Page 1 Vigor2710 Series ADSL2/2+ Firewall Router User’s Guide Version: 1.0 Date: 2008/09/12...
Page 2: Copyright Information
Web registration is preferred. You can register your Vigor router via Owner http://www.draytek.com. Firmware & Tools Due to the continuous evolution of DrayTek technology, all routers will be regularly Updates upgraded. Please consult the DrayTek web site for more information on newest firmware, tools and documents.
Page 3: European Community Declarations
Product: Vigor2710 Series Router DrayTek Corp. declares that Vigor2820 Series of routers are in compliance with the following essential requirements and other relevant provisions of R&TTE Directive 1999/5/EEC. The product conforms to the requirements of Electro-Magnetic Compatibility (EMC) Directive 2004/108/EC by complying with the requirements set forth in EN55022/Class B and EN55024/Class B.
Page 4: Table Of Contents
3.2.2 General Setup......................... 34 3.3 NAT ............................37 3.3.1 Port Redirection ......................37 3.3.2 DMZ Host........................39 3.3.3 Open Ports........................42 3.4 Applications ........................... 43 3.4.1 Dynamic DNS ......................... 43 3.4.2 UPnP..........................45 3.5 Wireless LAN ........................47 Vigor2710 Series User’s Guide...
Page 5 4.5.6 Keyword Group......................107 4.5.7 File Extension Object....................108 4.5.8 IM Object ........................110 4.5.9 P2P Object........................111 4.5.9 P2P Object........................111 4.5.10 Misc Object ......................... 112 4.6 CSM Profile ..........................113 4.6.1 IM/P2P Filter Profile...................... 114 Vigor2710 Series User’s Guide...
Page 6 4.13.1 Dial-out Trigger ......................183 4.13.2 Routing Table ......................184 4.13.3 ARP Cache Table ....................... 184 4.13.4 DHCP Table........................ 185 4.13.5 NAT Sessions Table ....................185 4.13.6 Data Flow Monitor....................... 186 4.13.7 Traffic Graph....................... 187 4.13.8 Ping Diagnosis......................188 Vigor2710 Series User’s Guide...
Page 7 6.3 Pinging the Router from Your Computer ................220 6.4 Checking If the ISP Settings are OK or Not ................ 221 6.5 Backing to Factory Default Setting If Necessary ..............222 6.6 Contacting Your Dealer ....................... 223 Vigor2710 Series User’s Guide...
Page 9: Preface
Vigor2710 series is an ADSL router. It integrates IP layer QoS, NAT session/bandwidth management to help users control works well with large bandwidth. By adopting hardware-based VPN platform and hardware encryption of AES/DES/3DS, the router increases the performance of VPN greatly, and offers several protocols (such as IPSec/PPTP/L2TP) with up to 2 VPN tunnels.
Page 10: Led Indicators And Connectors
>>General Setup. (Such profile must be established under CSM menu) Interface Description Connecter for accessing the Internet through ADSL2/2+. LAN (1-4) Connecters for local networked devices. Connecter for USB storage device (Pen Driver/Mobile HD) or printer. Vigor2710 Series User’s Guide...
Page 11 5 seconds. When you see the ACT LED begins to blink rapidly than usual, release the button. Then the router will restart with the factory default configuration. Connecter for a power adapter. Power Switch. ON/OFF Vigor2710 Series User’s Guide...
Page 12 Press the button once to enable (WLAN LED on) or WLAN disable (WLAN LED off) wireless connection. Connecter for accessing the Internet through ADSL2/2+. LAN (1-4) Connecters for local networked devices. Connecter for USB storage (Pen Driver Mobile/HD) or printer. Vigor2710 Series User’s Guide...
Page 13 5 seconds. When you see the ACT LED begins to blink rapidly than usual, release the button. Then the router will restart with the factory default configuration. Connecter for a power adapter. Power Switch. ON/OFF Vigor2710 Series User’s Guide...
Page 14 Press the button once to enable (WLAN LED on) or WLAN disable (WLAN LED off) wireless connection. Connecter for accessing the Internet through ADSL2/2+. LAN (1-4) Connecters for local networked devices. Connecter for USB storage (Pen Driver Mobile/HD) or printer. Vigor2710 Series User’s Guide...
Page 15 5 seconds. When you see the ACT LED begins to blink rapidly than usual, release the button. Then the router will restart with the factory default configuration. Connecter for a power adapter. Power Switch. ON/OFF Vigor2710 Series User’s Guide...
Page 16: Hardware Installation
Power on the device by pressing down the power switch on the rear panel. The system starts to initiate. After completing the system test, the ACT LED will light up and start blinking. (For the detailed information of LED status, please refer to section 1.2.) Vigor2710 Series User’s Guide...
Page 17: Printer Installation
You can install a printer onto the router for sharing printing. All the PCs connected this router can print documents via the router. The example provided here is made based on Windows XP/2000. For Windows 98/SE/Vista, please visit www.draytek.com. Before using it, please follow the steps below to configure settings for connected computers (or wireless clients).
Page 18 Click Local printer attached to this computer and click Next. In this dialog, choose Create a new port Type of port and use the drop down list to select Standard TCP/IP Port. Click Next. Vigor2710 Series User’s Guide...
Page 19 In the following dialog, type 192.168.1.1 (router’s LAN IP) in the field of Printer Name or IP Address and type IP_192.168.1.1 as the port name. Then, click Next. Click Standard and choose Generic Network Card. Then, in the following dialog, click Finish. Vigor2710 Series User’s Guide...
Page 20 10. For the final stage, you need to go back to Control Panel-> Printers and edit the property of the new printer you have added. 11. Select "LPR" on Protocol, type p1 (number 1) as Queue Name. Then click OK. Next please refer to the red rectangle for choosing the correct protocol and UPR name. Vigor2710 Series User’s Guide...
Page 21 Note 1: Some printers with the fax/scanning or other additional functions are not supported. If you do not know whether your printer is supported or not, please visit www.draytek.com to find out the printer list. Open Support Center->FAQ->Sort by product; select the model of the router and click on it;...
Page 22: Configuring Basic Settings
The web page can be logged out according to the chosen condition. The default setting is Auto Logout, which means the web configuration system will logout after 5 minutes without any operation. Change the setting for your necessity. Vigor2710 Series User’s Guide...
Page 23: Changing Password
Otherwise, do not type any word (both username and password are Null for user operation) on the window and click Login on the window. Now, the Main Screen will appear. Main screen for admin mode operation (full configuration) Vigor2710 Series User’s Guide...
Page 24 Enter the login password (the default is blank) on the field of Old Password. Type New Password. Then click OK to continue. Now, the password has been changed. Next time, use the new password to access the Web Configurator for this router. Vigor2710 Series User’s Guide...
