Page 2 Vigor2120 Series User’s Guide...
Page 3 Vigor2120 Series Broadband Firewall Router User’s Guide Version: 1.0 Firmware Version: V3.7.5.1 (For future update, please visit DrayTek web site) Date: September 10, 2014 Vigor2120 Series User’s Guide...
Page 4 Web registration is preferred. You can register your Vigor router via Owner http://www.DrayTek.com. Firmware & Tools Due to the continuous evolution of DrayTek technology, all routers will be regularly Updates upgraded. Please consult the DrayTek web site for more information on newest firmware, tools and documents.
Page 5: Regulatory Information
Product: Vigor2120 Series Router DrayTek Corp. declares that Vigor2120 Series of routers are in compliance with the following essential requirements and other relevant provisions of R&TTE 1999/5/EC, ErP 2009/125/EC and RoHS 2011/65/EU The product conforms to the requirements of Electro-Magnetic Compatibility (EMC) Directive 2004/108/EC by complying with the requirements set forth in EN55022/Class B and EN55024/Class B.
Page 6 Vigor2120 Series User’s Guide...
Page 7: Table Of Contents
3.2 How can I get the files from USB storage device connecting to Vigor router? ..... 69 3.3 How to Build a LAN-to-LAN VPN Between Remote Office and Headquarter via IPsec Tunnel (Main Mode) ..........................71 3.4 How to Optimize the Bandwidth through QoS Technology ........... 76 Vigor2120 Series User’s Guide...
Page 8 4.5.7 Keyword Object ......................195 4.5.8 Keyword Group......................197 4.5.9 File Extension Object....................198 4.5.10 SMS/Mail Service Object .................... 200 4.5.11 Notification Object....................... 205 4.6 CSM Profile ......................... 207 4.6.1 APP Enforcement Profile ....................208 Vigor2120 Series User’s Guide viii...
Page 9 4.12.2 SSL Application ......................300 4.12.3 User Account ......................302 3.12.4 Online User Status...................... 306 4.13 USB Application ........................ 307 4.13.1 USB General Settings....................307 4.13.2 USB User Management....................308 4.13.3 File Explorer........................ 310 4.13.4 USB Device Status ..................... 311 Vigor2120 Series User’s Guide...
Page 10 5.4 Checking If the ISP Settings are OK or Not ................ 353 5.5 Problems for 3G Network Connection ................353 5.6 Backing to Factory Default Setting If Necessary ..............354 5.7 Contacting Your Dealer ....................... 355 Vigor2120 Series User’s Guide...
Page 11: Introduction
By the way, DoS/DDoS prevention and URL/Web content filter strengthen the security outside and control inside. Object-based firewall is flexible and allows your network be safe. In addition, Vigor2120 Series supports USB interface for connecting USB printer to share printing function or 3G/4G USB modem for network connection.
Page 12: Web Configuration Buttons Explanation
Add new settings for specified item. Edit the settings for the selected item. Delete the selected item with the corresponding settings. Note: For the other buttons shown on the web pages, please refer to Chapter 3, 4 for detailed explanation. Vigor2120 Series User’s Guide...
Page 13: Led Indicators And Connectors
Firewall >>General Setup. (Such profile must be established under CSM menu) LAN 1 - 4 A normal connection is through its corresponding port. LAN is disconnected. The WAN port is connected. Blinking It will blink while transmitting data. Vigor2120 Series User’s Guide...
Page 14 Connector for accessing the Internet. LAN 1- 4 Connecters for local network devices (LAN). PWR: Connecter for a power adapter. Connecter for a USB device (for 3G USB Modem or printer or storage disk). ON/OFF: Power switch. Vigor2120 Series User’s Guide...
Page 15: For Vigor2120N-Plus
Wireless function is not ready. Blinking Data is transmitting (sending/receiving). LAN 1 - 4 A normal connection is through its corresponding port. LAN is disconnected. The WAN port is connected. Blinking It will blink while transmitting data. Vigor2120 Series User’s Guide...
Page 16 Connector for accessing the Internet. LAN 1- 4 Connecters for local network devices (LAN). PWR: Connecter for a power adapter. Connecter for a USB device (for 3G USB Modem or printer or storage disk). ON/OFF: Power switch. Vigor2120 Series User’s Guide...
Page 17: Hardware Installation
Power on the device by pressing down the power switch on the rear panel. The system starts to initiate. After completing the system test, the ACT LED will light up and start blinking. (For the hardware connection, we take “n” model as an example.) Vigor2120 Series User’s Guide...
Page 18: Printer Installation
You can install a printer onto the router for sharing printing. All the PCs connected this router can print documents via the router. The example provided here is made based on Windows XP/2000. For Windows 98/SE/Vista, please visit www.DrayTek.com. Before using it, please follow the steps below to configure settings for connected computers (or wireless clients).
Page 19 In this dialog, choose Create a new port. In the field of Type of port, use the drop down list to select Standard TCP/IP Port. Then, click Next. Vigor2120 Series User’s Guide...
Page 20 In the following dialog, type 192.168.1.1 (router’s LAN IP) in the field of Hostname or IP Address and type 192.168.1.1 as the Port name. Then, click Next. Click Standard and choose Generic Network Card. Vigor2120 Series User’s Guide...
Page 21 Now, your system will ask you to choose right name of the printer that you installed onto the router. Such step can make correct driver loaded onto your PC. When you finish the selection, click Next. Type a name for the chosen printer. Click Next. Vigor2120 Series User’s Guide...
Page 22 10. Choose Do not share this printer and click Next. 11. Then, in the following dialog, click Finish. Vigor2120 Series User’s Guide...
Page 23 12. The new printer has been added and displayed under Printers and Faxes. Click the new printer icon and click Printer server properties. 13. Edit the property of the new printer you have added by clicking Configure Port. Vigor2120 Series User’s Guide...
Page 24 14. Select "LPR" on Protocol, type p1 (number 1) as Queue Name. Then click OK. Next please refer to the red rectangle for choosing the correct protocol and LPR name. The printer can be used for printing now. Most of the printers with different manufacturers are compatible with vigor router. Vigor2120 Series User’s Guide...
Page 25 Note 1: Some printers with the fax/scanning or other additional functions are not supported. If you do not know whether your printer is supported or not, please visit www.draytek.com to find out the printer list. Open Support >FAQ/Application Notes; find out the link of USB>>Printer Server and click it.
Page 26: Accessing Web Page
Please type “admin/admin” as the Username/Password and click Login. Notice: If you fail to access to the web configuration, please go to “Trouble Shooting” for detecting and solving your problem. Now, the Main Screen will appear. Vigor2120 Series User’s Guide...
Page 27: Changing Password
New Password. Then click OK to continue. Note: The maximum length of the password you can set is 23 characters. Now, the password has been changed. Next time, use the new password to access the Web user interface for this router. Vigor2120 Series User’s Guide...
Page 28: Introducing Dashboard
IPv6 Internet Access, Interface (physical connection), Security and Quick Access. Click Dashboard from the main menu on the left side of the main page. A web page with default selections will be displayed on the screen. Refer to the following figure: Vigor2120 Series User’s Guide...
Page 29: Virtual Panel
However, some important and common used menu items which can be accessed in a quick way just for convenience. Look at the right side of the Dashboard. You will find a group of common used functions grouped under Quick Access. Vigor2120 Series User’s Guide...
Page 30 All of the hosts (including wireless clients) displayed with Host ID, IP Address and MAC address indicates that the traffic would be transmitted through LAN port(s) and then the WAN port. The purpose is to perform the traffic monitor of the host(s). Vigor2120 Series User’s Guide...
Page 31: Gui Map
The functions/settings modified under Web Console also can be reviewed on the web user interface. Click the Web Console icon on the top of the main screen to open the following screen. Vigor2120 Series User’s Guide...
Page 32: Config Backup
System Maintenance>>Configuration Backup. Simply click the icon on the top of the main screen and a pop up dialog will appear. Click Save to store the setting. Click this icon to exit the web user interface. Vigor2120 Series User’s Guide...
Page 33: Online Status
IP Address-Displays the IP address of the LAN interface. TX Packets-Displays the total transmitted packets at the LAN interface. RX Packets-Displays the total received packets at the LAN interface. WAN1/WAN2 Enable – Yes in red means such interface is available but not Vigor2120 Series User’s Guide...
Page 34 Note: The words in green mean that the WAN connection of that interface is ready for accessing Internet; the words in red mean that the WAN connection of that interface is not ready for accessing Internet. Vigor2120 Series User’s Guide...
Page 35: Saving Configuration
Each time you click OK on the web page for saving the configuration, you can find messages showing the system interaction with you. Ready indicates the system is ready for you to input settings. Settings Saved means your settings are saved once you click Finish or OK button. Vigor2120 Series User’s Guide...
Page 36 This page is left blank. Vigor2120 Series User’s Guide...
Page 37: Quick Setup
On the next page as shown below, please select the WAN interface that you use. If Ethernet interface is used, please choose WAN1; if 3G USB modem is used, please choose WAN2. Then click Next for next step. Vigor2120 Series User’s Guide...
Page 38 WAN1 and WAN2 will bring up different configuration page. Refer to the following for detailed information. Vigor2120 Series User’s Guide...
Page 39: For Wan1 (Ethernet)
Choose WAN1 as the WAN Interface and click the Next button. The following page will be open for you to specify Internet Access Type. Click PPPoE as the Internet Access Type. Then click Next to continue. Vigor2120 Series User’s Guide...
Page 40 Click it to return to previous setting page. Next Click it to get into the next setting page. Cancel Click it to give up the quick start wizard. A summary page will be displayed as follows. Vigor2120 Series User’s Guide...
Page 41 Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Now, you can enjoy surfing on the Internet. Vigor2120 Series User’s Guide...
Page 42 Then click Next for viewing summary of such connection. Available settings are explained as follows: Item Description User Name Assign a specific valid user name provided by the ISP. Password Assign a valid password provided by the ISP. Confirm Password Retype the password. Vigor2120 Series User’s Guide...
Page 43 Click it to give up the quick start wizard. A summary page will be displayed as follows. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Now, you can enjoy surfing on the Internet. Vigor2120 Series User’s Guide...
