireless function Mode At present the router can connect to Mixed 11b 11g 11g Only 11b Only 11n Only and Mixed 11b 11g 11n stations simultaneously Simply choose Mix 11b 11g 11n mode Dray Tek 46 VigorFly 200 Series User s Guide Hide SSID SSID Isolate Member Channel Packet OVERDRIVE VigorFly 200 Series User s Guide Mixed 11b 11g Mixed 11b 11q Mixed 11b 11g9 11n Check it to prevent from wireless sniffing and make it harder for unauthorized clients or STAs to join your wir
98. lly be assigned by your ISP Network Connection by 3G USB Modem For 3G mobile communication through Access Point is popular more and more Vigor router adds the function of 3G network connection for such purpose By connecting 3G USB Modem to the USB port of Vigor router it can support HSDPA UMTS EDGE GPRS GSM and the future 3G standard HSUPA etc Vigor router with 3G USB Modem allows you to receive 3G signals at any place such as your car or certain location holding outdoor activity and share the bandwidth for using by more people Users can use four LAN ports on the router to access Internet Also they can access Internet via SuperG wireless function of Vigor router and enjoy the powerful firewall bandwidth management VPN VoIP features of Vigor router Mobile Coffee shop A Internet lt VolP Web surfing E mail Instant messaging etc e X VPN 3 5G HSDPA US odem After connecting into the router 3G USB Modem will be regarded as the second WAN port However the original Ethernet WAN still can be used and Load Balance can be done in the router Besides 3G USB Modem also can be used as backup device Therefore when WAN is not available the router will use 3 5G for supporting automatically The supported 3G USB Modem will be listed on DrayTek web site Please visit www draytek com for more detailed information Below shows the menu items for WAN Dray Tek 68 VigorFly 200 Series User s Guide WAN internet Access
99. lly if your network supports this capability Othenvise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically O Use the following IP address For MacOs 1 Double click on the current used MacOs on the desktop 2 Open the Application folder and get into Network 3 On the Network screen select Using DHCP from the drop down list of Configure IPv4 a0 Network s Eae a Show All Displays Sound Network Startup Disk Location Automatic Show Built in Ethernet TCP IP PPPoE AppleTalk Proxies Ethernet IP Address m Renew DHCP Lease Subnet Mask 255 255 255 0 DHCP Client ID If required Router 192 168 1 1 DNS Servers Optional Search Domains Optional IPv6 Address fe80 0000 0000 0000 020a 95ff fe8d 72e4 Configure IPv6 rr Click the lock to prevent further changes Assist me Apply Now VigorFly 200 Series User s Guide 129 Dr ay Te k 5 3 Pinging the Router from Your Computer The default gateway IP address of the router is 192 168 1 1 For some reason you might need to use ping command to check the link status of the router The most important thing is that the computer will receive a reply from 192 168 1 1 If not please check the IP address of your computer We suggest you setting the network connection as get IP automatically Please refer to the section 5 2 Pl
100. n URL with objectionable keywords URL keyword blocking facility will decline the HTTP request to that web page thus can limit user s access to the website You may imagine URL Content Filter as a well trained convenience store clerk who won t sell adult magazines to teenagers At office URL Content Filter can also provide a job related only environment hence to increase the employee work efficiency How can URL Content Filter work better than traditional firewall in the field of filtering Because it checks the URL strings or some of HTTP data hiding in the payload of TCP packets while legacy firewall inspects packets based on the fields of TCP IP headers only On the other hand Vigor router can prevent user from accidentally downloading malicious codes from web pages It s very common that malicious codes conceal in the executable objects such as ActiveX Java Applet compressed files and other executable files Once downloading these types of files from websites you may risk bringing threat to your system For example an ActiveX control object is usually used for providing interactive web feature If malicious code hides inside it may occupy user s system Open Firewall gt gt MAC IP Port Filtering to access into the following page Firewall gt gt Content Filtering Web Content Filter Filters C Proxy O Java LJ Activex Web URL Filter Settings Current Web URL Filters No URL Delete Selected Add a URL filter U
101. n enhancement over the power save mechanisms supported by Wi Fi networks It allows devices to take more time in sleeping state and consume less power to improve the performance by minimizing transmission latency Such function is designed for mobile and cordless phones that support VoIP mostly Wireless LAN gt gt WMM Configuration WMM Configuration WMM Capable Enable Disable APSD Capable Enable Disable WMM Parameters of Access Point AC_BE AC_BK AC_VI AC_VO WMM Capable To apply WMM parameters for wireless data transmission please click the Enable radio button APSD Capable The default setting is Disable Click Enable to enable the function of automatic power save delivery APSD Aifsn It controls how long the client waits for each data transmission Please specify the value ranging from to 15 Such parameter will influence the time delay for WMM accessing categories For the service of voice or video image please set small value for AC_VI and AC_VO categories As to the service of e mail or web browsing please set large value for AC_BE and AC_BK categories CW Min CW Max CWMin means contention Window Min and CWMax means contention Window Max Please specify the value ranging from to 15 Be aware that CWMax value must be greater than CWMin or equals to CWMin value Both values will influence the time delay for WMM accessing categories The difference between AC_VI and AC_VO categories must be smaller however
102. ncryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and Dray Tek 20 VigorFly 200 Series User s Guide WPA PSK or WPA2 PSK or Mixed WPA WPA2 PSK Accepts only WPA clients and the encryption key should be entered in PSK The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID SSID Wireless Security Settings Security Mode WPA WPA Algorithms Pass Phrase Key Renewal Interval WPA Algorithm Pass Phrase Key Renewal Interval VigorFly 200 Series User s Guide d DrayTek OTKIP OAES OTKIP AES seconds Cancel Choose the WPA algorithm TKIP AES or TKIP AES Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by Ox such as 0x321253abcde WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key
103. nd further protect its LAN it interconnects groups of host PCs Each of them has a private IP address assigned by the built in DHCP server of the Vigor router The router itself will also use the default private IP address 192 168 1 1 to communicate with the local hosts Meanwhile Vigor router will communicate with other network devices through a public IP address When the data flow passing through the Network Address Translation NAT function of the router will dedicate to translate public private addresses and the packets will be delivered to the correct host PC in the local area network Thus all the host PCs can share a common Internet connection Get Your Public IP Address from ISP In ADSL deployment the PPP Point to Point style authentication and authorization is required for bridging customer premises equipment CPE Point to Point Protocol over Ethernet PPPoE connects a network of hosts via an access device to a remote access concentrator or aggregation concentrator This implementation provides users with significant ease of use Meanwhile it provides access control billing and type of service according to user requirement When a router begins to connect to your ISP a serial of discovery process will occur to ask for a connection Then a session will be created Your user ID and password is authenticated via PAP or CHAP with RADIUS authentication system And your IP address DNS server and other related information will usua
104. nding pages directly Application Note FAQ Product Registration Click Support Area gt gt Application Note the following web page will be displayed Dray Tek SEH English Login G0 About DrayTek Products Support Education Partners Contact Us Home gt Support Application Notes Application Notes Latest Application Application Notes 01 How to use Windows Disk Management to format the USB Disk 2009 09 09 Latest Application 02 How to make a call between ATA24 without IP PBX or SIP server 2009 08 25 General 03 Vigor Router to NETGEAR with IPSec tunnel 2009 07 20 Dual WAN 04 SSL VPN Tunnel 2009 07 16 e 05 How to Access the Computers and Shared Files via Samba Protocol 2009 06 18 S 06 SSL Web Proxy 2009 06 18 iinan 07 How to use VNC and RDP via SSL VPN 2009 06 18 08 Vigor2950 Host to LAN VPN with LDAP Authentication 2009 06 01 ma gt Host to LAN VPN 09 How to build LAN to LAN IPSec VPN by using X 509 Certificate 2009 03 31 Teleworker to Vigor Click Support Area gt gt FAQ the following web page will be displayed Dr ay Tek hk English Login 0 About DrayTek Products Support Education Partners Contact Us Home gt Support gt FAQ FAQ Latest FAQ FAQ 01 What types of 3G modem cellphone are compatible with Vigor router 2009 10 01 Latest FAQ 02 How to use PRTG monitors network traffic Vig