Page 25: Quick Start Wizard
Wizard is entering login password. After typing the password, please click Next. In the Quick Start Wizard, you can configure the router to access the Internet with different protocol/modes such as PPPoE, PPPoA, Bridged IP, or Routed IP. The router supports the Vigor2710 Series User’s Guide...
Page 26: Adjusting Protocol/Encapsulation
No, the following IP Address, Subnet Mask and Default Gateway will not be changed. IP Address Assign an IP address for the protocol that you select. Subnet Mask Assign a subnet mask value for the protocol of Routed IP and Bridged IP. Vigor2710 Series User’s Guide...
Page 27: Pppoe/Pppoa
If your ISP provides you the PPPoE connection, please select PPPoE for this router. The following page will be shown: User Name Assign a specific valid user name provided by the ISP. Password Assign a valid password provided by the ISP. Confirm Password Retype the password. Vigor2710 Series User’s Guide...
Page 28: 1483 Bridged Ip
Click Next for viewing summary of such connection. Click Finish. Then, the system status of this protocol will be shown. Click 1483 Bridged IP as the protocol. Type in all the information that your ISP provides for this protocol. Vigor2710 Series User’s Guide...
Page 29: 1483 Routed Ip
Click Next for viewing summary of such connection. Click Finish. Then, the system status of this protocol will be shown. Click 1483 Routed IP as the protocol. Type in all the information that your ISP provides for this protocol. Vigor2710 Series User’s Guide...
Page 30: Online Status
If you select PPPoE/PPPoA as the protocol, you will find out a link of Dial PPPoE or Drop PPPoE in the Online Status web page. Online status for PPPoE Vigor2710 Series User’s Guide...
Page 31 Displays the total transmitted packets at the LAN interface. RX Packets Displays the total number of received packets at the LAN interface. WAN1 Status Line Displays the physical connection (Ethernet) of this interface. Name Displays the name set in WAN1/WAN web page. Vigor2710 Series User’s Guide...
Page 32: Saving Configuration
Each time you click OK on the web page for saving the configuration, you can find messages showing the system interaction with you. Ready indicates the system is ready for you to input settings. Settings Saved means your settings are saved once you click Finish or OK button. Vigor2710 Series User’s Guide...
Page 33: User Mode Operation
(NIC). Having a unique IP address is mandatory for those devices participated in the public network but not in the private TCP/IP local area networks (LANs), such as host PCs under the management of a router since they do not need to be accessed by the public. Hence, the Vigor2710 Series User’s Guide...
Page 34: Pppoe/Pppoa
ADSL loop and your ISP’s Digital Subscriber Line Access Multiplexer (SDLAM). To choose PPPoE or PPPoA as the accessing protocol of the internet, please select PPPoE/PPPoA from the Internet Access menu. The following web page will be shown. Vigor2710 Series User’s Guide...
Page 35 PPPoE session (different with the Host PC) to access into Internet. For Wireless LAN – If you check this box, PCs on the same wireless network can use another set of PPPoE session (different with the Host PC) to access into Internet. Vigor2710 Series User’s Guide...
Page 36 Index (1-15) in Schedule Setup - You can type in four sets of time schedule for your request. All the schedules can be set previously in Applications – Schedule web page and you can use the number that you have set in that web page. Vigor2710 Series User’s Guide...
Page 37 Click Enable RIP for activating this function. Bridge Mode If you choose Bridged IP as the protocol, you can check this box to invoke the function. The router will work as a bridge modem. Vigor2710 Series User’s Guide...
Page 38 MAC Address – Type in the MAC address for the router manually. DNS Server IP Type in the primary IP address for the router. If necessary, type in Address secondary IP address for necessity in the future. Vigor2710 Series User’s Guide...
Page 39: Lan
IP address. As a part of the public subnet, the Vigor router will serve for IP routing to help hosts in the public subnet to communicate with other public hosts or servers outside. Therefore, the router should be set as the gateway for public hosts. Vigor2710 Series User’s Guide...
Page 40: General Setup
Click LAN to open the LAN settings page and choose General Setup. 1st IP Address Type in private IP address for connecting to a local private network (Default: 192.168.1.1). 1st Subnet Mask Type in an address code that determines the size of the network. (Default: 255.255.255.0/ 24) Vigor2710 Series User’s Guide...
Page 41 RIP Protocol Control Disable deactivates the RIP protocol. It will lead to a stoppage of the exchange of routing information between routers. (Default) 1st Subnet - Select the router to change the RIP information of the Vigor2710 Series User’s Guide...
Page 42 DNS Server. If your ISP does not provide it, the router will automatically apply default secondary DNS Server IP address: 194.98.0.1 to this field. The default DNS Server IP address can be found via Online Status: Vigor2710 Series User’s Guide...
Page 43: Nat
Port Redirection is usually set up for server related service inside the local network (LAN), such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP address for each server and this public IP address/domain name are recognized by all users. Vigor2710 Series User’s Guide...
Page 44 To use this function, please go to NAT page and choose Port Redirection web page. The Port Redirection Table provides 20 port-mapping entries for the internal hosts. Press any number under Index to access into next page for configuring port redirection. Vigor2710 Series User’s Guide...
Page 45: Dmz Host
As mentioned above, Port Redirection can redirect incoming TCP/UDP or other traffic on particular ports to the specific private IP address/port of host in the LAN. However, other IP Vigor2710 Series User’s Guide...
Page 46 We suggest you to add additional filter rules or a secondary firewall. Click DMZ Host to open the following page: If you previously have set up WAN Alias for PPPoE/PPPoA or MPoA mode, you will find them in Aux. WAN IP for your selection. Vigor2710 Series User’s Guide...
Page 47 DMZ host. When you have selected one private IP from the above dialog, the IP address will be shown on the following screen. Click OK to save the setting. Vigor2710 Series User’s Guide...
Page 48: Open Ports
Inactive or Active state. To add or edit port settings, click one index number on the page. The index entry setup page will pop up. In each index entry, you can specify 10 port ranges for diverse services. Vigor2710 Series User’s Guide...
Page 49: Applications
Dynamic DNS server. Once the router is online, you will be able to use the registered domain name to access the router or internal virtual servers from the Internet. It is particularly helpful if you host a web server, FTP server, or other server behind the router. Vigor2710 Series User’s Guide...
Page 50 Account, and choose correct Service Provider: dyndns.org, type the registered hostname: hostname and domain name suffix: dyndns.org in the Domain Name block. The following two blocks should be typed your account Login Name: test and Password: test. Vigor2710 Series User’s Guide...
Page 51: Upnp
Further, the user does not have to manually set up port mappings or a DMZ. UPnP is available on Windows XP and the router provide the associated support for MSN Messenger to allow full use of the voice, video and messaging features. Vigor2710 Series User’s Guide...