Page 44 Available settings are explained as follows: Item Description WAN IP Type the IP address. Subnet Mask Type the subnet mask. Type the IP address of gateway. Gateway Primary DNS Type in the primary IP address for the router. Vigor2120 Series User’s Guide...
Page 45 Click it to give up the quick start wizard. A summary page will be displayed as follows. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Now, you can enjoy surfing on the Internet. Vigor2120 Series User’s Guide...
Page 46 Type the name of the host. Host Name Note: The maximum length of the host name you can set is 39 characters. Some Cable service providers specify a specific MAC address for access authentication. In such cases you need to Vigor2120 Series User’s Guide...
Page 47 Click it to give up the quick start wizard. A summary page will be displayed as follows. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Now, you can enjoy surfing on the Internet. Vigor2120 Series User’s Guide...
Page 48: For Wan2 (Usb)
15 characters. Modem Initial String – Such value is used to initialize USB modem. Please use the default value. If you have any question, please contact to your ISP. The maximum length Vigor2120 Series User’s Guide...
Page 49 APN Name – APN means Access Point Name which is provided and required by some ISPs. Then, click Next for viewing summary of such connection. Click Finish. A page of Quick Start Wizard Setup OK!!! will appear. Now, you can enjoy surfing on the Internet. Vigor2120 Series User’s Guide...
Page 50: Service Activation Wizard
Service Activation Wizard is a tool which allows you to use trial version or update the license of WCF directly without accessing into the server (MyVigor) located on http://myvigor.draytek.com. For using Web Content Filter Profile, please refer to later section Web Content Filter Profile for detailed information.
Page 51 When you finish the selection, please click Next. Commtouch is the web content filter based on Commtouch operated in the worldwide. There is a 30-day trial period. After trial, you can purchase DrayTek's prepared Commtouch GlobalView WCF package from retailing outlets.
Page 52 Later, if you need to extend the license valid time for the same service, you can also use the Service Activation Wizard again to reach your goal by clicking the radio button of Formal edition with license key and clicking Next. Vigor2120 Series User’s Guide...
Page 53 Vigor2120 Series User’s Guide...
Page 54: Vpn Client Wizard
Route Mode/NAT Mode – If the remote network only allows you to dial in with single IP, please choose this mode, otherwise please choose Route Mode. Please choose a There are 32 VPN profiles for users to set. LAN-to-LAN Profile Vigor2120 Series User’s Guide...
Page 55 In this page, you have to select suitable VPN type for the VPN client profile. There are six types provided here. Different type will lead to different configuration page. After making the choices for the client profile, please click Next. You will see different configurations based on the selection(s) you made. Vigor2120 Series User’s Guide...
Page 56 Note: The following descriptions for VPN Type are based on the Route Mode specified in LAN-to-LAN Client Mode Selection.  When you choose PPTP (None Encryption) or PPTP (Encryption), you will see the following graphic:  When you choose IPsec, you will see the following graphic: Vigor2120 Series User’s Guide...
Page 57  When you choose L2TP, you will see the following graphic:  When you choose L2TP over IPsec (Nice to Have) or L2TP over IPsec (Must), you will see the following graphic: Vigor2120 Series User’s Guide...
Page 58 3. After finishing the configuration, please click Next. The confirmation page will be shown as follows. If there is no problem, you can click one of the radio buttons listed on the page and click Finish to execute the next action. Vigor2120 Series User’s Guide...
Page 59 Click this radio button to set another profile of VPN Server Server Wizard Setup through VPN Server Wizard. View more detailed Click this radio button to access VPN and Remote configuration Access>>LAN to LAN for viewing detailed configuration. Vigor2120 Series User’s Guide...
Page 60: Vpn Server Wizard
VPN connection. This item is available when you choose Site to Site VPN Please choose a (LAN-to-LAN) as VPN server mode. There are 32 VPN LAN-to-LAN Profile profiles for users to set. Vigor2120 Series User’s Guide...
Page 61 2. After making the choices for the server profile, please click Next. You will see different configurations based on the selection you made. Here we take the examples of choosing Site-to-Site VPN as the VPN Server Mode. Vigor2120 Series User’s Guide...
Page 62 When you check PPTP, you will see the following graphic:  When you check PPTP & IPsec & L2TP (three types) or PPTP & IPsec (two types) or L2TP with Policy (Nice to Have/Must), you will see the following graphic: Vigor2120 Series User’s Guide...
Page 63 Peer IP/VPN Client Type the WAN IP address or VPN client IP address for the remote client. Peer ID Type the ID name for the remote client. The length of the name is limited to 47 characters. Vigor2120 Series User’s Guide...
Page 64 Click this radio button to set another profile of VPN Server Server Wizard Setup through VPN Server Wizard. View more detailed Click this radio button to access VPN and Remote configuration Access>>LAN to LAN for viewing detailed configuration. Vigor2120 Series User’s Guide...
Page 65: Registering Vigor Router
Please login the web configuration interface of Vigor router by typing “admin/admin” as User Name / Password. Click Support Area>>Production Registration from the home page. A Login page will be shown on the screen. Please type the account and password that you created previously. And click Login.. Vigor2120 Series User’s Guide...
Page 66 When the following page appears, please type in Nickname (for the router) and choose the right registration date from the popup calendar (it appears when you click on the box of Registration Date). After adding the basic information for the router, please click Submit. Vigor2120 Series User’s Guide...
Page 67 If you have not activated web content filter service by using Service Activation Wizard, you can activate the service from this step. Please click the serial number link. From the Device’s Service section, click the Trial. Vigor2120 Series User’s Guide...
Page 68 In the following page, check the box of “I have read and accept the above Agreement”. The system will find out the date for you to activate this version of service. Then, click Next. When this page appears, click Register. Wait for a moment until the following page appears. Click Close. Vigor2120 Series User’s Guide...
Page 69: Tutorials And Applications
Choose one of the WAN interfaces as the one supporting IPv6 service. Then, click the IPv6 button of the selected WAN. Note: Only one WAN interface support IPv6 service at one time. In this example, WAN1 is chosen as the one supporting IPv6 service. Vigor2120 Series User’s Guide...
Page 70 PPP – Dual Stack application, IPv4 and IPv6 services can be utilized at the same time Choose PPP and type the information for PPPoE of IPv4. Access into the setting page for IPv6 service, it is not necessary for you to configure anything. Vigor2120 Series User’s Guide...
Page 71 Click OK and open Online Status. If the connection is successful, you will get the IP address for IPv4 and IPv6 at the same time. Vigor2120 Series User’s Guide...
Page 72 (In the following figure, the TSPC information is obtained from http://gogo6.com/ after applied for the service.) Click OK and open Online Status. If the connection is successful, the physical connection will be shows as follows: Vigor2120 Series User’s Guide...
Page 73 (In the following figure, the AICCU information is obtained from https://www.sixxs.net/main/ after applied for the service.) Click OK and open Online Status. If the connection is successful, the physical connection will be shows as follows: Vigor2120 Series User’s Guide...
Page 74  DHCPv6 Client Choose DHCPv6 Client. Click one of the identity associations and type the IAID number. Click OK and open Online Status. If the connection is successful, the physical connection will be shows as follows: Vigor2120 Series User’s Guide...
Page 75  Static IPv6 Choose Static IPv6. Type IPv6 address, Prefix Length and Gateway Address. Click OK and open Online Status. If the connection is successful, the physical connection will be shows as follows: Vigor2120 Series User’s Guide...
Page 76 In the field of DHCPv6 Server, when DHCPv6 service is enabled, you can assign available IPv6 address for the client manually. Note: When both mechanisms are enabled, the client can determine which mechanism to be used (e.g., the default mechanism for Windows7 is RADVD). Vigor2120 Series User’s Guide...
Page 77 IPv4 IP and IPv6 IP services. Its IPv6 address is seen with a format of 2001:200:dff:fff1:216:3eff:feb1:44d7. After getting the above message, it means the IPv6 service has been activated successfully. Vigor2120 Series User’s Guide...
Page 78 If not, only a steady turtle will be seen. If you can see a turtle dancing on the screen, that means IPv6 service is ready for you to access and utilize. Vigor2120 Series User’s Guide...
Page 79: How Can I Get The Files From Usb Storage Device Connecting To Vigor Router
Setup a user account for the FTP service by using USB Application >>USB User Management. Click Enable to enable FTP/Samba User account. Here we add a new account "user1" and assign authorities “Read”, “Write” and “List” to it. Click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 80 Use the account "user1" to login. When the following screen appears, it means the FTP service is running properly. Return to USB Application >> USB Disk Status. The information for FTP server will be shown as below. Vigor2120 Series User’s Guide...
Page 81: (Main Mode)
(in this case, type VPN Server), and check the box of Enable This Profile. For Vigor router will be set as a server, the call direction shall be set as Dial-in and set 0 as Idle Timeout. Vigor2120 Series User’s Guide...
Page 82 (e.g., 218.242.130.19 in this case). Press the IKE Pre-Shared Key button to set the PSK; and select Medium (AH) or High (ESP) as the security method. Continue to navigate to the TCP/IP Network Settings for setting the LAN IP for remote side. Click OK to save the settings. Vigor2120 Series User’s Guide...
Page 83 (in this case, type VPN Client), and check the box of Enable This Profile. For such Vigor router will be set as a client, the call direction shall be set as Dial-out. Check the box of Always on for a permanent VPN connection. Vigor2120 Series User’s Guide...
Page 84 IKE Pre-Shared Key button to set the PSK; and select Medium (AH) or High (ESP) as the security method. Continue to navigate to the TCP/IP Network Settings for setting the LAN IP for the remote side. Click OK to save the settings. Vigor2120 Series User’s Guide...
Page 85 Open VPN and Remote Access>>Connection Management to check the dial-in connection status (from head office). Vigor2120 Series User’s Guide...
Page 86: How To Optimize The Bandwidth Through Qos Technology
Internet connection line? The advanced bandwidth management technology-QoS (Quality of Service) helps you to well allocate the bandwidth upon your demand of Voice, Video, or Data transferring. Let's see how to get the optimum bandwidth per your request by using DrayTek Vigor router as below.
Page 87 In the pop-up window, choose Range Address as the Address Type and type the start IP address and end IP address in relational fields. Click OK to save the settings and exit the window. Click OK again to save the settings. Vigor2120 Series User’s Guide...