105. network If you want to use another DHCP server in the network other than the Vigor Router s you can let Relay Agent help you to redirect the DHCP request to the specified location Let the router assign IP address to every host in the LAN Let you manually assign IP address to every host in the LAN Enter a value of the IP address pool for the DHCP server to start with when issuing IP addresses If the 1st IP address of your router is 192 168 1 1 the starting IP address must be 192 168 1 2 or greater but smaller than 192 168 1 254 Enter a value of the IP address pool for the DHCP server to end with when issuing IP addresses Type in an address code that determines the size of the network Default 255 255 255 0 24 Enter a value of the gateway IP address for the DHCP server The value is usually as same as the 1st IP address of the router which means the router is the default gateway It allows you to set the leased time for the specified PC If this function is enabled LAN PCs use Primary DNS Server and Secondary DNS Server as their DNS servers Otherwise LAN PCs use the router as their DNS server and the router will do DNS proxy for them You must specify a DNS server IP address here because your ISP should provide you with usually more than one DNS Server If your ISP does not provide it the router will automatically apply default DNS Server IP address 194 109 6 66 to this field You can specify secondary DNS
106. nfiguration Backup The following screen will be shown as below System Maintenance gt gt Configuration Backup Configuration Backup Restoration Restoration Select a configuration file ae Click Restore to upload the file Restore Click Backup to download current running configurations as a file 2 Click Browse button to choose the correct configuration file for uploading to the router 3 Click Restore button and wait for few seconds the following picture will tell you that the restoration procedure is successful Note If the file you want to restore has been encrypted you will be asked to type the encrypted key before clicking Restore Dray Tek 118 VigorFly 200 Series User s Guide 4 7 5 Syslog Mail Alert SysLog function is provided for users to monitor router There is no bother to directly get into the Web Configurator of the router or borrow debug equipments System Maintenance gt Syslog Mail Alert Setup Syslog Access Setup Enable Server IP Address Destination Port Log Level Mail Alert Setup Enable SMTP Server Mail To Mail From User Name Password Enable E Mail Alert User Login Enable for Syslog Access Setup Server IP Address Destination Port Log Level Enable for Mail Alert Setup SMTP Server Mail To Mail From User Name Password Enable E mail Alert Check Enable to activate function of syslog The IP address of the Syslog server Ass
107. nformation on IP address assignments This information is helpful in diagnosing network problems such as IP address conflicts etc Click Diagnostics and click DHCP Table to open the web page Diagonostics gt gt DHCP Table List DHCP Table Refresh Host Name optional IP Address MAC Address Expire Time user baleld2ces 00 0E A6 2A D5 A1 192 166 1 10 16 01 32 Host name Display the name of the computer accepted the assigned IP address by this router IP Address Display the IP address assigned by this router for specified PG MAC Address Display the MAC address for the specified PC that DHCP assigned IP address for it Expire Time Display the leased time of the specified PC Refresh Click it to reload the page 4 9 Support Area When you click the menu item under Support Area you will be guided to visit www draytek com and open the corresponding pages directly Application Note FAQ Product Registration Click Support Area gt gt Application Note the following web page will be displayed Dray Tek SHAM English Login G0 About DrayTek Products Support Education Partners Contact Us Home gt Support gt Application Notes Application Notes Latest Application Application Notes 01 How to use Windows Disk Management to format the USB Disk 2009 09 09 Latest Application 02 How to make a call between ATA24 without IP PBX or SIP server 2009 08 25 i General 03 Vigor Router to NETGEAR
108. now reaches or is capable of reaching virtually every location on the surface of the earth Hundreds of millions of people exchange information every day via wireless communication products The Vigor router is designed for maximum flexibility and efficiency of a small office home Any authorized staff can bring a built in WLAN client PDA or notebook into a meeting room for conference without laying a clot of LAN cable or drilling holes everywhere Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well as Internet access The Vigor wireless routers are equipped with a wireless LAN interface compliant with the standard IEEE 802 11n draft 2 protocol To boost its performance further the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps Hence you can finally smoothly enjoy stream music and video Note The actual data throughput will vary according to the network conditions and environmental factors including volume of network traffic network overhead and building materials In an Infrastructure Mode of wireless network Vigor wireless router plays a role as an Access Point AP connecting to lots of wireless clients or Stations STA All the STAs will share the same Internet connection via Vigor wireless router The General Settings will set up the information of this wireless network including its SSID as identification l
109. ns as a file 2 Type a key arbitrarily for encrypting the file Keep the key in mind You will need it whenever you want to restore such file Click Backup button to get into the following dialog Click Save button to open another dialog for saving configuration as a file File Download You are downloading the File config chg From 192 165 1 1 Would you like to open the file or save it to your computer Always ask before opening this type of file 3 In Save As dialog the default filename is config cfg You could give it another name by yourself VigorFly 200 Series User s Guide 117 Dr ay Te k Save in E Desktop gt e e i i jmy Documents 4 My Computer My Recent Emy Network Places Documents BB Ry5 COM Lite gt 4nnex 4 3 mmm p da Mw Snap300 C TeleDanmark vzk2_232_config_i Mu Documents TF vek6_250_config_1 My Computer _ File name config My Network Save as type Configuration file wt 4 Click Save button the configuration will download automatically to your computer as a file named config cfg The above example is using Windows platform for demonstrating examples The Mac or Linux platform will appear different windows but the backup function is still available Note Backup for Certification must be done independently The Configuration Backup does not include information of Certificate Restore Configuration 1 Goto System Maintenance gt gt Co
110. nstruct the packets The Vigor routers 83 Dray Tek OK Clear All Cancel 4 4 2 MACIIP Port Filtering will block any packets realizing this attacking activity Click this button to save such profile Click this button to clear all of the settings in this page Click this button to cancel current operation This page allows you to set up to 32 MAC IP Port Filtering rules When you finish the filtering rule simply click OK The new rule will be displayed below in this page Firewall gt gt MAC IP Port Filtering Basic Settings MAC IP Port Filtering Disable v Default Policy The packet that don t match with any rules would be Dropped v MAC IP Port Filter Settings MAC address Dest IP Address Source IP Address Protocol None Dest Port Range E Source Port Range E Action Accept Y Comment The maximum rule count is 32 Current MAC IP Port filtering rules in system No MAC address Dest IP Address Source IP Address Protocol Dest Port Range Source Port Range Action Comment Pkt Cnt Others would be dropped MAC IP Port Filtering Default Policy MAC Address Dest IP Address Source IP Address Protocol Dest Port Range Dray Tek Choose Enable to activate MAC IP Port Filtering function Accepted all the packets that do not match with any rule will be accepted Dropped all the pa
111. o one public IP address thus you can have only one IP address on behalf of the entire internal hosts Enhance security of the internal network by obscuring the IP address There are many attacks aiming victims based on the IP address Since the attacker cannot be aware of any private IP addresses the NAT function can protect the internal network On NAT page you will see the private IP address defined in RFC 1918 Usually we use the 192 168 1 0 24 subnet for the router As stated before the NAT facility can map one or more IP addresses and or service ports into different specified services In other words the NAT function can be achieved by using port mapping methods Below shows the menu items for NAT NAT Open Port DMZ Host 3 3 1 Open Ports Open Ports allows you to open a range of ports for the traffic of special applications Common application of Open Ports includes P2P application e g BT KaZaA Gnutella WinMX eMule and others Internet Camera etc Ensure that you keep the application involved up to date to avoid falling victim to any security exploits VigorFly 200 Series User s Guide 41 Dr ay Te k NAT gt gt Open Port Virtual Server Settings Virtual Server Settings Protocol Public Port Range Local IP Address Local Port Comment The maximum rule count is 32 Current Virtual Servers in system No Protocol Public Port Range Local IP Address Local Port Comment Virtual Ser