Page 52 NAT router. The application will also learn the external IP address and configure port mappings on the router. Subsequently, such a facility forwards packets from the external ports of the router to the internal ports used by the application. Vigor2710 Series User’s Guide...
Page 53: Wireless Lan
IEEE 802.11n protocol. To boost its performance further, the Vigor Router is also loaded with advanced wireless technology to lift up data rate up to 300 Mbps*. Hence, you can finally smoothly enjoy stream music and video. Vigor2710 Series User’s Guide...
Page 54 WEP and WPA at the same time. Separate the Wireless and the Wired LAN- WLAN Isolation enables you to isolate your wireless LAN from wired LAN for either quarantine or limit access reasons. To isolate Vigor2710 Series User’s Guide...
Page 55: General Setup
Enable Wireless LAN Check the box to enable wireless function. Mode At present, the router can connect to Mixed (11b+11g), 11g Only, 11b Only, Mixed (11g+11n), 11n Only and Mixed (11b+11g+11n) stations simultaneously. Simply choose Mix (11b+11g+11n) mode. Vigor2710 Series User’s Guide...
Page 56 SSID Means the identification of the wireless LAN. SSID can be any text numbers or various special characters. The default SSID is "DrayTek". We suggest you to change it. Channel Means the channel of frequency of the wireless LAN. The default channel is 6. You may switch channel if the selected channel is under serious interference.
Page 57 56 bit sync filed instead of long preamble with 128 bit sync field. However, some original 11b wireless network devices only support long preamble. Check it to use Long Preamble if needed to communicate with this kind of devices. Vigor2710 Series User’s Guide...
Page 58: Security
802.1x authentication. Either 8~63 ASCII characters, such as 012345678(or 64 Hexadecimal digits leading by 0x, such as "0x321253abcde..."). Type - Select from Mixed (WPA+WPA2) or WPA2 only. Vigor2710 Series User’s Guide...
Page 59: Access Control
Select to enable any one of the following policy. Choose Activate MAC address filter to type in the MAC addresses for other clients in the network manually. Choose Isolate WLAN from LAN will separate all the WLAN stations from LAN based on the MAC Address Vigor2710 Series User’s Guide...
Page 60: Station List
There is a code summary below for explanation. For convenient Access Control, you can select a WLAN station and click Add to Access Control below. Refresh Click this button to refresh the status of station list. Click this button to add current typed MAC address into Access Control. Vigor2710 Series User’s Guide...
Page 61: System Maintenance
Display the subnet mask address of the LAN interface. DHCP Server Display the current status of DHCP server of the LAN interface. Display the assigned IP address of the primary DNS. WAN------- Link Status Display current connection status. Vigor2710 Series User’s Guide...
Page 62: User Password
When you click OK, the login window will appear. Please use the new password to access into the web configurator again. It allows you to specify where the time of the router should be inquired from. Vigor2710 Series User’s Guide...
Page 63: Reboot System
Note: When the system pops up Reboot System web page after you configure web settings, please click OK to reboot your router for ensuring normal operation and preventing unexpect errors of the router in the future. Vigor2710 Series User’s Guide...
Page 64: Diagnostics
DHCP assigned IP address for it. Leased Time It displays the leased time of the specified PC. HOST ID It displays the host ID name of the specified PC. Refresh Click it to reload the page. Vigor2710 Series User’s Guide...
Page 65: Ping Diagnosis
Run. The result of route trace will be shown on the screen. Protocol Use the drop down list to choose the interface that you want to ping through. Host/IP Address It indicates the IP address of the host. Click this button to start route tracing work. Vigor2710 Series User’s Guide...
Page 66 Clear Click this link to remove the result on the window. Vigor2710 Series User’s Guide...
Page 67: Admin Mode Operation
Hence, the NIC has reserved certain addresses that will never be registered publicly. These are known as private IP addresses, and are listed in the following ranges: Vigor2710 Series User’s Guide...
Page 68: Pppoe/Pppoa
ADSL loop and your ISP’s Digital Subscriber Line Access Multiplexer (SDLAM). To choose PPPoE or PPPoA as the accessing protocol of the internet, please select PPPoE/PPPoA from the Internet Access menu. The following web page will be shown. Vigor2710 Series User’s Guide...
Page 69 PPPoE session (different with the Host PC) to access into Internet. ISP Access Setup Enter your allocated username, password and authentication parameters according to the information provided by your ISP. If Vigor2710 Series User’s Guide...
Page 70 All the schedules can be set previously in Applications – Schedule web page and you can use the number that you have set in that web page. After finishing all the settings here, please click OK to activate them. Vigor2710 Series User’s Guide...
Page 71 If you choose Bridged IP as the protocol, you can check this box to invoke the function. The router will work as a bridge modem. WAN IP Network This group allows you to obtain an IP address automatically and Settings allows you type in IP address manually. Vigor2710 Series User’s Guide...
Page 72 DNS Server IP Type in the primary IP address for the router. If necessary, type in Address secondary IP address for necessity in the future. After finishing all the settings here, please click OK to activate them. Vigor2710 Series User’s Guide...
Page 73: Multi-Pvcs
Internet Access. Type in the value provided by your ISP. Type in the value provided by your ISP. QoS Type Select a proper QoS type for the channel. Protocol Select a proper protocol for this channel. Vigor2710 Series User’s Guide...
Page 74 WAN link for Channel 3, 4, 5 are provided for router-borne application such as TR069 and VoIP. The settings must be applied and obtained from your ISP. For your special request, please contact with your ISP and then click WAN link of Channel 3, 4 or 5 to configure your router. Vigor2710 Series User’s Guide...
Page 75 It represents Maximum Burst Size. The range of the value is 10 to 50. General page lets you set the first PVC. As to set the second PVC line, please click the Port-based Bridge tab to open Bridge configuration page. Vigor2710 Series User’s Guide...
Page 76 Click Clear to remove all the configurations in this page if you do not satisfy it. When you finish the configuration, please click OK to save and exit this page. Or click Cancel to abort the configuration and exit this page. Vigor2710 Series User’s Guide...
Page 77: Lan
IP address. As a part of the public subnet, the Vigor router will serve for IP routing to help hosts in the public subnet to communicate with other public hosts or servers outside. Therefore, the router should be set as the gateway for public hosts. Vigor2710 Series User’s Guide...
Page 78 You can group local hosts by physical ports and create up to 4 virtual LANs. To manage the communication between different groups, please set up rules in Virtual LAN (VLAN) function and the rate of each. Vigor2710 Series User’s Guide...
Page 79: General Setup
Type in secondary IP address for connecting to a subnet. (Default: 192.168.2.1/ 24) Subnet Mask An address code that determines the size of the network. (Default: 255.255.255.0/ 24) DHCP Server You can configure the router to serve as a DHCP server for the 2nd subnet. Vigor2710 Series User’s Guide...