Page 88 The class rule for VoIP has been set. Click OK to return to previous page. Do the same steps to add class rules for IPTV and Data/Email with IP addresses as shown below. Vigor2120 Series User’s Guide...
Page 89 Note: The rate of outbound/inbound must be smaller than the real bandwidth to ensure correct calculation of QoS. It is suggested to set the bandwidth value for inbound/outbound as 80% - 85% of physical network speed provided by ISP to maximize the QoS performance. Vigor2120 Series User’s Guide...
Page 90 11. Click OK to save the settings. The class rules for WAN1 are defined as shown below. Vigor2120 Series User’s Guide...
Page 91: How To Create An Account For Myvigor
The website of MyVigor (a server located on http://myvigor.draytek.com) provides several useful services (such as Anti-Spam, Web Content Filter, Anti-Intrusion, and etc.) to filtering the web pages for the sake of protecting your system. To access into MyVigor for getting more information, please create an account for MyVigor.
Page 92 2. Click the Activate link. A login page for MyVigor web site will pop up automatically. 3. Click the link of Create an account now. 4. Check to confirm that you accept the Agreement and click Accept. Vigor2120 Series User’s Guide...
Page 93 5. Type your personal information in this page and then click Continue. 6. Choose proper selection for your computer and click Continue. 7. Now you have created an account successfully. Click START. Vigor2120 Series User’s Guide...
Page 94 10. When you see the following page, please type in the account and password (that you just created) in the fields of UserName and Password. 11. Now, click Login. Your account has been activated. You can access into MyVigor server to activate the service (e.g., WCF) that you want. Vigor2120 Series User’s Guide...
Page 95: Create An Account Via Myvigor Web Site
1. Access into http://myvigor.draytek.com. Find the line of Not registered yet?. Then, click the link Click here! to access into next page. 2. Check to confirm that you accept the Agreement and click Accept. Vigor2120 Series User’s Guide...
Page 96 3. Type your personal information in this page and then click Continue. 4. Choose proper selection for your computer and click Continue. 5. Now you have created an account successfully. Click START. Vigor2120 Series User’s Guide...
Page 97 UserName and Password. Then type the code in the box of Auth Code according to the value displayed on the right side of it. Now, click Login. Your account has been activated. You can access into MyVigor server to activate the service (e.g., WCF) that you want. Vigor2120 Series User’s Guide...
Page 98: How To Send A Notification To Specified Phone Number Via Sms Service In Wan Disconnection
Choose any index number (e.g., Index 1 in this case) to configure the SMS Provider setting. In the following page, type the username and password and set the quota that the router can send the message out. Vigor2120 Series User’s Guide...
Page 99 Choose any index number (e.g., Index 1 in this case) to configure conditions for sending the SMS. In the following page, type the name of the profile and check the Disconnected and Reconnected boxes for WAN to work in concert with the topic of this paper. Vigor2120 Series User’s Guide...
Page 100 Click OK to save the settings. Later, if one of the WAN connections fails in your router, the system will send out SMS to the phone number specified. If the router has only one WAN interface, the system will send out SMS to the phone number while reconnecting the WAN interface successfully. Vigor2120 Series User’s Guide...
Page 101 URL string of the SMS provider and type the username and password. After clicking OK, the new added SMS provider will be added and will be available for you to specify for sending SMS out. Vigor2120 Series User’s Guide...
Page 102: How To Configure Certain Computers Accessing To Internet
Firewall>>Filter Setup is used as the default setting, we has to create a new rule starting from Filter Rule 2 of Set 2. Access into the web user interface of Vigor router. Open Firewall>>Filter Setup. Click the Set 2 link and choose the Filter Rule 2 button. Vigor2120 Series User’s Guide...
Page 103 Next, set another rule. Just open Firewall>>Filter Setup. Click the Set 2 link and choose the Filter Rule 3 button. Check the box of Check to enable the Filter Rule. Type the comments (e.g., open_ip). Click the Edit button for Source IP. Vigor2120 Series User’s Guide...
Page 104 End IP. Then, click OK to save the settings. The computers within the range can access into the Internet. Now, check the content of Source IP is correct or not. The action for Filter shall be set with Pass Immediately. Then, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 105 Both filter rules have been created. Click OK. Now, all the settings are configured well. Only the computers with the IP addresses within 192.168.1.10 ~ 192.168.1.20 can access to Internet. Vigor2120 Series User’s Guide...
Page 106: How To Block Facebook Service Accessed By The Users Via Web Content Filter / Url Content Filter
*How to Register AI/AV/AS/WCF Service (Service Activation Wizard) (http://www.draytek.com/user/SupportFAQDetail.php?ID=1955) *How to Activate Anti-Virus/Anti-Intrusion/Anti-Spam Service (http://www.draytek.com/user/SupportFAQDetail.php?ID=286 ) How to use the Web Content Filter (WCF) (http://www.draytek.com/user/SupportFAQDetail.php?ID=1953) * What the Web Content Filter (WCF) license benefits are, (http://www.draytek.com/user/PdInfoDetail.php?Id=110) Vigor2120 Series User’s Guide...
Page 107 Open CSM >> Web Content Filter Profile to create a WCF profile. Check Social Networking with Action, Block. Enable this profile in Firewall>>General Setup>>Default Rule. Vigor2120 Series User’s Guide...
Page 108 In the field of Contents, please type facebook. Configure the settings as the following figure. Open CSM>>URL Content Filter Profile. Click an index number to open the setting page. Configure the settings as the following figure. Vigor2120 Series User’s Guide...
Page 109 B. Disallow users to play games on Facebook Open Object Settings>>Keyword Object. Click an index number to open the setting page. In the field of Contents, please type apps.facebook. Configure the settings as the following figure. Vigor2120 Series User’s Guide...
Page 110 Open CSM>>URL Content Filter Profile. Click an index number to open the setting page. Configure the settings as the following figure. When you finished the above steps, please open Firewall>>General Setup. Vigor2120 Series User’s Guide...
Page 111 Click the Default Rule tab. Choose the profile just configured from the drop down list in the field of URL Content Filter. Now, users cannot open any web page with the word “facebook” inside. Vigor2120 Series User’s Guide...
Page 112 This page is left blank. Vigor2120 Series User’s Guide...
Page 113: Advanced Configuration
Hence, the NIC has reserved certain addresses that will never be registered publicly. These are known as private IP addresses, and are listed in the following ranges: Vigor2120 Series User’s Guide...
Page 114 After connecting into the router, 3G USB Modem will be regarded as the third WAN port. However, the original WAN1 and WAN2 still can be used and Load-Balance can be done in the router. Besides, 3G USB Modem in WAN3 also can be used as backup device. Therefore, Vigor2120 Series User’s Guide...
Page 115: General Setup
WAN1 and WAN2 are not available, the router will use 3.5G for supporting automatically. The supported 3G USB Modem will be listed on DrayTek web site. Please visit www.draytek.com for more detailed information. Below shows the menu items for WAN.
Page 116 Priority – Type the packet priority number for such VLAN. The range is from 0 to 7. Active Mode Display that WAN2 will be activated as Backup interface. After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 117: Internet Access
This button will open different web page (based on Physical Mode) to setup IPv6 Internet Access Mode for WAN interface. If IPv6 service is active on this WAN interface, the color of “IPv6” will become green. Vigor2120 Series User’s Guide...
Page 118 WAN Connection Such function allows you to verify whether network Detection connection is alive or not through ARP Detect or Ping Detect. Mode – Choose ARP Detect or Ping Detect for the system Vigor2120 Series User’s Guide...
Page 119 WAN IP Alias. You can set up to 8 public IP addresses other than the current one you are using. Type the additional WAN IP address and check the Enable box. Then click OK to exit the dialog. Vigor2120 Series User’s Guide...
Page 120 If you have a public subnet, you could assign an IP address or many IP address to the WAN interface. To use Static or Dynamic IP as the accessing protocol of the internet, please click the Static or Dynamic IP tab. The following web page will be shown. Vigor2120 Series User’s Guide...
Page 121 Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. TTL (Time to Live) – Displays value for your reference. TTL value is set by telnet command. Vigor2120 Series User’s Guide...
Page 122 62 characters. Specify an IP address – Click this radio button to specify some data if you want to use Static IP mode.  IP Address: Type the IP address. Vigor2120 Series User’s Guide...
Page 123 DSL modem on the WAN interface. Disable – Click this radio button to close the connection through PPTP or L2TP. Server Address - Specify the IP address of the PPTP/L2TP server if you enable PPTP/L2TP client mode. Vigor2120 Series User’s Guide...
Page 124 Specify an IP address – Click this radio button to specify some data.  IP Address – Type the IP address.  Subnet Mask – Type the subnet mask. After finishing all the settings here, please click OK to activate them. Vigor2120 Series User’s Guide...
Page 125 Modem Initial String Such value is used to initialize USB modem. Please use the default value. If you have any question, please contact to your ISP. The maximum length of the string you can set is 47 characters. Vigor2120 Series User’s Guide...
Page 126 IP address in this field for pinging. TTL (Time to Live) – Displays value for your reference. TTL value is set by telnet command. After finishing all the settings here, please click OK to activate them. Vigor2120 Series User’s Guide...
Page 127 Mode – Choose ARP Detect or Ping Detect for the system to execute for WAN detection. Ping IP – If you choose Ping Detect as detection mode, you have to type IP address in this field for pinging. Vigor2120 Series User’s Guide...
Page 128 IPv6 prefix address (such as: 2001:B010:7300:200::/64) offered by the ISP. In addition, PCs under LAN also can have the public IPv6 address for Internet access by means of the generated prefix. No need to type any other information for PPP mode. Vigor2120 Series User’s Guide...
Page 129 Below shows an example for successful IPv6 connection based on PPP mode. Note: At present, the IPv6 prefix can be acquired via the PPPoE mode connection which is available for the areas such as Taiwan (hinet), the Netherlands, Australia and UK. Vigor2120 Series User’s Guide...