112. oadband Network Tasks y eo M hinet a Create anew connection e Disconnected 3 Set up a home or small PA WAN Miniport PPPOE office network Dial up See Also test g P Kr i i Network Troubleshooter i Disconnected FE pL DrayTek ISDN PPP Other Places G Control Panel Je IP Broadband Connection on a My Network Places sar Enabled Lj My Documents S 4 My Computer Internet Gateway __LAN or High Speed Internet Local 4rea Connection Enabled fe a Realtek RTL6139 810x Family Details Network Connections System Folder IP Broadband Connection on Router Status AE n General Internet Gateway Status Connected Duration 00 19 06 Speed 100 0 Mbps Activity Internet Internet Gateway My Computer Packets Sent 404 Ta Receryed 1115 BEG The UPnP facility on the router enables UPnP aware applications such as MSN Messenger to discover what are behind a NAT router The application will also learn the external IP address and configure port mappings on the router Subsequently such a facility forwards packets from the external ports of the router to the internal ports used by the application TIP Broadband Connection on Router Properties ar mp General Connect to the Internet using IP Broadband Connection on Aouter This connection allows pou to connect to the Internet through a shared connection on anot
113. ocate the newest firmware and click Upgrade During the process of upgrade do not turn off your router VigorFly 200 Series User s Guide 63 Dr ay Te k 3 7 Diagnostics Diagnostic Tools provide a useful way to view or diagnose the status of your Vigor router Below shows the menu items for Diagnostics Diagnostics System Log DHCP Table 3 7 1 System Log Click Diagnostics and click System Log to open the web page Diagonostics gt gt System Log System Log Information PRPRPRPRPRPPRPRPRPRPRPRPRPEP Clear 00 00 12 OO 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 00 00 12 Refresh 3 7 2 DHCP Table The facility provides information on IP address assignments This information is helpful in diagnosing network problems such as IP address conflicts etc VigorFly2o0 VigorFlyzoo VigorFly2zoo VigorFly2oo VigorFly2o0 VigorFly2o0 VigorFly2zoo VigorFly2oo VigorFly2zoo VigorFly2o0 VigorFly2zoo VigorFly2o0 VigorFly2o0 VigorFly2o0 VigorFlyzoo VigorFly2o0 uger Wearn user info user info user info user info user info uger Wwearn use r warn ugse Lr WeaErn use r warn user Wart user alert kernel User Wwarn user info user Warr Clear Refresh kernel arp tables C 2002 David 5 Miller kernel ICP cubic registered kernel NET Registered protocol family 1 kernel NET Registered prot
114. ocated channel etc Internet SSID Draytek Channel 6 Mode WEP only PUhdil P zo Te 4 192 168 1 1 Security Overview Real time Hardware Encryption Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest protection to your data without influencing user experience VigorFly 200 Series User s Guide 91 Dr ay Te k Complete Security Standard Selection To ensure the security and privacy of your wireless communication we provide several prevailing standards on market WEP Wired Equivalent Privacy is a legacy method to encrypt each frame transmitted via radio using either a 64 bit or 128 bit key Usually access point will preset a set of four keys and it will communicate with each station using only one out of the four keys WPA Wi Fi Protected Access the most dominating security mechanism in industry is separated into two categories WPA personal or called WPA Pre Share Key WPA PSK and WPA Enterprise or called WPA 802 1x In WPA Personal a pre defined key is used for encryption during data transmission WPA applies Temporal Key Integrity Protocol TKIP for data encryption while WPA2 applies AES The WPA Enterprise combines not only encryption but also authentication Since WEP has been proved vulnerable you may consider using WPA for the most secure connection You should select the appropriate security mechanism according to your needs No matter which secu
115. ocol family 17 kernel 6802 10 VLAN Support v1 6 Ben Greear lt greearblcand kernel All bugs added by David 5 Miller lt davem redhat c kernel GDMA MAC ADRH Ox00000000 kernel GDMAl MAC ADEL Ox0d0000000 kernel Ralink APSoC Ethernet Driver Initilization kernel GDMAl MAC ADRH Ox00000050 kernel GDMAl MAC ADRL On 223344 PROC INIT OK kernel VFS Mounted root squashts filesystem kernel Freeing unused kernel memory 112k freed kernel Algorithmics MIPS FPU Emulator v1 5 v2 00 readonly user err kernel devpts called with bogus options HM Click it to clear this page Click it to reload the page Click Diagnostics and click DHCP Table to open the web page Diagonostics gt gt DHCP Table List DHCP Table IP Address MAC Address 00 0E A6 2A D5 Al 192 168 1 10 Refresh Expire Time 22 00 42 Host Name optional user 6a0el182ce a Host name Display the name of the computer accepted the assigned IP address by this router IP Address Display the IP address assigned by this router for specified PC MAC Address Display the MAC address for the specified PC that DHCP assigned IP address for it Expire Time Display the leased time of the specified PC 64 VigorFly 200 Series User s Guide Dray Tek Refresh Click it to reload the page 3 8 Support Area When you click the menu item under Support Area you will be guided to visit www draytek com and open the correspo
116. omputer to get IP dynamically c from the router or set up the IP address of the computer to be the same subnet as the default IP address of Vigor router 192 168 1 1 For the detailed information please refer to the later section Trouble Shooting of the guide 2 Open a web browser on your PC and type http 192 168 1 1 The following window will be open to ask for username and password Username Password Copyright DrayTek Corp All Rights Reserved Dray Tek 3 For user mode operation do not type any word on the window and click Login for the simple web pages for configuration Yet for admin mode operation please type admin admin on Username Password and click Login for full configuration Q Notice If you fail to access to the web configuration please go to Trouble u Shooting for detecting and solving your problem 4 The web page can be logged out according to the chosen condition The default setting is Auto Logout which means the web configuration system will logout after 5 minutes without any operation Change the setting for your necessity Off VigorFly 200 Series User s Guide 9 Dr ay Te k 2 3 Changing Password Before configuring the web pages please change the password for the original security of the router Such action can be done in Admin Mode only l Dray Tek Open a web browser on your PC and type http 192 168 1 1 A pop up window will open to ask for username and password
117. on has successfully completed The unit is second Set the maximum time that a wireless device may remain idle The unit 1s second Mixed WPA WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID SSID Wireless Security Settings Security Mode WPA WPA Algorithms Key Renewal Interval Radius Server IP Address Port Shared Secret Session Timeout Idle Timeout WPA Algorithms Key Renewal Interval IP Address Port Shared Secret VigorFly 200 Series User s Guide OTKIP AES OTKIP AES seconds o Select TKIP AES or TKIP AES as the algorithm for WPA WPA uses shared key for authentication to the network However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Enter the IP address of RADIUS server The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 The RADIUS server and client share a secret that is used to authenticate the messages
118. or Router 2009 09 22 Basic 03 What is Powerline Networking 2009 09 15 Advanced 04 What are the benefits of networking devices found at home 2009 09 15 NAT 05 What is the maximum wire length that powerline technology can communicate over 2009 09 15 hd 06 Is VigorPlug s powerline technology compatible with other home networking technologies 2009 09 15 ws including phone line powerline and RF Wireless 07 Will Powerline technology interfere with ADSL services 2009 09 15 VoIP 08 How does Powerline networking handle co interference between two adjacent homes 2009 09 15 QoS using powerline technology How is eavesdropping prevented ISDN VigorFly 200 Series User s Guide 65 Dr ay Te k Click Support Area gt gt Product Registration the following web page will be displayed Dr ay Te k English Login Go About DrayTek Products Support Education Partners Contact Us Home gt Dray Tek Member DEVAL Dear DrayTek new amp existing users Sign up Forgot Password For enhancing the users satisfaction level while utilizing our site and receiving even better service from DrayTek we have designed this membership page Please complete the membership registration and then register your product s Already a DrayTek Member Just sign in below Want to become a DrayTek Member Click Create Account and then fill out the membership form Forgot username or password Click Forgot Username Passwor