Page 80 IP settings to any local user configured as a DHCP client. It is highly recommended that you leave the router enabled as a DHCP server if you do not have a DHCP server for your network. Vigor2710 Series User’s Guide...
Page 81 IP address to local users as a DNS proxy server and maintain a DNS cache. If the IP address of a domain name is already in the DNS cache, the router will resolve the domain name immediately. Otherwise, the Vigor2710 Series User’s Guide...
Page 82: Static Route
Main Router 192.168.1.1 as the default gateway for the Router A 192.168.1.2. Before setting Static Route, user A cannot talk to user B for Router A can only forward recognized packets to its default gateway Main Router. Vigor2710 Series User’s Guide...
Page 83 192.168.10.0 will be forwarded to 192.168.1.2. Click OK. Return to Static Route Setup page. Click on another Index Number to add another static route as show below, which regulates all packets destined to 211.100.88.0 will be forwarded to 192.168.1.3. Vigor2710 Series User’s Guide...
Page 84 Go to Diagnostics and choose Routing Table to verify current routing table. Vigor2710 Series User’s Guide...
Page 85: Vlan
P3 and P4. After checking the box to enable VLAN function, you will check the table according to the needs as shown below. To remove VLAN, uncheck the needed box and click OK to save the results. Vigor2710 Series User’s Guide...
Page 86: Bind Ip To Mac
It displays a list for the IP bind to MAC information. It allows you to add the one you choose from the ARP table or the IP/MAC address typed in Add and Edit to the table of IP Bind List. Vigor2710 Series User’s Guide...
Page 87: Nat
IP address/port, the goal of Port Redirection function is to forward all access request with public IP address from external users to the mapping private IP address/port of the server. Vigor2710 Series User’s Guide...
Page 88 To use this function, please go to NAT page and choose Port Redirection web page. The Port Redirection Table provides 20 port-mapping entries for the internal hosts. Press any number under Index to access into next page for configuring port redirection. Vigor2710 Series User’s Guide...
Page 89 Therefore, you need to change the router’s http port to any one other than the default port 80 to avoid conflict, such as 8080. This can be set in the System Maintenance >>Management Setup. Vigor2710 Series User’s Guide...
Page 90: Dmz Host
LAN. Regular web surfing and other such Internet activities from other clients will continue to work without inappropriate interruption. DMZ Host allows a defined internal user to be totally exposed to the Internet, which usually helps some special applications such as Netmeeting or Internet Games etc. Vigor2710 Series User’s Guide...
Page 91 LAN network. Select one private IP address in the list to be the DMZ host. When you have selected one private IP from the above dialog, the IP address will be shown on the following screen. Click OK to Vigor2710 Series User’s Guide...
Page 92: Open Ports
Inactive or Active state. To add or edit port settings, click one index number on the page. The index entry setup page will pop up. In each index entry, you can specify 10 port ranges for diverse services. Vigor2710 Series User’s Guide...
Page 93 Specify the transport layer protocol. It could be TCP, UDP, or ----- (none) for selection. Start Port Specify the starting port number of the service offered by the local host. End Port Specify the ending port number of the service offered by the local host. Vigor2710 Series User’s Guide...
Page 94: Firewall
It will check packets according to the filter rules. If legal, the packet will pass the router. The following illustrations are flow charts explaining how router will treat incoming traffic and outgoing traffic respectively. Vigor2710 Series User’s Guide...
Page 95 4. Port Scan attack 12. Tear drop attack 5. IP options 13. Ping of Death attack 6. Land attack 14. ICMP fragment 7. Smurf attack 15. Unknown protocol 8. Trace route Below shows the menu items for Firewall. Vigor2710 Series User’s Guide...
Page 96: General Setup
CSM>> URL Content Filter) for applying with this router. Please set at least one profile for choosing in CSM>> URL Content Filter web page first. For troubleshooting needs, you can specify to record information for URL Content Filter by checking the Log Vigor2710 Series User’s Guide...
Page 97 Syslog/Mail Alert for more detailed information. Syslog For troubleshooting needs you can specify the filter log and/or CSM log here by checking the box. The log will be displayed on Draytek Syslog window. Advance Setting Click Edit to open the following window. However, it is strongly recommended to use the default settings here.
Page 98: Filter Setup
Click a button numbered (1 ~ 7) to edit the filter rule. Click the button will open Edit Filter Rule web page. For the detailed information, refer to the following page. Active Enable or disable the filter rule. Vigor2710 Series User’s Guide...
Page 99 Data Filter only. For the Call Filter, this setting is not available since Call Filter is only applied to outgoing traffic. Source/Destination IP Click Edit to access into the following dialog to choose the source/destination IP or IP ranges. Vigor2710 Series User’s Guide...
Page 100 Or use the IP Object drop down list to choose the object that you want. Service Type Click Edit to access into the following dialog to choose a suitable service type. To set the service type manually, please choose User defined as Vigor2710 Series User’s Guide...
Page 101 For troubleshooting needs you can specify the filter log and/or CSM log here. Check the corresponding box to enable the log function. Then, the filter log and/or CSM log will be shown on Draytek Syslog window. Vigor2710 Series User’s Guide...
Page 102 Each filter set is composed by 7 filter rules, which can be further defined. After that, in General Setup you may specify one set for call filter and one set for data filter to execute first. Vigor2710 Series User’s Guide...
Page 103: Dos Defense
ICMP echo requests coming from the Internet. The default setting for threshold and timeout are 50 packets per second and 10 seconds, respectively. Enable PortScan Port Scan attacks the Vigor router by sending lots of packets to Vigor2710 Series User’s Guide...
Page 104 The Vigor routers will block any packets realizing this attacking activity. Block ICMP Fragment Check the box to activate the Block ICMP fragment function. Any ICMP packets with more fragment bit set are dropped. Vigor2710 Series User’s Guide...
Page 105 All the warning messages related to DoS Defense will be sent to user and user can review it through Syslog daemon. Look for the keyword DoS in the message, followed by a name to indicate what kind of attacks is detected. Vigor2710 Series User’s Guide...
Page 106: Ip Object
IPs in the same department can be defined with an IP object (a range of IP address). You can set up to 192 sets of IP Objects with different conditions. Set to Factory Default Clear all profiles. Click the number under Index column for settings in detail. Vigor2710 Series User’s Guide...
Page 107 Type the subnet mask if the Subnet Address type is selected. Invert Selection If it is checked, all the IP addresses except the ones listed above will be applied later while it is chosen. Below is an example of IP objects settings. Vigor2710 Series User’s Guide...
Page 108: Ip Group
This page allows you to bind several IP objects into one IP group. Set to Factory Default Clear all profiles. Click the number under Index column for settings in detail. Vigor2710 Series User’s Guide...