Page 130 Confirm Password Type the password again to make the confirmation. Tunnel Broker Type the address for the tunnel broker IP, FQDN or an optional port number. After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 131 Type the subnet prefix address getting from service Subnet Prefix provider. The maximum length of the prefix you can set is 128 characters. After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 132 Available settings are explained as follows: Item Description Identify Association Choose Prefix Delegation or Non-temporary Address as the identify association. IAID Type a number as IAID. After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 133 Add – Click it to add a new entry. Delete – Click it to remove an existed entry. Current IPv6 Address Display current interface IPv6 address. Table After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 134 Type the static IPv6 address for LAN routing with the value for prefix length. Type the number for the data lifetime in tunnel. Tunnel TTL After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 135 Below shows an example for successful IPv6 connection based on 6in4 Static Tunnel mode. Vigor2120 Series User’s Guide...
Page 136 It may be any value between 0 and 32. 6rd Prefix Type the 6rd IPv6 address. 6rd Prefix Length Type the IPv6 prefix length for the 6rd IPv6 prefix in number of bits. After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 137 Below shows an example for successful IPv6 connection based on 6rd mode. Vigor2120 Series User’s Guide...
Page 138: Multi-Vlan
Enable - Check this box to enable the port-based bridge function on this channel. P1 ~ P4 – Check the box(es) to build bridge connection on LAN. Click any index (6~ 8) to get the following web page: Vigor2120 Series User’s Guide...
Page 139 Moreover, WAN link for Channel 3~5 are provided for router-borne application such as TR-069. The settings must be applied and obtained from your ISP. For your special request, please contact with your ISP and then click WAN link of Channel 3~5 to configure your router. Vigor2120 Series User’s Guide...
Page 140 The user will be able to select the physical WAN interface the channel shall use here. General Settings VLAN Tag – Type the value as the VLAN ID number. Valid settings are in the range from 1 to 4095. The network Vigor2120 Series User’s Guide...
Page 141 For other settings, refer to Details Page for PPPoE / Static Address From ISP, WAN or Dynamic IP in WAN1. IP Network Settings, DNS Server IP Address After finished the above settings, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 142: Lan
IP address. As a part of the public subnet, the Vigor router will serve for IP routing to help hosts in the public subnet to communicate with other public hosts or servers outside. Therefore, the router should be set as the gateway for public hosts. Vigor2120 Series User’s Guide...
Page 143 You can group local hosts by physical ports and create up to 8 virtual LANs. To manage the communication between different groups, please set up rules in Virtual LAN (VLAN) function and the rate of each. Vigor2120 Series User’s Guide...
Page 144: General Setup
Details Page - Click it to access into the setting page. Each LAN will have different LAN configuration page. Each LAN must be configured in different subnet. IPv6 – Click it to access into the settings page of IPv6. Vigor2120 Series User’s Guide...
Page 145 Data – Type the content of the data to be processed by the function of DHCP option. Inter-LAN Routing Check the box to link two or more different subnets (LAN and LAN). Vigor2120 Series User’s Guide...
Page 146 Vigor Router’s, you can let Relay Agent help you to redirect the DHCP request to the specified location. Enable Server - Let the router assign IP address to every host in the LAN. Disable Server – Let you manually assign IP address to Vigor2120 Series User’s Guide...
Page 147 DNS Server. If your ISP does not provide it, the router will automatically apply default secondary DNS Server IP address: 194.98.0.1 to this field. The default DNS Server IP address can be found via Online Status: Vigor2120 Series User’s Guide...
Page 148 IPv4) and IPv6 Setup. Click the tab for each type and refer to the following explanations for detailed information. Below shows the settings page for IPv6. It provides 2 daemons for LAN side IPv6 address configuration. One is RADVD(stateless) and the other is DHCPv6 Server (Stateful). Vigor2120 Series User’s Guide...
Page 149 Add – Click it to add a new entry. Delete – Click it to remove an existed entry. Current IPv6 Address Display current used IPv6 addresses. Table When you finish the configuration, please click OK to save and exit this page. Vigor2120 Series User’s Guide...
Page 150: Static Route
The number (1 to 10) under Index allows you to open next page to set up static route. Destination Address Displays the destination address of the static route. Status Displays the status of the static route. Vigor2120 Series User’s Guide...
Page 151 Type the subnet mask for such static route. Network Interface Use the drop down list to specify an interface for such static route. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 152 Displays the destination address of the static route. Status Displays the status of the static route. Click any underline of index number to get the following page. Available settings are explained as follows: Item Description Enable Check it to enable this profile. Vigor2120 Series User’s Guide...
Page 153 Main Router 192.168.1.1 as the default gateway for the Router A 192.168.1.2. Before setting Static Route, user A cannot talk to user B for Router A can only forward recognized packets to its default gateway Main Router. Vigor2120 Series User’s Guide...
Page 154 192.168.10.0 will be forwarded to 192.168.1.2. Click OK. Return to Static Route Setup page. Click on another Index Number to add another static route as show below, which regulates all packets destined to 211.100.88.0 will be forwarded to 192.168.1.3. Click OK. Vigor2120 Series User’s Guide...
Page 155: Vlan
The multi-subnet can let a small businesses have much better isolation for multi-occupancy applications. Go to LAN page and select VLAN. The following page will appear. Click Enable to invoke VLAN function. Vigor2120 Series User’s Guide...
Page 156 Choose one of them to make the selected VLAN mapping Subnet to the specified subnet only. For example, LAN1 is specified for VLAN0. It means that PCs grouped under VLAN0 can get the IP address(es) that specified by the subnet. Vigor2120 Series User’s Guide...
Page 157 After checking the box to enable VLAN function, you will check the table according to the needs as shown below. Click OK to save the settings. To remove VLAN, uncheck the needed box and click OK to save the results. Vigor2120 Series User’s Guide...
Page 158: Bind Ip To Mac
Each pair of IP and MAC address listed in ARP table can be selected and added to IP Bind List by clicking Add below Select All Click this link to select all the items in the ARP table. Sort Reorder the table based on the IP address. Vigor2120 Series User’s Guide...
Page 159 Note: Before you select Strict Bind, you have to bind one set of IP/MAC address for one PC. If not, no one of the PCs can access into Internet. And the web user interface of the router might not be accessed. When you finish the configuration, click OK to save the settings. Vigor2120 Series User’s Guide...
Page 160: Lan Port Mirror
Mirror Port Select a port to view traffic sent from mirrored ports. Mirrored port Select which ports are necessary to be mirrored. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 161: Web Portal Setup
Display the content (Disable, URL Redirect or Message) of the profile. Interface Display the applied interfaces of the profile. Preview Open a preview window according to the configured settings. To configure the profile, click any index number link to open the following page. Vigor2120 Series User’s Guide...
Page 162: Nat
192.168.1.0/24 subnet for the router. As stated before, the NAT facility can map one or more IP addresses and/or service ports into different specified services. In other words, the NAT function can be achieved by using port mapping methods. Below shows the menu items for NAT. Vigor2120 Series User’s Guide...
Page 163: Port Redirection
The port redirection can only apply to incoming traffic. To use this function, please go to NAT page and choose Port Redirection web page. The Port Redirection Table provides 20 port-mapping entries for the internal hosts. Vigor2120 Series User’s Guide...
Page 164 Display the IP address of the internal host providing the service. Status Display if the profile is enabled (v) or not (x). Press any number under Index to access into next page for configuring port redirection. Available settings are explained as follows: Vigor2120 Series User’s Guide...
Page 165 80 to avoid conflict, such as 8080. This can be set in the System Maintenance >>Management Setup. You then will access the admin screen of by suffixing the IP address with 8080, e.g., http://192.168.1.1:8080 instead of port 80. Vigor2120 Series User’s Guide...
Page 166 Vigor2120 Series User’s Guide...
Page 167: Dmz Host
Click DMZ Host to open the following page. You can set different DMZ host for each WAN interface. Click the WAN tab to switch into the configuration page for that WAN. Vigor2120 Series User’s Guide...
Page 168 IP address in the list to be the DMZ host. When you have selected one private IP from the above dialog, the IP address will be shown on the following screen. Click OK to save the setting. Vigor2120 Series User’s Guide...
Page 169 When you have selected one private IP from the above dialog, the IP address will be shown on the following screen. Click OK to save the setting. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 170: Open Ports
Inactive or Active state. To add or edit port settings, click one index number on the page. The index entry setup page will pop up. In each index entry, you can specify 10 port ranges for diverse services. Vigor2120 Series User’s Guide...
Page 171 Specify the transport layer protocol. It could be TCP, UDP, or ----- (none) for selection. Start Port Specify the starting port number of the service offered by the local host. End Port Specify the ending port number of the service offered by the local host. Vigor2120 Series User’s Guide...
Page 172: Address Mapping
In the above example, you can configure NAT Host1 to always map to 202.211.100.10 (WAN1); Host2 to always map to 202.211.100.11 (WAN1 alias); Host3 always map to 203.98.200.10 (WAN2) and Group 1 to always map to 202.211.100.10 (WAN1). Vigor2120 Series User’s Guide...
Page 173 Display the subnet mask selected for this address mapping. Status Display the status for the entry, enable or disable. Click the index number link to open the configuration page. Available settings are explained as follows: Item Description Enable Check to enable this entry. Vigor2120 Series User’s Guide...
Page 174: Port Triggering
The duration that these ports are opened depends on the type of protocol used. The "default" durations are shown below and these duration values can be modified via telnet commands. TCP: 86400 sec. UDP: 180 sec. IGMP: 10 sec. TCP WWW: 60 sec. TCP SYN: 60 sec. Vigor2120 Series User’s Guide...
Page 175 Display the protocol for the incoming data of such triggering profile. Incoming Port Display the port for the incoming data of such triggering profile. Status Display if the rule is active or de-active. Click the index number link to open the configuration page. Vigor2120 Series User’s Guide...
Page 176 (TCP, UDP or TCP/UDP) for the incoming data of such triggering profile. Type the port or port range for the incoming packets. Incoming Port After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 177: Firewall
It will check packets according to the filter rules. If legal, the packet will pass the router. The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic respectively. Vigor2120 Series User’s Guide...
Page 178 4. Port Scan attack 12. Tear drop attack 5. IP options 13. Ping of Death attack 6. Land attack 14. ICMP fragment 7. Smurf attack 15. Unassigned numbers 8. Trace route Below shows the menu items for Firewall. Vigor2120 Series User’s Guide...