119. ot invoke any WDS setting Bridge Mode is designed to fulfill the first type of application Repeater Mode is for the second one Bridge Mode Disable Key Key Bridge Mode Repeater Mode There are four types for security Disabled WEP TKIP and Key or Peer Mac Address field valid or not Choose one of the types for the router Please disable the unused link to get better performance Type 8 63 ASCII characters or 64 hexadecimal digits leading by 0x Four peer MAC addresses are allowed to be entered in this page at one time There are three types of transmission rates developed by different techniques for Phy Mode Data will be transmitted via communication channel Click this button to save the configuration 109 Dray Tek 4 6 7 Universal Repeater Dray Tek This menu is available only when it is enabled in Wireless LAN gt gt General Setup It allows you to specify which AP that remote client can connect to The access point can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to serve all wireless stations within its coverage Note While using Universal Repeater Mode the access point will demodulate the received signal Please check if this signal is noise for the operating network then have the signal modulated and amplified again The output power of this mode is the same as that of WDS and normal A
120. outer will serve for IP routing to help hosts in the public subnet to communicate with other public hosts or servers outside Therefore the router should be set as the gateway for public hosts VigorFly 200 Series User s Guide 75 Dr ay Tek Internet E Public IP Address CR 220 135 240 207 cgtlillil Router IP What is Routing Information Protocol RIP Vigor router will exchange routing information with neighboring routers using the RIP to accomplish IP routing This allows users to change the information of the router such as IP address and the routers will automatically inform for each other What is Static Route When you have several subnets in your LAN sometimes a more effective and quicker way for connection is the Static routes function rather than other method You may simply set rules to forward data from one specified subnet to another specified subnet without the presence of RIP 4 2 1 General Setup This page provides you the general settings for LAN Click LAN to open the LAN settings page and choose General Setup Dray Tek LAN gt General Setup Ethernet TCP IP and DHCP Setup LAN IP Network Configuration DHCP Server Configuration For NAT Usage Enable Server Disable Server IP Address 192 168 1 1 Start IP Address 192 168 1 10 Subnet Mask 255 255 255 0 End IP Address 192 168 1 100 For IP Routing Usage Enable Disable Subnet Mask 255 255 255 0 2nd IP Address 192 168 2 1 Default
121. ow or automatically negotiated via 802 1x authentication Wireless LAN gt gt Security Settings SSID 1 SSID 2 SSID 3 Mode WPA2 802 1x Set up RADIUS Server if 802 1 is enabled WPA WPA Algorithms OTKIP AES TKIP AES Pass Phrase Key Renewal Interval seconds PMK Cache Period minutes Pre Authentication Disable Enable WEP Key 1 CY Key 2 Key 3 Key 4 Cd 802 1x WEP Disable Enable WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal WPA uses shared key for authentication to the network Interval However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With the pre authentication procedure defined in IEEE 802 111 specification the pre four way handshake can reduce handoff delay perceivable by a mobile node It makes roaming faster and more secure Only valid in WPA2 Enable Enable IEEE 802 1X Pre Authentication Disable Dis
122. ow that the content on the Internet just like other types of media may be inappropriate sometimes As a responsible parent or employer you should protect those in your trust against the hazards With Web filtering service of the Vigor router you can protect your business from common primary threats such as productivity legal liability network and security threats For parents you can protect your children from viewing adult websites or chat rooms Once you have activated your Web Filtering service in Vigor router and chosen the categories of website you wish to restrict each URL address requested e g www bbc co uk will be checked against our server database This database is updated as frequent as daily by a global team of Internet researchers The server will look up the URL and return a category to your router Your Vigor router will then decide whether to allow access to this site according to the categories you have selected Please note that this action will not introduce any delay in your Web surfing because each of multiple load balanced database servers can handle millions of requests for categorization URL Content Filter To provide an appropriate cyberspace to users Vigor router equips with URL Content Filter not only to limit illegal traffic from to the inappropriate web sites but also prohibit other web feature where malicious code may conceal VigorFly 200 Series User s Guide 85 Dr ay Te k Once a user type in or click on a
123. owerline technology How is eavesdropping prevented FAQ Latest FAQ Basic Advanced NAT VPN DHCP Wireless VoIP QoS ISDN Click Support Area gt gt Product A alsa the following web page will be displayed Dray Tek English About DrayTek Products Support Education Login so Partners Contact Us Home gt Dray Tek Member Be WAT alee Dear DrayTek new amp existing users For enhancing the users satisfaction level while utilizing our site and receiving even better service from DrayTek we have designed this membership page Please complete the membership registration and then register your product s Already a DrayTek Member Just sign in below Want to become a DrayTek Member Click Create Account and then fill out the membership form Forgot username or password Click Forgot Username Password Benefits for DrayTek Members Receiving e news letters about latest firmware version for your purchased products Software and firmware available online for download Chances to win prizes Many more benefits only for DrayTek members are coming soon VigorFly 200 Series User s Guide 125 Sign up Forgot Password Dray Tek This page is left blank Dray Tek 126 VigorFly 200 Series User s Guide 9 Trouble Shooting This section will guide you to solve abnormal situations if you cannot access into the Internet after installing the router and finishing the we
124. plying domain OK Click it to save and apply such setting Click OK button to activate the settings 4 5 2 802 1d Spanning Tree The Spanning Tree Protocol STP is a link layer network protocol that ensures a loop free topology for any bridged LAN Applications gt gt 602 1d Spanning Tree 602 1d Spanning Tree Enable 802 1d Spanning Tree The Spanning Tree Protocol STP is a link layer network protocol that ensures a loop free topology for any bridged LAN OK Click it to save and apply such setting 4 5 3 LLTD Link Layer Topology Discovery LLTD is a proprietary Link Layer protocol for network topology discovery and quality of service diagnostics This protocol is included in Windows Vista and Windows 7 Dray Tek 88 VigorFly 200 Series User s Guide Applications gt gt LLTD LLTD C Enable LLTD Link Layer Topology Discovery LLTD is a proprietary Link Layer protocol for network topology discovery and quality of service diagnostics This protocol is included in Windows Vista and Windows 7 4 5 4 IGMP IGMP is the abbreviation of Internet Group Management Protocol It is a communication protocol which is mainly used for managing the membership of Internet Protocol multicast groups Applications gt IGMP IGMP Enable IGMP Proxy IGMP Proxy is to act as a multicast proxy for hosts on LAN If you want to access any multicast group please check Enable IGMP Proxy Cancel 4 5 5 UPnP Configu
125. ration The UPnP Universal Plug and Play protocol is supported to bring to network connected devices the ease of installation and configuration which is already available for directly connected PC peripherals with the existing Windows Plug and Play system For NAT routers the major feature of UPnP on the router is NAT Traversal This enables applications inside the firewall to automatically open the ports that they need to pass through a router It is more reliable than requiring a router to work out by itself which ports need to be opened Further the user does not have to manually set up port mappings or a DMZ UPnP is available on Windows XP and the router provide the associated support for MSN Messenger to allow full use of the voice video and messaging features Applications gt gt UPnP UPnP C Enable UPnP Service If you want to run UPnP service inside your LAN please check the above box to enable UPnP service control Ok After setting Enable UPnP setting an icon of IP Broadband Connection on Router on Windows XP Network Connections will appear The connection status and control status will be able to be activated The NAT Traversal of UPnP enables the multimedia features of your applications to operate This has to manually set up port mappings or use other similar methods The screenshots below show examples of this facility VigorFly 200 Series User s Guide 89 Dr ay Te k Address S Network Connections Br