Page 109 Available IP Objects All the available IP objects with the specified interface chosen above will be shown in this box. Selected IP Objects Click >> button to add the selected IP objects in this box. Vigor2710 Series User’s Guide...
Page 110: Service Type Object
Specify the protocol(s) which this profile will apply to. Source/Destination Port Source Port and the Destination Port column are available for TCP/UDP protocol. It can be ignored for other protocols. The filter rule will filter out any port number. Vigor2710 Series User’s Guide...
Page 111: Service Type Group
Below is an example of service type objects settings. This page allows you to bind several service types into one group. Set to Factory Default Clear all profiles. Click the number under Index column for settings in detail. Vigor2710 Series User’s Guide...
Page 112: Keyword Object
You can set 200 keyword object profiles for choosing as black /white list in CSM >>URL Web Content Filter Profile. Set to Factory Default Clear all profiles. Click the number under Index column for setting in detail. Vigor2710 Series User’s Guide...
Page 113: Keyword Group
This page allows you to bind several keyword objects into one group. The keyword groups set here will be chosen as black /white list in CSM >>URL Web Content Filter Profile. Set to Factory Default Clear all profiles. Click the number under Index column for setting in detail. Vigor2710 Series User’s Guide...
Page 114: File Extension Object
Profile 1 with name of “default” is the default profile, some files with the file extensions specified in this profile will be ignored and not be scanned by Vigor router. Set to Factory Default Clear all profiles. Click the number under Profile column for configuration in details. Vigor2710 Series User’s Guide...
Page 115 Profile Name Type a name for this profile. Type a name for such profile and check all the items of file extension that will be processed in the router. Finally, click OK to save this profile. Vigor2710 Series User’s Guide...
Page 116: Im Object
Profile Name Type a name for this profile. Type a name for such profile and check all the items that not allowed to be used in the host. Finally, click OK to save this profile. Vigor2710 Series User’s Guide...
Page 117: P2P Object
(es) and then click OK. Later, in the CSM>>IM/P2P Filter Profile page, you can use P2P Object drop down list to choose the proper profile configured here as the standard for the host(s) to follow. Profile Name Type a name for this profile. Vigor2710 Series User’s Guide...
Page 118: Misc Object
Profile Name Type a name for this profile. Type a name for such profile and check all the protocols that not allowed to be used in the host. Finally, click OK to save this profile. Vigor2710 Series User’s Guide...
Page 119: Csm Profile
For parents, you can protect your children from viewing adult websites or chat rooms. Once you have activated your Web Filtering service in Vigor router and chosen the categories of website you wish to restrict, each URL address requested (e.g.www.bbc.co.uk) will be Vigor2710 Series User’s Guide...
Page 120: Im/P2P Filter Profile
Peer) application. CSM profile can be used in Filter Setup page. Set to Factory Default Clear all profiles. Click the number under Index column for settings in detail. Profile Name Type a name for the CSM profile. Vigor2710 Series User’s Guide...
Page 121: Url Content Filter Profile
Click CSM and click URL Content Filter Profile to open the profile setting page. You can set eight profiles as URL content filter. Simply click the index number under Profile to open the following web page. Vigor2710 Series User’s Guide...
Page 122 None – There is no log file will be recorded for this profile. Pass – Only the log about Pass will be recorded in Syslog. Block – Only the log about Block will be recorded in Syslog. Vigor2710 Series User’s Guide...
Page 123 32-character long. After specifying keywords, the Vigor router will decline the connection request to the website whose URL string matched to any user-defined keyword. It should be noticed that the more simplified the blocking Vigor2710 Series User’s Guide...
Page 124 File Extension Profile – Choose one of the profiles that you configured in Object Setting>> File Extension Objects previously for passing or blocking the file downloading. Vigor2710 Series User’s Guide...
Page 125: Web Content Filter Profile
Click CSM and click Web Content Filter Profile to open the profile setting page. You can set eight profiles as Web content filter. Simply click the index number under Profile to open the following web page. Vigor2710 Series User’s Guide...
Page 126 Block – Only the log about Block will be recorded in Syslog. All – All the actions (Pass and Block) will be recorded in Syslog. For this section, please refer to Web Content Filter user’s guide. Vigor2710 Series User’s Guide...
Page 127: Bandwidth Management
Defines the default session number used for each computer in LAN. Limitation List Displays a list of specific limitations that you set on this web page. Start IP Defines the start IP address for limit session. Vigor2710 Series User’s Guide...
Page 128 You can type in four sets of time schedule for your request. Setup All the schedules can be set previously in Application – Schedule web page and you can use the number that you have set in that web page. Vigor2710 Series User’s Guide...
Page 129: Bandwidth Limit
RX limit Define the limitation for the speed of the downstream. If you do not set the limit in this field, the system will use the default speed for the specific limitation you set for each index. Vigor2710 Series User’s Guide...
Page 130: Quality Of Service
The core routers in the backbone will do the same checking before executing treatments in order to ensure service-level consistency throughout the whole QoS-enabled network. Vigor2710 Series User’s Guide...
Page 131 There are four queues allowed for QoS control. The first three (Class 1 to Class 3) class rules can be adjusted for your necessity. Yet, the last one is reserved for the packets which are not suitable for the user-defined class rules. Vigor2710 Series User’s Guide...
Page 132 Display an online statistics for quality of service for your reference. This link will be seen only if you click OK in WAN1 General Setup web page and click Setup again (for WAN1) on the Bandwidth Management>>Quality of Vigor2710 Series User’s Guide...
Page 133 Edit link of that one. After you click the Edit link, you will see the following page. Now you can define the name for that Class. In this case, “Test” is used as the name of Class Index #1. Vigor2710 Series User’s Guide...
Page 134 By the way, you can set up to 20 rules for one Class. If you want to edit an existed rule, please select the radio button of that one and click Edit to open the rule edit page for modification. Vigor2710 Series User’s Guide...
Page 135 To add a new service type, edit or delete an existed service type, please click the Edit link under Service Type field. After you click the Edit link, you will see the following page. Vigor2710 Series User’s Guide...
Page 136 Range as the type. By the way, you can set up to 40 service types. If you want to edit/delete an existed service type, please select the radio button of that one and click Edit/Edit for modification. Vigor2710 Series User’s Guide...
Page 137: Applications
Enable Dynamic DNS Setup Check this box to enable DDNS function. Index Click the number below Index to access into the setting page of DDNS setup to set account(s). Domain Name Display the domain name that you set on the setting page of DDNS setup. Vigor2710 Series User’s Guide...
Page 138 Delete a Dynamic DNS Account In the DDNS setup menu, click the Index number you want to delete and then push Clear All button to delete the account. Vigor2710 Series User’s Guide...