Page 179: General Setup
Check Enable to activate the Call Filter function. Assign a start filter set for the Call Filter. Data Filter Check Enable to activate the Data Filter function. Assign a start filter set for the Data Filter. Vigor2120 Series User’s Guide...
Page 180 IPv4 being blocked by such router. It is effective only for the packets routed but not for packets translated by NAT. Such page allows you to choose filtering profiles including QoS, Policy Route, WCF, APP Enforcement, and URL Content Filter for data transmission via Vigor router. Vigor2120 Series User’s Guide...
Page 181 Web Content Filter by checking the Log box. It will be sent to Syslog server. Please refer to section Syslog/Mail Alert for more detailed information. Advance Setting Click Edit to open the following window. However, it is Vigor2120 Series User’s Guide...
Page 182 However, if the network is not stable, small value will be proper. Session timeout – Setting timeout for sessions can make the best utilization of network resources. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 183: Filter Setup
Set the link to the next filter set to be executed after the current filter run. Do not make a loop with many filter sets. To edit Filter Rule, click the Filter Rule index button to enter the Filter Rule setup page. Vigor2120 Series User’s Guide...
Page 184 Set the direction of packet flow. It is for Data Filter only. For the Call Filter, this setting is not available since Call Filter is only applied to outgoing traffic. Note: RT means routing domain for 2nd subnet or other Vigor2120 Series User’s Guide...
Page 185 Service Type Click Edit to access into the following dialog to choose a suitable service type. To set the service type manually, please choose User defined as the Service Type and type them in this dialog. In Vigor2120 Series User’s Guide...
Page 186 Sessions Control The number typed here is the total sessions of the packets that do not match the filter rule configured in this page. The Vigor2120 Series User’s Guide...
Page 187 CSM>> Web Content Filter web page first. Or choose [Create New] from the drop down list in this page to create a new profile. For troubleshooting needs, you can specify to record information for Web Content Filter by checking the Vigor2120 Series User’s Guide...
Page 188 Session timeout – Setting timeout for sessions can make the best utilization of network resources. However, Queue timeout is configured for TCP protocol only; session timeout is configured for the data flow which matched with the firewall rule. Vigor2120 Series User’s Guide...
Page 189 DrayTek Banner – Please uncheck this box and the following screen will not be shown for the unreachable web page. The default setting is Enabled. Strict Security Checking - For the sake of security, you might want the router executing strict security checking for data transmission.
Page 190 Each filter set is composed by 7 filter rules, which can be further defined. After that, in General Setup you may specify one set for call filter and one set for data filter to execute first. Vigor2120 Series User’s Guide...
Page 191: Dos Defense
10 seconds. Enable UDP flood defense Check the box to activate the UDP flood defense function. Once detecting the Threshold of the UDP packets from the Internet has exceeded the defined value, the Vigor router Vigor2120 Series User’s Guide...
Page 192 Check the box to activate the Block SYN fragment function. The Vigor router will drop any packets having SYN flag and more fragment bit set. Block Fraggle Attack Check the box to activate the Block fraggle Attack function. Vigor2120 Series User’s Guide...
Page 193 All the warning messages related to DoS Defense will be sent to user and user can review it through Syslog daemon. Look for the keyword DoS in the message, followed by a name to indicate what kind of attacks is detected. Vigor2120 Series User’s Guide...
Page 194 After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 195: Objects Settings
Display the profile number that you can configure. Name Display the name of the object profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. Vigor2120 Series User’s Guide...
Page 196 IP address. Select Any Address if this object contains any IP address. Select Mac Address if this object contains Mac address. Type the MAC address of the network card which will be MAC Address controlled. Vigor2120 Series User’s Guide...
Page 197 If it is checked, all the IP addresses except the ones listed above will be applied later while it is chosen. After finishing all the settings here, please click OK to save the configuration. Below is an example of IP objects settings. Vigor2120 Series User’s Guide...
Page 198: Ip Group
Display the name of the group profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Vigor2120 Series User’s Guide...
Page 199: Ipv6 Object
You can set up to 64 sets of IPv6 Objects with different conditions. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the object profile. Vigor2120 Series User’s Guide...
Page 200 Prefix Len Type the number (e.g., 64) for the prefix length of IPv6 address. Invert Selection If it is checked, all the IPv6 addresses except the ones listed above will be applied later while it is chosen. Vigor2120 Series User’s Guide...
Page 201: Ipv6 Group
Display the name of the group profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Vigor2120 Series User’s Guide...
Page 202: Service Type Object
Display the profile number that you can configure. Name Display the name of the object profile. To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. Vigor2120 Series User’s Guide...
Page 203 (>) – the port number greater than this value is available. (<) – the port number less than this value is available for this profile. After finishing all the settings, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 204: Service Type Group
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Group column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: Vigor2120 Series User’s Guide...
Page 205: Keyword Object
Web Content Filter Profile. Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the object profile. Vigor2120 Series User’s Guide...
Page 206 Contents. When you browse the webpage, the page with gambling information will be watched out and be passed/blocked based on the configuration on Firewall settings. After finishing all the settings, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 207: Keyword Group
To set a new profile, please do the steps listed below: 1. Click the number (e.g., #1) under Index column for configuration in details. 2. The configuration page will be shown as follows: Available settings are explained as follows: Vigor2120 Series User’s Guide...
Page 208: File Extension Object
Available settings are explained as follows: Item Description Set to Factory Default Clear all profiles. Index Display the profile number that you can configure. Name Display the name of the object profile. Vigor2120 Series User’s Guide...
Page 209 Type a name for this profile. The maximum length of the name you can set is 7 characters. Type a name for such profile and check all the items of file extension that will be processed in the router. Finally, click OK to save this profile. Vigor2120 Series User’s Guide...
Page 210 Display the service provider which offers SMS service. To set a new profile, please do the steps listed below: 1. Click the SMS Provider tab, and click the number (e.g., #1) under Index column for configuration in details. Vigor2120 Series User’s Guide...
Page 211 Note that one credit equals to one SMS text message on the standard route. Sending Interval To avoid quota being exhausted soon, type time interval for sending the SMS. 3. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 212 Display the name of this profile. It cannot be modified. Service Provider Type the website of the service provider. Type the URL string in the box under the filed of Service Provider. You have to contact your SMS provider to obtain the exact URL string. Vigor2120 Series User’s Guide...
Page 213: Sms/Mail Service Object
Each item is explained as follows: Item Description Set to Factory Default Clear all of the settings and return to factory default settings. Index Display the profile number that you can configure. Profile Display the name for such mail server profile. Vigor2120 Series User’s Guide...
Page 214 63 characters. SMTP Port Type the port number for SMTP server. Sender Address Type the e-mail address of the sender. Use SSL Check this box to enable such function. Vigor2120 Series User’s Guide...
Page 215: Notification Object
Display the profile number that you can configure. Display the name for such mail server profile. Profile Settings Display the category selected for such profile. To set a new profile, please do the steps listed below: Vigor2120 Series User’s Guide...
Page 216 Display the types that will be monitored. Status Display the status for the category. You can check the box you want to be monitored. 3. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 217: Csm Profile
Please note that this action will not introduce any delay in your Web surfing because each of multiple load balanced database servers can handle millions of requests for categorization. Note: The priority of URL Content Filter is higher than Web Content Filter. Vigor2120 Series User’s Guide...
Page 218: App Enforcement Profile
Click the number under Index column for settings in detail. There are four tabs IM, P2P, Protocol and OTHERS displayed on this page. Each tab will bring out different items that you can choose to disallow people using. Vigor2120 Series User’s Guide...
Page 219 Uncheck all the selected boxes. Clear All Enable Check it to block the packets of the APP. The profiles configured here can be applied in the Firewall>>General Setup and Firewall>>Filter Setup pages as the standard for the host(s) to follow. Vigor2120 Series User’s Guide...
Page 220: Url Content Filter Profile
Each item is explained as follows: Item Description Clear all profiles. Set to Factory Default Profile Display the number of the profile which allows you to click to set different policy. Name Display the name of the URL Content Filter Profile. Vigor2120 Series User’s Guide...
Page 221 For this one, the router will process the packages with the conditions set below for URL first, then Web feature second. Either: Web Feature First –When all the packages Vigor2120 Series User’s Guide...
Page 222 If the web pages do not match with the keyword set here, it will be processed with reverse action. Group/Object Selections – The Vigor router provides several frames for users to define keywords and each frame Vigor2120 Series User’s Guide...
Page 223 Upload – Check the box to block the file upload by way of web page. File Extension Profile – Choose one of the profiles that you configured in Object Setting>> File Extension Vigor2120 Series User’s Guide...
Page 224: Web Content Filter Profile
Note: If you have used Service Activation Wizard to activate WCF service, you can skip this section. WCF adopts the mechanism developed and offered by certain service provider (e.g., DrayTek). No matter activating WCF feature or getting a new license for web content filter, you have to click Activate to satisfy your request.
Page 225 Setup Test Server It is recommended for you to use the default setting, auto-selected. Click it to open http://myvigor.draytek.com for searching Find more another qualified and suitable server. Test a site to verify Click this link to do the verification.
Page 226 If you have and activate another web content filter license, the items will be changed simultaneously. All of the configuration made for web content filter will be deleted automatically. Therefore, please backup your data before you change the web content filter license. Vigor2120 Series User’s Guide...
Page 227 Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. After finishing all the settings, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 228: Dns Filter
Pass – Only the log about Pass will be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. Vigor2120 Series User’s Guide...
Page 229: Appe Support List
After finishing all the settings, please click OK to save the configuration. Such page lists all the information (name, version and note) about IM, P2P, Protocol and others applications that Vigor router supports for APPE function. Vigor2120 Series User’s Guide...
Page 230: Bandwidth Management
To activate the function of limit session, simply click Enable and set the default session limit. Available settings are explained as follows: Item Description Session Limit Enable - Click this button to activate the function of limit session. Disable - Click this button to close the function of limit Vigor2120 Series User’s Guide...
Page 231 All the schedules can be set previously in Application >> Schedule web page and you can use the number that you have set in that web page. After finishing all the settings, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 232: Bandwidth Limit
Disable - Click this button to close the function of limit bandwidth. Default TX limit - Define the default speed of the upstream for each computer in LAN. Default RX limit - Define the default speed of the Vigor2120 Series User’s Guide...