126. re MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled Wy MAC Address MAC Address Clone 72 VigorFly 200 Series User s Guide After finishing all the settings here please click OK to activate them 3G USB Modem If your router connects to a 3G modem and you want to access Internet via 3G modem choose 3G as connection type and type the required information in this web page WAN gt gt Internet Access WAN IP Configuration Connection Type 3G USB Modem 3G USB Modem Settings SIM PIN code Modem Initial Stringi Modem Initial String APN Name Modem Dial String PPP Username PPP Password MAC Address Clone Enabled default AT amp F default ATEOV1X1 amp D282C150 0 default internet default ATDT 99 SIM PIN code Modem Initial String1 2 APN Name Modem Dial String PPP Username PPP Password MAC Address Clone Type PIN code of the SIM card that will be used to access Internet Such value is used to initialize USB modem Please use the default value If you have any question please contact to your ISP APN means Access Point Name which is provided and required by some ISPs Such value is used to dial through USB mode Please use the default value If you have any question please contact to your ISP Type the
127. rity suite you select they all will enhance the over the air data protection and or privacy on your wireless network The Vigor wireless router is very flexible and can support multiple secure connections with both WEP and WPA at the same time Below shows the menu items for Wireless LAN t Wireless LAN General Setup Security Access Control WPS WDS AP Discovery WMM Configuration Station List 4 6 2 General Setup By clicking the General Setup a new web page will appear so that you could configure the SSID and the wireless channel Please refer to the following figure for more information Dray Tek 92 VigorFly 200 Series User s Guide General Setting IEEE 602 11 General Setup Mode Hide SSID d C O Mixed 11b 119 11n Isolate Member d d d Hide SSID Prevent SSID from being scanned Isolate Member Wireless clients stations with the same SSID cannot access for each other 31D4 Reserved for Universal Repeater mode so it s not listed Channel Packet OVERDRIVE Tx Burst Note AutoSelect 1 Tx Burst only supports 11g mode 2 The same technology must also be supported in clients to boost WLAN performance Universal Repeater Enable Note If Universal Repeater is enabled one additional wireless interface is treated as WAN port The wireless AP interface and the ethernet ports are LAN ports Enable Wireless LAN Mode Hide SSID SSID Isolate Member Chann
128. rule count is 32 Cancel Current Virtual Servers in system No Protocol Public Port Range Local IP Address Local Port Comment Virtual Server Settings Choose Enable to invoke this setting Protocol Specify the transport layer protocol It could be TCP UDP and TCP UDP TCP UDP TCP Public Port Range Specify the starting port number and ending port number of the service offered by the local host Local IP Address Enter the private IP address of the local host Local Port If it is configured the forwarded traffic is mapped to this port on the local host Comment Type words as notification for such virtual server OK When you finish the above settings simply click this button to save it and display on the field of Current Virtual Servers in system Cancel Click this button to clear current configuration Delete Click this button to remove the selected virtual server configuration Dray Tek 80 VigorFly 200 Series User s Guide 4 3 2 DMZ Host As mentioned above Port Redirection can redirect incoming TCP UDP or other traffic on particular ports to the specific private IP address port of host in the LAN However other IP protocols for example Protocols 50 ESP and 51 AH do not travel on a fixed port Vigor router provides a facility DMZ Host that maps ALL unsolicited data on any protocol to a single host in the LAN Regular web surfing and other such Internet activities from other clients will continue to work witho
129. rval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key The built in RADIUS client feature enables the router to assist the remote dial in user or a wireless station and the RADIUS server in performing mutual authentication It enables centralized remote access authentication for network management The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Select WPA WPA2 or Auto as WPA mode VigorFly 200 Series User s Guide 97 Dray Tek Dray Tek SSID 1 SSID 2 SSID 3 Mode Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms TKIP AES TKIP AES Pass Phrase Key Renewal Interval 3600 seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP O Disable Enable OK 802 1x WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption Click the link of RADIUS Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer Seles https 92 160 1 1 Avivelessrading agp Radius Server Port Shared Secret Session Timeout Idle Timeout IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS se
130. rver 01 How do configure LPR printing on Windows2000 AP 02 How do configure LPR printing on Windows96 Me 03 How do configure LPR printing on Linux boxes 04 Why there are some strange print out when try to print my documents through Vigor210 4P 2300 s print server 05 What types of printers are compatible with Vigor router 06 What are the limitations in the USB Printer Port of Vigor Router 7 O7 What is the printing buffer size of Vigor Router 08 How do configure LPR printing on Mac OSX 09 How do configure LPR printing on My Windows Vista Note 2 Vigor router supports printing request from computers via LAN ports but not WAN port Dray Tek 8 VigorFly 200 Series User s Guide 2 Configuring Basic Settings For using the router properly it is necessary for you to change the password of web configuration for security and adjust primary basic settings 2 1 Two Level Management This chapter explains how to setup a password for an administrator user and how to adjust basic advanced settings for accessing Internet successfully For user mode operation do not type any word on the window and click Login for the simple web pages for configuration Yet for admin mode operation please type admin admin on Username Password and click Login for full configuration 2 2 Accessing Web Page 1 Make sure your PC connects to the router correctly Q Notice You may either simply set up your c
131. rver is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain 98 VigorFly 200 Series User s Guide idle The unit is second WPA 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Wireless LAN gt Security Settings SSID 1 SSID 2 Mode SSID 3 WPA 802 1x w Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms Pass Phrase OTKIP AES OTKIP AES Key Renewal Interval 3600 seconds PMK Cache Period Pre Authentication WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP WPA Algorithms Key Renewal Interval Click the link of RADIUS minutes Disable Enable Disable Enable Select TKIP AES or TKIP AES as the algorithm for WPA WPA uses shared key for authentication to the network However normal network operations use a different encryption key th
132. s to the factory settings System Maintenance gt Reboot System Reboot System Do You want to reboot your router Using current configuration Using factory default configuration OK Hardware Reset While the router is running ACT LED blinking press the Factory Reset button and hold for more than 5 seconds When you see the ACT LED blinks rapidly please release the button Then the router will restart with the default configuration Factory Reset After restore the factory default setting you can configure the settings for the router again to fit your personal request 5 7 Contacting Your Dealer If the router still cannot work correctly after trying many efforts please contact your dealer for further help right away For any questions please feel free to send e mail to support draytek com Dray Tek 136 VigorFly 200 Series User s Guide
133. s use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key PMK Cache Period Set the expire time of WPA2 PMK Pairwise master key cache PMK Cache manages the list from the BSSIDs in the associated SSID with which it has pre authenticated Pre Authentication Enables a station to authenticate to multiple APs for roaming securer and faster With the pre authentication procedure defined in IEEE 802 111 specification the pre four way handshake can reduce handoff delay perceivable by a mobile node It makes roaming faster and more secure Only valid in WPA2 Enable Enable IEEE 802 1X Pre Authentication Disable Disable IEEE 802 1X Pre Authentication IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to Dray Tek 24 VigorFly 200 Series User s Guide Session Timeout Idle Timeout authenticate the messages sent between them Both sides must be configured to use the same shared secret Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authenticati