Page 139: Schedule
You can set up to 15 schedules. Then you can apply them to your Internet Access or VPN and Remote Access >> LAN-to-LAN settings. To add a schedule, please click any index, say Index No. 1. The detailed settings of the call schedule with index 1 are shown below. Vigor2710 Series User’s Guide...
Page 140: Radius
Remote Authentication Dial-In User Service (RADIUS) is a security authentication client/server protocol that supports authentication, authorization and accounting, which is widely used by Internet service providers. It is the most common method of authenticating and authorizing dial-up and tunneled network users. Vigor2710 Series User’s Guide...
Page 141 The RADIUS server and client share a secret that is used to authenticate the messages sent between them. Both sides must be configured to use the same shared secret. Confirm Shared Secret Re-type the Shared Secret for confirmation. Vigor2710 Series User’s Guide...
Page 142: Upnp
NAT router. The application will also learn the external IP address and configure port mappings on the router. Subsequently, such a facility forwards packets from the external ports of the router to the internal ports used by the application. Vigor2710 Series User’s Guide...
Page 143 Non-privileged users can control some router functions, including removing and adding port mappings. The UPnP function dynamically adds port mappings on behalf of some UPnP-aware applications. When the applications terminate abnormally, these mappings may not be removed. Vigor2710 Series User’s Guide...
Page 144: Igmp
PC on this web page of Wake on LAN of this router. In addition, such PC must have installed a network card supporting WOL function. By the way, WOL function must be set as “Enable” on the BIOS setting. Vigor2710 Series User’s Guide...
Page 145 MAC Address Type any one of the MAC address of the binded PCs. Wake Up Click this button to wake up the selected IP. See the following figure. The result will be shown on the box. Vigor2710 Series User’s Guide...
Page 146: Vpn And Remote Access
LAN, you should disable the VPN service of Vigor Router to allow VPN tunnel pass through, as well as the appropriate NAT settings, such as DMZ or open port. This submenu only applies to PPP-related VPN connections, such as PPTP, L2TP, L2TP over IPSec. Vigor2710 Series User’s Guide...
Page 147: Ipsec General Setup
Eventually to set up a secure tunnel for IKE Phase 2. Phase 2: negotiation IPSec security methods including Authentication Header (AH) or Encapsulating Security Payload (ESP) for the following IKE exchange and mutual examination of the secure tunnel establishment. Vigor2710 Series User’s Guide...
Page 148: Ipsec Peer Identity
To use digital certificate for peer authentication in either LAN-to-LAN connection or Remote User Dial-In connection, here you may edit a table of peer certificate for selection. As shown below, the router provides 32 entries of digital certificates for peer dial-in users. Vigor2710 Series User’s Guide...
Page 149 Click each index to edit one peer digital certificate. There are three security levels of digital signature authentication: Fill each necessary field to authenticate the remote peer. The following explanation will guide you to fill all the necessary fields. Vigor2710 Series User’s Guide...
Page 150 Click to check the specific fields of digital signature to accept the peer with matching value. The field includes Country (C), State (ST), Location (L), Organization (O), Organization Unit (OU), Common Name (CN), and Email (E). Vigor2710 Series User’s Guide...
Page 151: Remote Dial-In User
Click each index to edit one remote user profile. Each Dial-In Type requires you to fill the different corresponding fields on the right. If the fields gray out, it means you may leave it untouched. The following explanation will guide you to fill all the necessary fields. Vigor2710 Series User’s Guide...
Page 152 IP address of the remote node. Pre-Shared Key - Check the box of Pre-Shared Key to invoke this function and type in the required characters (1-63) as the pre-shared key. Digital Signature (X.509) – Check the box of Digital Vigor2710 Series User’s Guide...
Page 153: Lan To Lan
Indicate the name of the LAN-to-LAN profile. The symbol ??? represents that the profile is empty. Status Indicate the status of individual profiles. The symbol V and X represent the profile to be active and inactive, respectively. Vigor2710 Series User’s Guide...
Page 154 Always On or Idle Timeout Always On-Check to enable router always keep VPN connection. Idle Timeout: The default value is 300 seconds. If the connection has been idled over the value, the router will drop the connection. Vigor2710 Series User’s Guide...
Page 155 IKE Authentication This group of fields is applicable for IPSec Tunnels and L2TP Method with IPSec Policy. Pre-Shared Key - Input 1-63 characters as pre-shared key. Digital Signature (X.509) - Select one predefined Profiles set Vigor2710 Series User’s Guide...
Page 156 IKE phase 2 proposal-To propose the local available algorithms to the VPN peers, and get its feedback to find a match. Three combinations are available for both modes. We suggest you select the combination that covers the most Vigor2710 Series User’s Guide...
Page 157 Internet. You can select to use L2TP alone or with IPSec. Select from below: None - Do not apply the IPSec policy. Accordingly, the VPN connection employed the L2TP without IPSec policy can be viewed as one pure L2TP connection. Vigor2710 Series User’s Guide...
Page 158 PPTP or L2TP. Remote Gateway IP This field is only applicable when you select PPTP or L2TP with or without IPSec policy above. The default value is 0.0.0.0, which means the Vigor router will get a remote Vigor2710 Series User’s Guide...
Page 159 From first subnet to IP, please choose NAT, otherwise choose Route. remote network, you have to do Change default route to Check this box to change the default route with this VPN this VPN tunnel tunnel. Vigor2710 Series User’s Guide...
Page 160: Connection Management
Tool and clicking Dial button. Dial Click this button to execute dial out function. Refresh Seconds Choose the time for refresh the dial information among 5, 10, and 30. Refresh Click this button to refresh the whole connection status. Vigor2710 Series User’s Guide...
Page 161: Certificate Management
Remember to adjust the time of Vigor router before using the certificate so that you can get the correct valid period of certificate. Below shows the menu items for Certificate Management. Generate Click this button to open Generate Certificate Request window. Vigor2710 Series User’s Guide...
Page 162 Refresh Click this button to refresh the information listed below. View Click this button to view the detailed settings for certificate request. After clicking Generate, the generated information will be displayed on the window below: Vigor2710 Series User’s Guide...
Page 163: Trusted Ca Certificate
For viewing each trusted CA certificate, click View to open the certificate detail information window. If you want to delete a CA certificate, choose the one and click Delete to remove all the certificate information. Vigor2710 Series User’s Guide...
Page 164: Certificate Backup
Access Point (AP) connecting to lots of wireless clients or Stations (STA). All the STAs will share the same Internet connection via Vigor wireless router. The General Settings will set up the information of this wireless network, including its SSID as identification, located channel etc. Vigor2710 Series User’s Guide...