Page 233 All the schedules can be set previously in Application >> Schedule web page and you can use the number that you have set in that web page. After finishing all the settings, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 234: Quality Of Service
The core routers in the backbone will do the same checking before executing treatments in order to ensure service-level consistency throughout the whole QoS-enabled network. Vigor2120 Series User’s Guide...
Page 235 This page displays the QoS settings result of the WAN interface. Click the Setup link to access into next page for the general setup of WAN interface. As to class rule, simply click the Edit link to access into next for configuration. Vigor2120 Series User’s Guide...
Page 236 There are four queues allowed for QoS control. The first three (Class 1 to Class 3) class rules can be adjusted for your necessity. Yet, the last one is reserved for the packets which are not suitable for the user-defined class rules. Vigor2120 Series User’s Guide...
Page 237 Note: The rate of outbound/inbound must be smaller than the real bandwidth to ensure correct calculation of QoS. It is suggested to set the bandwidth value for inbound/outbound as 80% - 85% of physical network speed provided by ISP to maximize the QoS performance. Vigor2120 Series User’s Guide...
Page 238 After you click the Edit link, you will see the following page. Now you can define the name for that Class. In this case, “Test” is used as the name of Class Index #1. For adding a new rule, click Add to open the following page. Vigor2120 Series User’s Guide...
Page 239 Service Type drop down list. Those types are predefined in factory. Simply choose the one that you want for using by current QoS. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 240 Edit to open the rule edit page for modification. To add a new service type, edit or delete an existed service type, please click the Edit link under Service Type field. After you click the Edit link, you will see the following page. Vigor2120 Series User’s Guide...
Page 241 For example, in the following illustration, the VoIP packets in LAN go into Vigor router without any header. However, when they go forward to the Server on ISP through Vigor router, all of the packets are tagged with AF (configured in Bandwidth >>QoS>>Class) automatically. Vigor2120 Series User’s Guide...
Page 242: App Qos
By combining the function of QoS, Vigor router can perform the bandwidth management for the application of VoIP, Streaming, IM, P2P and so on. Open Bandwidth Management>>APP QoS to display the following page. The following shows web page under Traceable. Vigor2120 Series User’s Guide...
Page 243 The following shows web page under Untraceable. Vigor2120 Series User’s Guide...
Page 244: Applications
Enable the Function and Add a Dynamic DNS Account Assume you have a registered domain name from the DDNS provider, say hostname.dyndns.org, and an account with username: test and password: test. In the DDNS setup menu, check Enable Dynamic DNS Setup. Vigor2120 Series User’s Guide...
Page 245 Account, and choose correct Service Provider: dyndns.org, type the registered hostname: hostname and domain name suffix: dyndns.org in the Domain Name block. The following two blocks should be typed your account Login Name: test and Password: test. Vigor2120 Series User’s Guide...
Page 246 WAN IP - If it is selected and the WAN IP of Vigor router is private, DDNS update will take place right away. Internet IP – If it is selected and the WAN IP of Vigor Vigor2120 Series User’s Guide...
Page 247: Lan Dns
Display the domain name of the LAN DNS profile. You can set up to 20 LAN DNS profiles. To create a LAN DNS profile: Click any index, say Index No. 1. The detailed settings with index 1 are shown below. Vigor2120 Series User’s Guide...
Page 248 & respond the IP address for the DNS query coming from different LAN PC. Delete – Click it to remove an existed IP address on the list. Click OK button to save the settings. Vigor2120 Series User’s Guide...
Page 249: Schedule
This method can only be applied when the WAN connection has been built up. Each item is explained as follows: Item Description Set to Factory Default Clear all profiles and recover to factory settings. Index Click the number below Index to access into the setting page of schedule. Vigor2120 Series User’s Guide...
Page 250 Idle Timeout field. Disable Dial-On-Demand -Specify the connection to be up when it has traffic on the line. Once there is no traffic over idle timeout, the connection will be down and never up again during the schedule. Vigor2120 Series User’s Guide...
Page 251: Radius
The built-in RADIUS client feature enables the router to assist the remote dial-in user or a wireless station and the RADIUS server in performing mutual authentication. It enables centralized remote access authentication for network management. Available settings are explained as follows: Vigor2120 Series User’s Guide...
Page 252: Upnp
The NAT Traversal of UPnP enables the multimedia features of your applications to operate. This has to manually set up port mappings or use other similar methods. The screenshots below show examples of this facility. Vigor2120 Series User’s Guide...
Page 253 Some Microsoft operating systems have found out the UPnP weaknesses and hence you need to ensure that you have applied the latest service packs and patches.  Non-privileged users can control some router functions, including removing and adding port mappings. Vigor2120 Series User’s Guide...
Page 254: Igmp
Group ID available range for IGMP starts from 224.0.0.0 to 239.255.255.254. It indicates the LAN port used for the multicast group. P1 to P4 After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 255: Wake On Lan
MAC Address Type any one of the MAC address of the bound PCs. Wake Up Click this button to wake up the selected IP. See the following figure. The result will be shown on the box. Vigor2120 Series User’s Guide...
Page 256: Sms / Mail Alert Service
Available settings are explained as follows: Item Description Index Check the box to enable such profile. SMS Provider Use the drop down list to choose SMS service provider. You can click SMS Provider link to define the SMS server. Vigor2120 Series User’s Guide...
Page 257 Use the drop down list to choose a message profile. The recipient will get the content stated in the message profile. You can click the Notify Profile link to define the content of the mail message. Vigor2120 Series User’s Guide...
Page 258: Bonjour
Bonjour client program and DNSSD for Firefox have been installed on the computer. 2. Open the web browse, Firefox. If Bonjour and DNSSD have been installed, you can open the web page (DNSSD) and see the following results. Vigor2120 Series User’s Guide...
Page 259 3. Open System Maintenance>>Management. Type a name (e.g., Dray_2925) as the Router Name and click OK. 4. Next, open Applications>>Bonjour. Check the service that you want to use via Bonjour. Vigor2120 Series User’s Guide...
Page 260 Vigor router (based on Bonjour protocol) is ready to be used as a printer server, FTP server, SSH Server, Telnet Server, and HTTP Server. 6. Now, any page or document can be printed out through Vigor router (installed with a printer). Vigor2120 Series User’s Guide...
Page 261: Vpn And Remote Access
LAN, you should disable the VPN service of Vigor Router to allow VPN tunnel pass through, as well as the appropriate NAT settings, such as DMZ or open port. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 262: Ppp General Setup
40-bit encryption scheme will be applied to encrypt the data. Maximum MPPE - This option indicates that the router will use the MPPE encryption scheme with maximum bits (128-bit) to encrypt the data. Vigor2120 Series User’s Guide...
Page 263 IP address from the local private network. For example, if the local private network is 192.168.1.0/255.255.255.0, you could choose 192.168.1.200 as the Start IP Address. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 264: Ipsec General Setup
This usually applies to those are remote dial-in user or node Method (LAN-to-LAN) which uses dynamic IP address and IPsec-related VPN connections such as L2TP over IPsec and IPsec tunnel. There are two methods offered by Vigor router for you to authenticate the incoming data coming Vigor2120 Series User’s Guide...
Page 265 High (ESP) - Encapsulating Security Payload (ESP) means payload (data) will be encrypted and authenticated. You may select encryption algorithm from Data Encryption Standard (DES), Triple DES (3DES), and AES. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 266: Ipsec Peer Identity
Click each index to edit one peer digital certificate. There are three security levels of digital signature authentication: Fill each necessary field to authenticate the remote peer. The following explanation will guide you to fill all the necessary fields. Vigor2120 Series User’s Guide...
Page 267 The field includes Country (C), State (ST), Location (L), Organization (O), Organization Unit (OU), Common Name (CN), and Email (E). After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 268: Remote Dial-In User
Click each index to edit one remote user profile. Each Dial-In Type requires you to fill the different corresponding fields on the right. If the fields gray out, it means you may leave it untouched. The following explanation will guide you to fill all the necessary fields. Vigor2120 Series User’s Guide...
Page 269 L2TP alone or with IPsec. Select from below:  None - Do not apply the IPsec policy. Accordingly, the VPN connection employed the L2TP without IPsec policy can be viewed as one pure L2TP connection. Vigor2120 Series User’s Guide...
Page 270 This group of fields is applicable for IPsec Tunnels and Method L2TP with IPsec Policy when you specify the IP address of the remote node. The only exception is Digital Signature (X.509) can be set when you select IPsec tunnel either with Vigor2120 Series User’s Guide...
Page 271: Lan To Lan
L2TP by itself or over IPsec) and corresponding security methods, etc. The router supports up to 32 VPN tunnels simultaneously. The following figure shows the summary table. The following figure shows the summary table according to the item (All/Trunk) selected for View. Vigor2120 Series User’s Guide...
Page 272 LAN-to-LAN profile includes 4 subgroups. If the fields gray out, it means you may leave it untouched. The following explanations will guide you to fill all the necessary fields. For the web page is too long, we divide the page into several sections for explanation. Vigor2120 Series User’s Guide...
Page 273 Netbios Naming Packet inside the tunnel. Multicast via VPN - Some programs might send multicast packets via VPN connection.  Pass – Click this button to let multicast packets pass Vigor2120 Series User’s Guide...
Page 274 L2TP connection.  Nice to Have: Apply the IPsec policy first, if it is applicable during negotiation. Otherwise, the dial-out VPN connection becomes one pure L2TP connection.  Must: Specify the IPsec policy to be definitely Vigor2120 Series User’s Guide...
Page 275 DES without Authentication -Use DES encryption algorithm and not apply any authentication scheme.  DES with Authentication-Use DES encryption algorithm and apply MD5 or SHA-1 authentication algorithm.  3DES without Authentication-Use triple DES encryption algorithm and not apply any authentication scheme. Vigor2120 Series User’s Guide...
Page 276 2. The default value is inactive this function. Local ID-In Aggressive mode, Local ID is on behalf of the IP address while identity authenticating with remote VPN server. The length of the ID is limited to 47 characters. Vigor2120 Series User’s Guide...