134. s utility window choose Enable for TxBurst on the tab of Option a Dray Tek Universal Repeater 3 5 3 Security This page allows you to set security with different modes for SSID 1 2 and 3 respectively After configuring the correct settings please click OK to save and invoke it igor N61 802 11n Wireless USB Adapter Utility Configuration Status General Setting Advance Setting Auto launch when Windows start up Disable Radio C Remember mini status position Fragmentation Threshold 2346 C Auto hide mini status RTS Threshold 2347 Set mini status always on top Mena 802 11b gn 2 4GH v _ Enable IP Setting and Proxy Setting in Profile C Grup Roaming ne WLAN type to connect Infrastructure and Ad hoc network Infrastructure network only O Adhoc network only C Automatically connect to non preferred networks If such mode is enabled the access point can act as a wireless repeater it can be Station and AP at the same time It can use Station function to connect to a Root AP and use AP function to service all wireless stations within its coverage Check this box to enable the function Besides it will be displayed on the Wireless LAN for you to access for detailed configuration t Wireless LAN General Setup Security Universal Repeater Station List Open Wireless LAN gt gt Universal Repeater Please refer to the corresponding section for detailed in
135. se your ISP should provide you with usually more than one DNS Server If your ISP does not provide it the router will automatically apply default DNS Server IP address 198 95 1 1 to this field Secondary DNS Server You can specify secondary DNS server IP address here because your ISP often provides you more than one DNS Server If your ISP does not provide it the router will automatically apply default secondary DNS Server IP address MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field of MAC Address MAC Address Clone Enabled MAC Address MAC Address Clone After finishing all the settings here please click OK to activate them DHCP DHCP allows a user to obtain an IP address automatically from a DHCP server on the Internet If you choose DHCP mode the DHCP server of your ISP will assign a dynamic IP address for your router automatically It is not necessary for you to assign any setting WAN gt gt Internet Access WAN IP Configuration Connection Type DHCP Settings Router Name VigorFly200 MAC Address Clone Router Name Type in a name for the router It must be the same as the name used in Syslog MAC Address Clone MAC Address Clone is available when the box of Enable is checked The router will detect the MAC address automatically The result will be displayed in the field o
136. sent between them Both sides must be configured to use the same shared secret 25 Dray Tek Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second After finishing the settings here please click Next 2 4 5 Saving the Wizard Configuration Now you can see the following screen It indicates that the setup is complete Different types of connection modes will have different summary Click Finish and then restart the router Quick Start Wizard Vigor Wizard Setup is now finished Press Finish button to save and finish the wizard setup You will be prompted for the new password Note that the configuration process takes a few seconds to complete Next gt Finish 2 5 Online Status The online status shows the system status WAN status and other status related to this router within one page If you select PPPoE as the protocol you will find out a link of Dial PPPoE or Drop PPPoE in the Online Status web page Online status for DHCP Online Status System Status System Uptime 1d 17 19 32 LAN Status IP Address TX Packets RX Packets TX Bytes RX Bytes 192 168 1 1 181317 145211 132814815 40025137 WAN Status gt gt Release IP GW IP Mode Up Time 192 168 5 30
137. server IP address here because your ISP often provides you more than one DNS 17 Dray Tek Server If your ISP does not provide it the router will automatically apply default secondary DNS Server IP address 194 98 0 1 to this field If both the Primary IP and Secondary IP Address fields are left empty the router will assign its own IP address to local users as a DNS proxy server and maintain a DNS cache If the IP address of a domain name is already in the DNS cache the router will resolve the domain name immediately Otherwise the router forwards the DNS query packet to the external DNS server by establishing a WAN e g DSL Cable connection After finishing all the settings here please click OK to activate them 4 2 2 Static Route Go to LAN to open setting page and choose Static Route It can help to describe one way of configuring path selection of router in computer network LAN gt gt Static Route Add a routing rule Destination Range Gateway Interface Comment Current Routing table in the system No Destination Netmask Gateway Flags Metric Ref Use Interface Comment 255 255 255 255 255 255 255 255 0 0 0 0 5 0 LAN br WAN eth2 2 192 168 5 0 255 255 255 0 0 0 0 0 0 192 168 1 0 255 200 200 0 0 0 0 0 1 0 LAN br 0 0 0 0 0 0 0 0 0 192 168 5 1 3 WAN eth2 2 Destination Type the IP address for the routing rule applied to Range Choose Host or Net for specifying gateway or netmask sett
138. set the session number in this field the system will use the default session limit 25000 for the specific limitation 4 4 Firewall Basics for Firewall While the broadband users demand more bandwidth for multimedia interactive applications or distance learning security has been always the most concerned The firewall of the Vigor router helps to protect your local network against attack from unauthorized outsiders It also restricts users in the local network from accessing the Internet Furthermore it can filter out specific packets that trigger the router to build an unwanted outgoing connection Denial of Service DoS Defense The DoS Defense functionality helps you to detect and mitigate the DoS attack The attacks are usually categorized into two types the flooding type attacks and the vulnerability attacks The flooding type attacks will attempt to exhaust all your system s resource while the vulnerability attacks will try to paralyze the system by offending the vulnerabilities of the protocol or operation system The DoS Defense function enables the Vigor router to inspect every incoming packet based on the attack signature database Any malicious packet that might duplicate itself to paralyze the host in the secure LAN will be strictly blocked and a Syslog message will be sent as warning if you set up Syslog server Also the Vigor router monitors the traffic Any abnormal traffic flow violating the pre defined parameter suc
139. ss Mask MAC NIC Description SiS 900 Based PCI Fast Ethernet Adapter Packet Sc 192 168 1 1 255 255 2 00 50 7F 54 6 Wie information MAC Address 00 1 1 D8 E4 58 CE Default Geteway 192 168 1 1 IP Address 192 168 1 10 DHCP Server 192 168 1 1 Subnet Mask 255 259 2990 EENT Mon Jan 22 Lease Obtained 01 28 23 2007 a m gt 168 95 1 1 DNS Servers Lease Expires Thu Jan 25 01 28 23 2007 ADSL Status 4 7 6 Time and Date It allows you to specify where the time of the router should be inquired from System Maintenance gt gt Time and Date NTP Settings Current Time Sat Jan 1 21 22 19 UTC 2000 Inquire Time Time Zone GMT 11 00 Midway Island Samoa NTP Server NTP synchronization Cana Current Time Click Inquire Time to get the current time Time Zone Select the time zone where the router is located NTP Server Type a new NTP server NTP synchronization Select a time interval for updating from the NTP server Dray Tek 120 VigorFly 200 Series User s Guide Click OK to save these settings 4 7 7 Management This page allows you to manage the settings for access control access list port setup and SMP setup For example as to management access control the port number is used to send receive SIP message for building a session System Maintenance gt Remote Management Management Access control Enable HTTP Enable ICMP Ping Enable Telnet A
140. strar s PIN code in remote station to make a network connection Configure via Push Click Start PBC to invoke Push Button style WPS setup Button procedure The router will wait for WPS requests from wireless clients about two minutes The WPS LED on the router will blink fast when WPS is in progress It will return Dray Tek 106 VigorFly 200 Series User s Guide to normal condition after two minutes You need to setup WPS within two minutes Configure via Client Type the PIN code specified in wireless client you wish to PinCode connect and click Start PIN button The WLAN LED on the router will blink fast when WPS is in progress It will return to normal condition after two minutes You need to setup WPS within two minutes 4 6 6 WDS WDS means Wireless Distribution System It is a protocol for connecting two access points AP wirelessly Usually it can be used for the following application Provide bridge traffic between two LANs through the air Extend the coverage range of a WLAN To meet the above requirement two WDS modes are implemented in Vigor router One is Bridge the other is Repeater Below shows the function of WDS bridge interface LAN3 The application for the WDS Repeater mode is depicted as below VigorFly 200 Series User s Guide 107 Dr ay Te k Host with Host with Host with o bridge Interface 1 repeater Interface bridge Interface 2 v Y a m a iad Mm a M r_e Mia ee e we ee ee
141. t lower performance Default is 3600 seconds Set 0 to disable re key Enter the IP address of RADIUS server The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 The RADIUS server and client share a secret that is used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Set the maximum time that a wireless device may remain idle The unit is second 23 Dray Tek WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Quick Start Wizard Wireless System Configuration Enable Wireless LAN Hide SSID d Wireless Security Settings Security Mode WPA WPA Algorithms OTKIP OAES OTKIP AES Key Renewal Interval 3600 seconds PMK Cache Period minutes Pre Authentication Disable Enable Radius Server IP Address E Port Shared Secret E o Session Timeout Idle Timeout WPA Algorithms Select TKIP AES or TKIP AES as the algorithm for WPA Key Renewal Interval WPA uses shared key for authentication to the network However normal network operation