Page 165 For a more flexible deployment, you may add filters of MAC addresses to isolate users’ access from wired LAN. Manage Wireless Stations - Station List will display all the station in your wireless network and the status of their connection. Vigor2710 Series User’s Guide...
Page 166: General Setup
Enable Wireless LAN Check the box to enable wireless function. Mode At present, the router can connect to Mixed (11b+11g), 11g Only, 11b Only, Mixed (11g+11n), 11n Only and Mixed (11b+11g+11n) stations simultaneously. Simply choose Mix (11b+11g+11n) mode. Vigor2710 Series User’s Guide...
Page 167 SSID Means the identification of the wireless LAN. SSID can be any text numbers or various special characters. The default SSID is "Draytek. We suggest you to change it. LAN – Check this box to make the wireless clients Isolate (stations) with the same SSID cannot access wired PCs on LAN.
Page 168 Enable for TxBURST on the tab of Option). Rate Control It controls the data transmission rate through wireless connection. Upload – Check Enable and type the transmitting rate for data upload. Default value is 30,000 kbps. Vigor2710 Series User’s Guide...
Page 169: Security
PSK. The WPA encrypts each frame transmitted from the radio using the key, which either PSK (Pre-Shared Key) entered manually in this field below or automatically negotiated via 802.1x authentication. Either 8~63 ASCII Vigor2710 Series User’s Guide...
Page 170: Access Control
MAC addresses to control their access rights. Enable Max Access Filter Select to enable the MAC Address filter for wireless LAN identified with SSID 1 to 4 respectively. All the clients (expressed by MAC addresses) listed in the box Vigor2710 Series User’s Guide...
Page 171: Wps
Start PBC button or using PIN Code. On the side of Vigor 2710 series which served as an AP, press WPS button once on the front panel of the router or click Start PBC on web configuration interface. On the side Vigor2710 Series User’s Guide...
Page 172 For WPS is supported in WPA-PSK or WPA2-PSK mode, if you do not choose such mode in Wireless LAN>>Security, you will see the following message box. Please click OK and go back Wireless LAN>>Security to choose WPA-PSK or WPA2-PSK mode and access WPS again. Below shows Wireless LAN>>WPS web page. Vigor2710 Series User’s Guide...
Page 173: Wds
Provide bridge traffic between two LANs through the air. Extend the coverage range of a WLAN. To meet the above requirement, two WDS modes are implemented in Vigor router. One is Bridge, the other is Repeater. Below shows the function of WDS-bridge interface: Vigor2710 Series User’s Guide...
Page 174 In the following examples, hosts connected to Bridge 1 or 3 can communicate with hosts connected to Bridge 2 through WDS links. However, hosts connected to Bridge 1 CANNOT communicate with hosts connected to Bridge 3 through Bridge 2. Vigor2710 Series User’s Guide...
Page 175 Click WDS from Wireless LAN menu. The following page will be shown. Mode Choose the mode for WDS setting. Disable mode will not invoke any WDS setting. Bridge mode is designed to fulfill the first type of application. Repeater mode is for the second Vigor2710 Series User’s Guide...
Page 176: Ap Discovery
This page is used to scan the existence of the APs on the wireless LAN. Yet, only the AP which is in the same channel of this router can be found. Please click Scan to discover all the connected APs. Vigor2710 Series User’s Guide...
Page 177: Station List
Station List provides the knowledge of connecting wireless clients now along with its status code. There is a code summary below for explanation. For convenient Access Control, you can select a WLAN station and click Add to Access Control below. Vigor2710 Series User’s Guide...
Page 178 Refresh Click this button to refresh the status of station list. Click this button to add current typed MAC address into Access Control. Vigor2710 Series User’s Guide...
Page 179: System Status
Display the ADSL firmware version. LAN------- MAC Address Display the MAC address of the LAN Interface. IP Address Display the IP address of the LAN interface. Subnet Mask Display the subnet mask address of the LAN interface. Vigor2710 Series User’s Guide...
Page 180: Tr-069
WLAN miniPCi. SSID Display the SSID of the router. This device supports TR-069 standard. It is very convenient for an administrator to manage a Auto Configuration Server, e.g., TR-069 device through an VigorACS. Vigor2710 Series User’s Guide...
Page 181: Administrator Password
When you click OK, the login window will appear. Please use the new password to access into the web configurator again. Follow the steps below to backup your configuration. Go to System Maintenance >> Configuration Backup. The following windows will be popped-up, as shown below. Vigor2710 Series User’s Guide...
Page 182 The above example is using Windows platform for demonstrating examples. The Mac or Linux platform will appear different windows, but the backup function is still available. Note: Backup for Certification must be done independently. The Configuration Backup does not include information of Certificate. Vigor2710 Series User’s Guide...
Page 183: Syslog/Mail Alert
Enable syslog message Check the box listed on this web page to send the corresponding message of firewall, VPN, User Access, Call, WAN, Router/DSL information to Syslog. Enable (Alert Setup…) Check “Enable” to activate function of mail alert. Vigor2710 Series User’s Guide...
Page 184 From the Syslog screen, select the router you want to monitor. Be reminded that in Network Information, select the network adapter used to connect to the router. Otherwise, you won’t succeed in retrieving information from the router. Vigor2710 Series User’s Guide...
Page 185: Time And Date
Type the IP address of the time server. Time Zone Select the time zone where the router is located. Automatically Update Interval Select a time interval for updating from the NTP server. Click OK to save these settings. Vigor2710 Series User’s Guide...
Page 186: Management
Check it to enable this function. Get Community Set the name for getting community by typing a proper character. The default setting is public. Set Community Set community by typing a proper name. The default setting is private. Vigor2710 Series User’s Guide...
Page 187: Reboot System
Note: When the system pops up Reboot System web page after you configure web settings, please click OK to reboot your router for ensuring normal operation and preventing unexpect errors of the router in the future. Vigor2710 Series User’s Guide...
Page 188: Firmware Upgrade
Note that this example is running over Windows OS (Operating System). Download the newest firmware from DrayTek's web site or FTP site. The DrayTek web site is www.draytek.com (or local DrayTek's web site) and FTP site is ftp.draytek.com.
Page 189: Dial-Out Trigger
(e.g., PPPoE, PPPoA, etc) is triggered by a package sending from the source IP address. Decoded Format It shows the source IP address (local), destination IP (remote) address, the protocol and length of the package. Refresh Click it to reload the page. Vigor2710 Series User’s Guide...
Page 190: Routing Table
Resolution Protocol) cache held in the router. The table shows a mapping between an Ethernet hardware address (MAC Address) and an IP address. Refresh Click it to reload the page. Clear Click it to clear the whole table. Vigor2710 Series User’s Guide...
Page 191: Dhcp Table
Click Diagnostics and click NAT Sessions Table to open the list page. Private IP:Port It indicates the source IP address and port of local PC. #Pseudo Port It indicates the temporary port of the router used for NAT. Vigor2710 Series User’s Guide...