Page 277 L2TP VPN connection through the Internet. You can select to use L2TP alone or with IPsec. Select from below:  None - Do not apply the IPsec policy. Accordingly, the VPN connection employed the Vigor2120 Series User’s Guide...
Page 278 Subject Name First – The subject name (configured in Certificate Management>>Local Certificate) will be inspected first. IPsec Security Method - This group of fields is a must for IPsec Tunnels and L2TP with IPsec Policy when you Vigor2120 Series User’s Guide...
Page 279 More - Add a static route to direct all traffic destined to more Remote Network IP Addresses/ Remote Network Mask through the VPN connection. This is usually used when you find there are several subnets behind the remote VPN router. Vigor2120 Series User’s Guide...
Page 280 IP, please choose NAT, otherwise choose Route. Change default route to this VPN tunnel - Check this box to change the default route with this VPN tunnel. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 281: Connection Management
Here you can manage generate and manage the local digital certificates, and set trusted CA certificates. Remember to adjust the time of Vigor router before using the certificate so that you can get the correct valid period of certificate. Below shows the menu items for Certificate Management. Vigor2120 Series User’s Guide...
Page 282: Local Certificate
Click this button to open Generate Certificate Signing Request window. Type in all the information that the window request such as certifcate name (used for identifying different certificate), subject alternative name type and relational settings for subject name. Then click GENERATE again. Vigor2120 Series User’s Guide...
Page 283 The supported types are PKCS12 Certificate and Certificate with a private key. Click this button to import a saved file as the certification information. There are three types of local certificate supported by Vigor router. Vigor2120 Series User’s Guide...
Page 284 Private Key keys. And the password is needed if the private key is encrypted. REFRESH Click this button to refresh the information listed below. View Click this button to view the detailed settings for certificate request. Vigor2120 Series User’s Guide...
Page 285: Trusted Ca Certificate
To import a pre-saved trusted CA certificate, please click IMPORT to open the following window. Use Browse… to find out the saved text file. Then click Import. The one you imported will be listed on the Trusted CA Certificate window. Then click Import to use the pre-saved file. Vigor2120 Series User’s Guide...
Page 286 For viewing each trusted CA certificate, click View to open the certificate detail information window. If you want to delete a CA certificate, choose the one and click Delete to remove all the certificate information. Vigor2120 Series User’s Guide...
Page 287: Certificate Backup
Backup on the following screen to save them. If you want to set encryption password for these certificates, please type characters in both fields of Encrypt password and Retype password. Also, you can use Restore to retrieve these two settings to the router whenever you want. Vigor2120 Series User’s Guide...
Page 288: Wireless Lan(2.4Ghz/5Ghz)
Point (AP) connecting to lots of wireless clients or Stations (STA). All the STAs will share the same Internet connection via Vigor wireless router. The General Settings will set up the information of this wireless network, including its SSID as identification, located channel etc. Vigor2120 Series User’s Guide...
Page 289 Manage Wireless Stations - Station List will display all the station in your wireless network and the status of their connection. Below shows the menu items for Wireless LAN. In this section, we take Wireless LAN (2.4G) as the examples of function explanations. Vigor2120 Series User’s Guide...
Page 290: General Setup
Check the box to enable wireless function. Enable Wireless LAN Mode At present, the router can connect to 11b Only, 11g Only, 11n Only(2.4 GHz), Mixed (11b+11g), Mixed (11g+11n), and Mixed (11b+11g+11n) stations simultaneously. Simply choose Mixed (11b+11g+11n) mode. 2.4G Vigor2120 Series User’s Guide...
Page 291 You may choose up to 4 schedules out of the 15 schedules pre-defined in Applications >> Schedule setup. The default setting of this field is blank and the function will always work. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 292: Security
By clicking the Security Settings, a new web page will appear so that you could configure the settings of WPA and WEP. Available settings are explained as follows: Item Description Mode There are several modes provided for you to choose. Vigor2120 Series User’s Guide...
Page 293 The keys can be entered in ASCII or Hexadecimal. Check the key you wish to use. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 294: Access Control
MAC address from LAN. Add a new MAC address into the list. Delete Delete the selected MAC address in the list. Edit Edit the selected MAC address in the list. Vigor2120 Series User’s Guide...
Page 295: Wps
He/she only needs to press a button on wireless client, and WPS will connect for client and router automatically. There are two methods to do network connection through WPS between AP and Stations: pressing the Start PBC button or using PIN Code. Vigor2120 Series User’s Guide...
Page 296  On the side of Vigor2120 series which served as an AP, press WPS button once on the front panel of the router or click Start PBC on web configuration interface. On the side of a station with network card installed, press Start PBC button of network card.
Page 297 Start PIN button. The WPS PinCode LED on the router will blink fast when WPS is in progress. It will return to normal condition after two minutes. (You need to setup WPS within two minutes) Vigor2120 Series User’s Guide...
Page 298: Wds
To meet the above requirement, two WDS modes are implemented in Vigor router. One is Bridge, the other is Repeater. Below shows the function of WDS-bridge interface: The application for the WDS-Repeater mode is depicted as below: Vigor2120 Series User’s Guide...
Page 299 Bridge 2 through WDS links. However, hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2. Click WDS from Wireless LAN menu. The following page will be shown. Vigor2120 Series User’s Guide...
Page 300 WPA2 are used for WDS devices (e.g.2120n-plus wireless router, you can set the encryption mode as WPA or WPA2 to establish your WDS system between AP and the router. Key - Type 8 ~ 63 ASCII characters or 64 hexadecimal Vigor2120 Series User’s Guide...
Page 301 Disable to cancel this function. It allows user to send “hello” message to peers. Yet, it is Status valid only when the peer also supports this function. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 302: Advanced Setting
If you choose auto as guard interval, the AP router will choose short guard interval (increasing the wireless performance) or long guard interval for data transmit based on the station capability. Vigor2120 Series User’s Guide...
Page 303 Vigor N61 wireless utility window, choose Enable for TxBURST on the tab of Option). Note: * means the real transmission rate depends on the environment of the network. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 304: Wmm Configuration
CWMin or equals to CWMin value. Both values will influence the time delay for WMM accessing categories. The difference between AC_VI and AC_VO categories must be smaller; however, the difference between AC_BE and AC_BK categories must be greater. Vigor2120 Series User’s Guide...
Page 305 “Check” the box means the AP router will not answer any response request for the transmitting packets. It will have better performance with lower reliability. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 306: Ap Discovery
AP’s MAC address on the bottom of the page and click Bridge or Repeater. Next, click Add to. Later, the MAC address of the AP will be added to Bridge or Repeater field of WDS settings page. Vigor2120 Series User’s Guide...
Page 307: Station List
WLAN station and click Add to Access Control below. Available settings are explained as follows: Item Description Refresh Click this button to refresh the status of station list. Click this button to add current typed MAC address into Access Control. Vigor2120 Series User’s Guide...
Page 308: Station Control
Display All Station All the wireless stations connecting to Vigor router by using Control List such SSID will be listed on Station Control List. WEB Portal Setup Click it to access in to LAN>>Web Portal Setup page for Vigor2120 Series User’s Guide...
Page 309: Ssl Vpn
Otherwise, choose Self-signed to use the router’s built-in default certificate. The default certificate can be used in SSL VPN server and HTTPS Web Proxy. Vigor2120 Series User’s Guide...
Page 310: Ssl Application
Display the type of the service selected, e.g., VNC/RDP/SAMBA. Active Display current status (active or inactive) of the selected profile. To create a new SSL application profile: 1. Click number link under Index filed to set detailed configuration. Vigor2120 Series User’s Guide...
Page 311 (100%, 80%, 60%) for such application. Screen Size If you choose RDP, you have to choose the screen size for such application. 3. Enter the required information. 4. After finished the above settings, click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 312: User Account
With SSL VPN, Vigor2120 series let teleworkers have convenient and simple remote access to central site VPN. The teleworkers do not need to install any VPN software manually. From regular web browser, you can establish VPN connection back to your main office even in a guest network or web cafe.
Page 313 VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection.  Nice to Have - Apply the IPSec policy first, if it is applicable during negotiation. Otherwise, the dial-in VPN connection becomes one pure L2TP connection. Vigor2120 Series User’s Guide...
Page 314 PIN Code – Type the code for authentication (e.g, 1234). Secret – Use the 32 digit-secret number generated by mOTP in the mobile phone (e.g., e759bb6f0e94c7ab4fe6). IKE Authentication This group of fields is applicable for IPSec Tunnels and L2TP Vigor2120 Series User’s Guide...
Page 315 Local ID - Specify a local ID to be used for Dial-in setting in the LAN-to-LAN Profile setup. This item is optional and can be used only in IKE aggressive mode. After finishing all the settings here, please click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 316: Online User Status
If you have finished the configuration of SSL Web Proxy (server), users can find out corresponding settings when they access into Draytek SSL VPN portal interface. Next, users can open SSL VPN>> Online Status to view logging status of SSL VPN.
Page 317: Usb Application
FTP sessions. The router allows up to 6 FTP sessions connecting to USB storage disk at one time. Default Charset - At present, Vigor router supports four types of character sets. Default Charset is for English based file name. Vigor2120 Series User’s Guide...
Page 318: Usb User Management
Click index number to access into configuration page. Available settings are explained as follows: Item Description FTP/Samba User Enable – Click this button to activate this profile (account) for FTP service. Later, the user can use the username Vigor2120 Series User’s Guide...
Page 319 USB storage disk, must follow the rule specified here. File – Check the items (Read, Write and Delete) for such profile. Directory –Check the items (List, Create and Remove) for such profile. Vigor2120 Series User’s Guide...
Page 320: File Explorer
Click this icon to add a new folder. Create Current Path Display current folder. Upload Click this button to upload the selected file to the USB storage disk. The uploaded file in the USB diskette can be shared for other user through FTP. Vigor2120 Series User’s Guide...
Page 321: Usb Device Status
Username It displays the username that user uses to login to the FTP server. When you insert USB storage disk into the Vigor router, the system will start to find out such device within several seconds. Vigor2120 Series User’s Guide...
Page 322: Modem Support List
Such page provides the information about the brand name and model name of the USB modems which are supported by Vigor router. Vigor2120 Series User’s Guide...