142. tered area within a temperature range of 5 to 40 Celsius Do not expose the router to direct sunlight or other heat sources The housing and electronic components may be damaged by direct sunlight or heat sources Do not deploy the cable for LAN connection outdoor to prevent electronic shock hazards Keep the package out of reach of children When you want to dispose of the router please follow local regulations on conservation of the environment We warrant to the original end user purchaser that the router will be free from any defects in workmanship or materials for a period of two 2 years from the date of purchase from the dealer Please keep your purchase receipt in a safe place as it serves as proof of date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials we will at our discretion repair or replace the defective products or components without charge for either parts or labor to whatever extent we deem necessary tore store the product to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal value and will be offered solely at our discretion This warranty will not apply if the product is modified misused tampered with damaged by an act of God or subjected to abnormal working conditions The warranty does not cover the bundled or
143. th Display the authentication mode of the connecting client Encrypt Display the encryption method of the connecting client Refresh Click this button to refresh current page Dray Tek 60 VigorFly 200 Series User s Guide 3 6 System Maintenance For the system setup there are several items that you have to know the way of configuration Status Time and Date and Firmware Upgrade Below shows the menu items for System Maintenance System Maintenance System Status User Password Time and Date Firmware Upgrade 3 6 1 System Status The System Status provides basic network settings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation System Status Model Firmware Version Build Date Time System Date System Uptime Operation Mode Memory total Memory left MAC Address IP Address IP Mask MAC Address SSID Channel Model Firmware Version Build Date Time System Date System Uptime Operation Mode Memory total Memory left MAC Address IP Address IP Mask VigorFly 200 Series User s Guide VigorFly200 1 0 0RC4a r328 Thu Jan 14 17 15 46 CST 2010 Sat Jan 1 01 08 13 2000 Od 01 06 13 Gateway Mode 30076 kB 16868 kB Connected Type DHCP Link Status Connected MAC Address 00 50 7F 22 33 45 IP Address 192 168 5 21 IP Mask 255 2
144. th other public hosts or servers outside Therefore the router should be set as the gateway for public hosts Dray Tek 38 VigorFly 200 Series User s Guide Internet Public IP Address 220 135 240 207 cgtlillil Router IP What is Routing Information Protocol RIP Vigor router will exchange routing information with neighboring routers using the RIP to accomplish IP routing This allows users to change the information of the router such as IP address and the routers will automatically inform for each other Below shows the LAN menu FLAN General Setup 3 2 1 General Setup This page provides you the general settings for LAN Click LAN to open the LAN settings page and choose General Setup LAN gt General Setup Ethernet TCP IP and DHCP Setup LAN IP Network Configuration DHCP Server Configuration For NAT Usage Enable Server Disable Server IP Address 192 168 1 1 Start IP Address 192 168 1 10 Subnet Mask 255 255 255 0 End IP Address 192 168 1 100 For IP Routing Usage Q Enable Disable Subnet Mask 255 255 255 0 ee ee Default Gateway 192 168 1 1 2nd Subnet Mask 255 255 255 0 ea E akan DNS Server IP Address ii ce a DNS Manual Setting F Primary DNS Server 168 95 1 1 Secondary DNS Server 168 95 1 1 Cancel IP Address Type in private IP address for connecting to a local private VigorFly 200 Series User s Guide 39 Dr ay Te k Subnet Mask For IP Routing Usage 2 IP Address 2 Subnet Mas
145. tion list Client s MAC Address For additional security of wireless access the Access Control facility allows you to restrict the network access right by controlling the wireless LAN MAC address of client Only the valid MAC address that has been configured can access the wireless LAN interface Click this button to add current typed MAC address into Access Control 114 VigorFly 200 Series User s Guide 4 7 System Maintenance For the system setup there are several items that you have to know the way of configuration System Status Administrator Password Configuration Backup Syslog Mail Alert Time and Date Management Reboot System and Firmware Upgrade Below shows the menu items for System Maintenance System Maintenance System Status Administration Password User Password Configuration Backup Syslog Mail Alert Time and Date Management Reboot System Firmware Upgrade 4 7 1 System Status The System Status provides basic network settings of Vigor router It includes LAN and WAN interface information Also you could get the current running firmware version or firmware related information from this presentation System Status Model VigorFly200 Firmware Version 1 0 0RC4a Build Date Time r328 Thu Jan 14 17 15 46 CST 2010 System Date Sat Jan 1 01 08 13 2000 System Uptime Od 01 08 13 Operation Mode Gateway Mode Memory total 30076 kB Connected Type DHCP Memory left
146. twork card installed press Start PBC button of network card PBC Io WLAN Card VigorFly 200 Series User s Guide 105 Dr ay Tek If you want to use PIN code you have to know the PIN code specified in wireless client Then provide the PIN code of the wireless client you wish to connect to the vigor router PINCode WLAN Card Define a F sa PIN Code of Station PIN Code Wireless LAN gt gt WPS Wi Fi Protected Setup Enable WPS Wi Fi Protected Setup Information WPS Current Status Idle WPS Configured No WPS SSID DrayTek WPS Auth Mode Open WPS Encryp Type None AP PIN 99413499 Generate Device Configure Configure via Push Button Configure via Client PinCode Status Idle Note WPS can help your wireless client automatically connect to the Access point WPS is Disabled WPS is Enabled Waiting for WPS requests from wireless clients Enable WPS Check this box to enable WPS setting WPS Current Status Display related system information for WPS If the wireless security encryption function of the router is properly configured you can see Configured message here WPS SSID Display current selected SSID WPS Auth Mode Display current authentication mode of the router Only WPA2 PSK and WPA PSK support WPS WPS Encryp Type Display encryption mode None WEP TKIP AES etc of the router AP PIN The number displayed here is used for remote client entering the regi
147. u Ready indicates the system is ready for you to input settings Settings Saved means your settings are saved once you click Finish or OK button VigorFly 200 Series User s Guide 27 Dray Tek This page is left blank Dray Tek 28 VigorFly 200 Series User s Guide 3 1 WAN User Mode Operation This chapter will guide users to execute simple configuration through user mode operation 1 Open a web browser on your PC and type http 192 168 1 1 The window will ask for typing username and password 2 Do not type any word both username and password are Null for user operation on the window and click Login on the window Now the Main Screen will appear Be aware that User mode will be displayed on the bottom left side VigorFly 200 E Dray Tek WiFi Router Auto Logout System Status Quick Start Wizard Model VigorFly200 Online Status Firmware Version 1 0 0RC4a gt WAN Build Date Time r328 Thu Jan 14 17 15 46 CST 2010 gt LAN System Date Sat Jan 1 00 49 30 2000 gt NAT System Uptime Od 00 49 30 Operation Mode Gateway Mode gt Applications gt Wireless LAN gt System Maintenance System WAN gt Diagnostics Memory total 30076 kB Connected Type DHCP Memory left 16880 kB Link Status Connected MAC Address 00 50 7F 22 33 45 Application Note IP Address 192 168 5 21 LAN IP Mask 255 255 255 0 Product Registration MAC Address 00 50 7F 22 33 44 De
148. u click OK the login window will appear Please use the new password to access into the web configurator for user operation again 3 6 3 Time and Date It allows you to specify where the time of the router should be inquired from System Maintenance gt gt Time and Date NTP Settings Current Time Sat Jan 1 18 41 45 UTC 2000 Inquire Time Time Zone GMT 11 00 Midway Island Samoa NTP Server NTP synchronization Current Time Click Inquire Time to get the current time Time Zone Select the time zone where the router is located NTP Server Type a new NTP server NTP synchronization Select a time interval for updating from the NTP server Click OK to save these settings Dray Tek 62 VigorFly 200 Series User s Guide 3 6 4 Firmware Upgrade Before upgrading your router firmware you need to install the Router Tools The Firmware Upgrade Utility is included in the tools The following web page will guide you to upgrade firmware by using an example Note that this example is running over Windows OS Operating System Download the newest firmware from DrayTek s web site or FTP site The DrayTek web site is www draytek com or local DrayTek s web site and FTP site is ftp draytek com Click System Maintenance gt gt Firmware Upgrade to launch the Firmware Upgrade Utility System Maintenance gt gt Firmware Upgrade Firmware Update Select a firmware file a Click Upgrade to upload the file Click Browse to l
149. umn Smaller interval leads to greater security but lower performance Default is 3600 seconds Set 0 to disable re key Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer E http 192 168 1 1Avireless radius asp Radius Server IP Address Port 1812 Shared Secret Session Timeout o Idle Timeout VigorFly 200 Series User s Guide 53 Dray Tek IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that 1s used to authenticate the messages sent between them Both sides must be configured to use the same shared secret Session Timeout Set the maximum time of service provided before re authentication Set to zero to perform another authentication immediately after the first authentication has successfully completed The unit is second Idle Timeout Set the maximum time that a wireless device may remain idle The unit is second Dray Tek 54 VigorFly 200 Series User s Guide WPA2 802 1x The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Wireless LAN gt gt Security Settings SSID 1 SSID 2 SSID 3 Mode WPA2
150. ure enables the router to assist the remote dial in user or a wireless station and the RADIUS server in performing mutual authentication It enables centralized remote access authentication for network management The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication Select WPA WPA2 or Auto as WPA mode VigorFly 200 Series User s Guide 51 Dray Tek Dray Tek SSID 1 SSID 2 SSID 3 Mode Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms TKIP AES TKIP AES Pass Phrase Key Renewal Interval 3600 seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP O Disable Enable OK 802 1x WEP Disable Disable the WEP Encryption Data sent to the AP will not be encrypted Enable Enable the WEP Encryption Click the link of RADIUS Server to access into the following page for more settings gt RADIUS Server Setup Windows Internet Explorer Seles https 92 160 1 1 Avivelessrading agp Radius Server Port Shared Secret Session Timeout Idle Timeout IP Address Enter the IP address of RADIUS server Port The UDP port number that the RADIUS server is using The default value is 1812 based on RFC 2138 Shared Secret The RADIUS server and client share a secret that is used to
151. ut inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc Destined to Internet 220 135 240 207 Protocol Any Port Any _ 192 168 1 12 Note The security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional filter rules or a secondary firewall q Click DMZ Host to open the following page NAT gt DMZ Host DM Settings DMZ Settings DM IP Address DMZ Settings Check this box to enable the DMZ Host function DMZ IP Address Enter the private IP address of the DMZ host OK Click this button to save such profile Cancel Click this button to clear information on this page VigorFly 200 Series User s Guide 81 Dr ay Te k 4 3 3 Session Limit A PC with private IP address can access to the Internet via NAT router The router will generate the records of NAT sessions for such connection The P2P Peer to Peer applications e g BitTorrent always need many sessions for procession and also they will occupy over resources which might result in important accesses impacted To solve the problem you can use limit session to limit the session procession for specified Hosts NAT gt gt Session Limit Session Limit Configuration Please define the available session number for the router If you do not
152. ver Settings Protocol Public Port Range Local IP Address Local Port Comment OK Cancel Delete 3 3 2 DMZ Host Choose Enable to invoke this setting Specify the transport layer protocol It could be TCP UDP and TCP UDP Specify the starting port number and ending port number of the service offered by the local host Enter the private IP address of the local host If it is configured the forwarded traffic is mapped to this port on the local host Type words as notification for such virtual server When you finish the above settings simply click this button to save it and display on the field of Current Virtual Servers in system Click this button to clear current configuration Click this button to remove the selected virtual server configuration Vigor router provides a facility DMZ Host that maps ALL unsolicited data on any protocol to a single host in the LAN Regular web surfing and other such Internet activities from other clients will continue to work without inappropriate interruption DMZ Host allows a defined internal user to be totally exposed to the Internet which usually helps some special applications such as Netmeeting or Internet Games etc Dray Tek 42 VigorFly 200 Series User s Guide Destined to Internet 220 135 240 207 Protocol Any Port Any ee 2 Note The security properties of NAT are somewhat bypassed if you set up DMZ host We suggest you to add additional
153. with IPSec tunnel 2009 07 20 Dual WAN 04 SSL VPN Tunnel 2009 07 16 Bandwidth Management 05 How to Access the Computers and Shared Files via Samba Protocol 2009 06 18 IP Filter Firewall 06 SSL Web Proxy 2009 06 18 i l USB 07 How to use VNC and RDP via SSL VPN 2009 06 18 VPN 08 Vigor2950 Host to LAN VPN with LDAP Authentication 2009 06 01 gt Host to LAN VPN 09 How to build LAN to LAN IPSec VPN by using X 509 Certificate 2009 03 31 Teleworker to Vigor Dray Te k 124 VigorFly 200 Series User s Guide Click SOUpport inda the following web page will be A SEX English DrayTek About DrayTek Products Support Education Partners Login 60 Contact Us Home gt Support gt FAQ FAQ Latest FAQ 01 What types of 3G modem cellphone are compatible with Vigor router 2009 10 01 02 How to use PRTG monitors network traffic Vigor Router 2009 09 22 03 What is Powerline Networking 2009 09 15 04 What are the benefits of networking devices found at home 2009 09 15 05 What is the maximum wire length that powerline technology can communicate over 2009 09 15 06 Is VigorPlug s powerline technology compatible with other home networking technologies 2009 09 15 including phone line powerline and RF 07 Will Powerline technology interfere with ADSL services 2009 09 15 08 How does Powerline networking handle co interference between two adjacent homes 2009 09 15 using p
154. xadecimal values in 64 bit encryption level or restricted to 13 ASCII characters or 26 hexadecimal values in 128 bit encryption level The allowed content is the ASCII characters from 33 to 126 except and Dray Tek 96 VigorFly 200 Series User s Guide WPA PSK or WPA2 PSK or Mixed WPA WPA2 PSK Accepts only WPA clients and the encryption key should be entered in PSK The WPA encrypts each frame transmitted from the radio using the key which either PSK Pre Shared Key entered manually in this field below or automatically negotiated via 802 1x authentication SSID 1 SSID 2 Mode SSID 3 WPA PSE we Set up RADIUS Server if 802 1x is enabled WPA WPA Algorithms Pass Phrase OTKIP aAES OTKIP AES Ox321253 Key Renewal Interval 3600 seconds PMK Cache Period io minutes Pre Authentication Disable Enable WEP Key 1 Key 2 Key 3 Key 4 802 1x WEP Disable Enable WPA Algorithm Select TKIP AES or TKIP AES as the algorithm for WPA Pass Phrase Either 8 63 ASCII characters such as 012345678 or 64 Hexadecimal digits leading by Ox such as 0x321253abcde Key Renewal WPA uses shared key for authentication to the network Interval e WEP 802 1x However normal network operations use a different encryption key that is randomly generated This randomly generated key that is periodically replaced Enter the renewal security time seconds in the column Smaller inte
155. y 200 Series User s Guide holes everywhere Wireless LAN enables high mobility so WLAN users can simultaneously access all LAN facilities just like on a wired LAN as well as Internet access The Vigor wireless routers are equipped with a wireless LAN interface compliant with the standard IEEE 802 11n draft 2 protocol To boost its performance further the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps Hence you can finally smoothly enjoy stream music and video Note The actual data throughput will vary according to the network conditions and environmental factors including volume of network traffic network overhead and building materials In an Infrastructure Mode of wireless network Vigor wireless router plays a role as an Access Point AP connecting to lots of wireless clients or Stations STA All the STAs will share the same Internet connection via Vigor wireless router The General Settings will set up the information of this wireless network including its SSID as identification located channel etc Internet SSID Draytek Channel 6 Mode WEP only F a PLLivaed P z T IF iy TA 192 168 1 1 Security Overview Real time Hardware Encryption Vigor Router is equipped with a hardware AES encryption engine so it can apply the highest protection to your data without influencing user experience Complete Security Standard Selection
Download Pdf Manuals
Related Search