Page 323: System Maintenance
Below shows the menu items for System Maintenance. The System Status provides basic network settings of Vigor router. It includes LAN and WAN interface information. Also, you could get the current running firmware version or firmware related information from this presentation. Vigor2120 Series User’s Guide...
Page 324 Scope - Display the scope of IPv6 address. For example, IPv6 Link Local could only be used for direct IPv6 link. It can't be used for IPv6 internet. Internet Access Mode – Display the connection mode chosen for accessing into Internet. Vigor2120 Series User’s Guide...
Page 325: 315
Test With Inform – Click it to send a message based on the event code selection to test if such CPE is able to communicate with VigorACS SI server. Event Code – Use the drop down menu to specify an event Vigor2120 Series User’s Guide...
Page 326 After finishing all the settings here, please click OK to save the configuration. This page allows you to set new password. Available settings are explained as follows: Item Description Old Password Type in the old password. The factory default setting for password is “admin”. Vigor2120 Series User’s Guide...
Page 327: Administrator Password
31 characters. Confirm Password Type in the new password again. When you click OK, the login window will appear. Please use the new password to access into the web user interface again. Vigor2120 Series User’s Guide...
Page 328 4. Log out Vigor router web user interface by clicking the Logout button. 5. The following window will be open to ask for username and password. Type the new user password in the filed of Password and click Login. Vigor2120 Series User’s Guide...
Page 329 Settings to be configured in User Mode will be less than settings in Admin Mode. Only basic configuration settings will be available in User Mode. Note: Setting in User Mode can be configured as same as in Admin Mode. Vigor2120 Series User’s Guide...
Page 330: Login Page Title
Check this box to enable the login customization function. Login Page Title Type a brief description (e.g., Welcome to DrayTek) which will be shown on the heading of the login dialog. Type words or sentences here. It will be displayed for Welcome Message and bulletin message.
Page 331 Below shows an example of login customization with the information typed in Login Description and Bulletin. Vigor2120 Series User’s Guide...
Page 332: Configuration Backup
Click Backup button to get into the following dialog. Click Save button to open another dialog for saving configuration as a file. In Save As dialog, the default filename is config.cfg. You could give it another name by yourself. Vigor2120 Series User’s Guide...
Page 333 Click Browse button to choose the correct configuration file for uploading to the router. Click Restore button and wait for few seconds, the following picture will tell you that the restoration procedure is successful. Vigor2120 Series User’s Guide...
Page 334: Syslog/Mail Alert
Mail Syslog – Check the box to recode the mail event on Syslog. Enable syslog message - Check the box listed on this web page to send the corresponding message of firewall, VPN, User Access, Call, WAN, Router/DSL information to Syslog. Vigor2120 Series User’s Guide...
Page 335 From the Syslog screen, select the router you want to monitor. Be reminded that in Network Information, select the network adapter used to connect to the router. Otherwise, you won’t succeed in retrieving information from the router. Vigor2120 Series User’s Guide...
Page 336 Vigor2120 Series User’s Guide...
Page 337: Time And Date
Enable Daylight Saving Check the box to enable the daylight saving. Such feature is available for certain area. Automatically Update Select a time interval for updating from the NTP server. Interval Click OK to save these settings. Vigor2120 Series User’s Guide...
Page 338: Snmp
Set trap community by typing a proper name. The default setting is public. The maximum length of the text is limited to 23 characters. Notification Host IP Set the IPv4 address of the host that will receive the trap (IPv4) community. Vigor2120 Series User’s Guide...
Page 339 Privacy Algorithm Choose one of the methods listed below as the privacy algorithm. Privacy Password Type a password for privacy. The maximum length of the text is limited to 23 characters. Click OK to save these settings. Vigor2120 Series User’s Guide...
Page 340: Management
The web user interface will be open until you click the Logout icon manually. Internet Access Control Allow management from the Internet - Enable the checkbox to allow system administrators to login from the Vigor2120 Series User’s Guide...
Page 341 Available settings are explained as follows: Item Description Management Access Allow management from the Internet - Enable the Control checkbox to allow system administrators to login from the Internet. There are several servers provided by the system Vigor2120 Series User’s Guide...
Page 342 A maximum of three IPs/subnet masks is allowed. IPv6 Address /Prefix Length- Indicate the IP address(es) allowed to login to the router. After finished the above settings, click OK to save the configuration. Vigor2120 Series User’s Guide...
Page 343: Reboot System
Note: When the system pops up Reboot System web page after you configure web settings, please click Reboot Now to reboot your router for ensuring normal operation and preventing unexpected errors of the router in the future. Vigor2120 Series User’s Guide...
Page 344: Firmware Upgrade
Note that this example is running over Windows OS (Operating System). Download the newest firmware from DrayTek's web site or FTP site. The DrayTek web site is www.DrayTek.com (or local DrayTek's web site) and FTP site is ftp.DrayTek.com.
Page 345: Activation
The Activate link brings you accessing into www.vigorpro.com to finish the activation of the account and the router. Authentication Message As for authentication information of web filter, the process of authenticating will be displayed on this field for your reference. Vigor2120 Series User’s Guide...
Page 346 Below shows the successful activation of Web Content Filter: Vigor2120 Series User’s Guide...
Page 347: Diagnostics
(e.g., PPPoE) is triggered by a package sending from the source IP address. Available settings are explained as follows: Item Description Decoded Format It shows the source IP address (local), destination IP (remote) address, the protocol and length of the package. Refresh Click it to reload the page. Vigor2120 Series User’s Guide...
Page 348: Routing Table
Click Diagnostics and click Routing Table to open the web page. And, Available settings are explained as follows: Item Description Refresh Click it to reload the page. Vigor2120 Series User’s Guide...
Page 349: Arp Cache Table
IPv6 address. This information is helpful in diagnosing network problems, such as IP address conflicts, etc. Click Diagnostics and click IPv6 Neighbour Table to open the web page. Available settings are explained as follows: Item Description Refresh Click it to reload the page. Vigor2120 Series User’s Guide...
Page 350: Dhcp Table
It displays the connection item number. IP Address It displays the IP address assigned by this router for specified PC. MAC Address It displays the MAC address for the specified PC that DHCP assigned IP address for it. Vigor2120 Series User’s Guide...
Page 351: Nat Sessions Table
It indicates the temporary port of the router used for NAT. Peer IP:Port It indicates the destination IP address and port of remote host. Interface It displays the representing number for different interface. Refresh Click it to reload the page. Vigor2120 Series User’s Guide...
Page 352: Ping Diagnosis
Type the IPv6 address that you want to ping. Click this button to start the ping work. The result will be displayed on the screen. Clear Click this link to remove the result on the window. Vigor2120 Series User’s Guide...
Page 353: Data Flow Monitor
Item Description Check this box to enable this function. Enable Data Flow Monitor Refresh Seconds Use the drop down list to choose the time interval of refreshing data flow that will be done by the system Vigor2120 Series User’s Guide...
Page 354 Peak means the highest peak value detected by the router in data transmission. Speed means line speed specified in WAN>>General Setup. If you do not specify any rate at that page, here will display Auto for instead. Vigor2120 Series User’s Guide...
Page 355: Traffic Graph
Bandwidth chart, the numbers displayed on vertical axis represent the numbers of the transmitted and received packets in the past. For Sessions chart, the numbers displayed on vertical axis represent the numbers of the NAT sessions during the past. Vigor2120 Series User’s Guide...
Page 356: Trace Route
Available settings are explained as follows: Item Description IPv4 / IPv6 Click one of them to display corresponding information for Protocol Use the drop down list to choose the protocol that you want to ping through. Vigor2120 Series User’s Guide...
Page 357: System Explorer
Display Mode There are two modes for you to choose. Stop record when fulls – when the capacity of syslog is full, the system will stop recording. Always record the new event – only the newest events Vigor2120 Series User’s Guide...
Page 358: Ipv6 Tspc Status
If TSPC has configured properly, the router will display the following page when the user connects to tunnel broker successfully. Available settings are explained as follows: Item Description Refresh Click this link to refresh this page manually. Vigor2120 Series User’s Guide...
Page 359: Trouble Shooting
Turn on the router. Make sure the ACT LED blink once per second and the correspondent LAN LED is bright. If not, it means that there is something wrong with the hardware status. Simply back to “1.3 Hardware Installation” to execute the hardware installation again. And then, try again. Vigor2120 Series User’s Guide...
Page 360 Go to Control Panel and then double-click on Network Connections. Right-click on Local Area Connection and click on Properties. Select Internet Protocol (TCP/IP) and then click Properties. Vigor2120 Series User’s Guide...
Page 361 Select Obtain an IP address automatically and Obtain DNS server address automatically. Double click on the current used Mac OS on the desktop. Open the Application folder and get into Network. On the Network screen, select Using DHCP from the drop down list of Configure IPv4. Vigor2120 Series User’s Guide...
Page 362: Pinging The Router From Your Computer
Open the Application folder and get into Utilities. Double click Terminal. The Terminal window will appear. Type ping 192.168.1.1 and press [Enter]. If the link is OK, the line of “64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=xxxx ms” will appear. Vigor2120 Series User’s Guide...
Page 363: Checking If The Isp Settings Are Ok Or Not
PIN code and try again. If it still fails, it might be the compliance problem of system. Please open DrayTek Syslog Tool to capture the connection information (WAN Log) and send the page (similar to the following graphic) to the service center of DrayTek.
Page 364: Backing To Factory Default Setting If Necessary
Go to System Maintenance and choose Reboot System on the web page. The following screen will appear. Choose Using factory default configuration and click Reboot Now. After few seconds, the router will return all the settings to the factory settings. Vigor2120 Series User’s Guide...
Page 365: Contacting Your Dealer
After restore the factory default setting, you can configure the settings for the router again to fit your personal request. If the router still cannot work correctly after trying many efforts, please feel free to send e-mail to support@DrayTek.com. Vigor2120 Series User’s Guide...

This manual is also suitable for:

Vigor2120 series

Draytek Vigor2120 series User Manual

Quick Links

Related Manuals for Draytek Vigor2120 series

Summary of Contents for Draytek Vigor2120 series

This manual is also suitable for:

Table of Contents