Page 192: Data Flow Monitor
Display the IP address of the monitored device. TX rate (kbps) Display the transmission speed of the monitored device. RX rate (kbps) Display the receiving speed of the monitored device. Sessions Display the session number that you specified in Limit Session web page. Vigor2710 Series User’s Guide...
Page 193: Traffic Graph
The remaining time will be shown on the session column. Click Diagnostics and click Traffic Graph to pen the web page. Choose WAN1 Bandwidth, Sessions, daily or weekly for viewing different traffic graph. Click Refresh to renew the graph at any time. Vigor2710 Series User’s Guide...
Page 194: Ping Diagnosis
Type in the IP address of the Host/IP that you want to ping. Click this button to start the ping work. The result will be displayed on the screen. Clear Click this link to remove the result on the window. Vigor2710 Series User’s Guide...
Page 195: Trace Route
Use the drop down list to choose the interface that you want to ping through. Host/IP Address It indicates the IP address of the host. Click this button to start route tracing work. Clear Click this link to remove the result on the window. Vigor2710 Series User’s Guide...
Page 196: Application And Examples
For using PPP based services, such as PPTP, L2TP, you have to set general settings in PPP General Setup. For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IPSec General Setup, such as the pre-shared key that both parties have known. Vigor2710 Series User’s Guide...
Page 197 If an IPSec-based service is selected, you should further specify the remote peer IP Address, IKE Authentication Method and IPSec Security Method for this Dial-Out connection. If a PPP-based service is selected, you should further specify the remote peer IP Vigor2710 Series User’s Guide...
Page 198 Otherwise, it will apply the settings defined in IPSec General Setup above. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Compression for this Dial-In connection. Vigor2710 Series User’s Guide...
Page 199 PPP General Setup. For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IPSec General Setup, such as the pre-shared key that both parties have known. Vigor2710 Series User’s Guide...
Page 200 Set Dial-Out Settings as shown below to dial to connect to Router B aggressively with the selected Dial-Out method. If an IPSec-based service is selected, you should further specify the remote peer IP Address, IKE Authentication Method and IPSec Security Method for this Dial-Out connection. Vigor2710 Series User’s Guide...
Page 201 If an IPSec-based service is selected, you may further specify the remote peer IP Address, IKE Authentication Method and IPSec Security Method for this Dial-In connection. Otherwise, it will apply the settings defined in IPSec General Setup above. Vigor2710 Series User’s Guide...
Page 202 Address, Username, Password, and VJ Compression for this Dial-In connection. At last, set the remote network IP/subnet in TCP/IP Network Settings so that Router B can direct the packets destined to the remote network to Router A via the VPN connection. Vigor2710 Series User’s Guide...
Page 203: Create A Remote Dial-In User Connection Between The Teleworker And Headquarter
PPP General Setup. For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to set general settings in IKE/IPSec General Setup, such as the pre-shared key that both parties have known. Vigor2710 Series User’s Guide...
Page 204 Otherwise, it will apply the settings defined in IPSec General Setup above. If a PPP-based service is selected, you should further specify the remote peer IP Address, Username, Password, and VJ Compression for this Dial-In connection. Vigor2710 Series User’s Guide...
Page 205 For Win2000/XP, please use "Network and Dial-up connections" or “Smart VPN Client”, complimentary software to help you create PPTP, L2TP, and L2TP over IPSec tunnel. You can find it in CD-ROM in the package or go to www.draytek.com download center. Install as instructed.
Page 206 VPN router. To use default gateway on remote network means that all the packets of remote host will be directed to VPN server then forwarded to Internet. This will make the remote host seem to be working in the enterprise network. Vigor2710 Series User’s Guide...
Page 207: Qos Setting Example
Meanwhile, children may chat on Skype in the restroom. Go to Bandwidth Management>>Quality of Service. Click Setup link of WAN. Make sure the QoS Control on the left corner is checked. And select BOTH in Direction. Vigor2710 Series User’s Guide...
Page 208 Return to previous page. Enter the Name of Index Class 1 by clicking Edit link. Type the name “E-mail” for Class 1. For this index, the user will set reserved bandwidth (e.g., 25%) for E-mail using protocol POP3 and SMTP. Vigor2710 Series User’s Guide...
Page 209 If the worker has connected to the headquarter using host to host VPN tunnel. (Please refer to Chapter 3 VPN for detail instruction), he may set up an index for it. Enter the Class Name of Index 3. In this index, he will set reserved bandwidth for 1 VPN tunnel. Vigor2710 Series User’s Guide...
Page 210 Click Edit to open the following window. Check the ACT box, first. 10. Then click Edit of Local Address to set a worker’s subnet address. Click Edit of Remote Address to set headquarter’s IP address. Leave other fields and click OK. Vigor2710 Series User’s Guide...
Page 211: Lan - Created By Using Nat
You can just set the settings wrapped inside the red rectangles to fit the request of NAT usage. To use another DHCP server in the network rather than the built-in one of Vigor Router, you have to change the settings as show below. Vigor2710 Series User’s Guide...
Page 212: Upgrade Firmware For Your Router
Before upgrading your router firmware, you need to install the Router Tools. The Firmware Upgrade Utility is included in the tools. 1. Insert CD of the router to your CD ROM. 2. From the webpage, please find out Utility menu and click it. Vigor2710 Series User’s Guide...
Page 213 4. The file RTSxxx.exe will be asked to copy onto your computer. Remember the place of storing the execution file. 5. Go to www.draytek.com to find out the newly update firmware for your router. 6. Access into Support Center >> Downloads. Find out the model name of the router and click the firmware link.
Page 214 (keep the old custom settings) and xxxx.rst (reset all the custom settings to default settings). Choose any one of them that you need. 14. Click Send. 15. Now the firmware update is finished. Vigor2710 Series User’s Guide...
Page 215: Request A Certificate From A Ca Server On Windows Ca Server
Go to Certificate Management and choose Local Certificate. Vigor2710 Series User’s Guide...
Page 216 Copy and save the X509 Local Certificate Requet as a text file and save it for later use. Connect to CA server via web browser. Follow the instruction to submit the request. Below we take a Windows 2000 CA server for example. Select Request a Certificate. Vigor2710 Series User’s Guide...
Page 217 64 encoded certificate and Download CA certificate. Now you should get a certificate (.cer file) and save it. Back to Vigor router, go to Local Certificate. Click IMPORT button and browse the file to import the certificate (.cer file) into Vigor router. When finished, click refresh Vigor2710 Series User’s Guide...
Page 218 “------BEGINE CERTIFICATE------..” You may review the detail information of the certificate by clicking View button. Vigor2710 Series User’s Guide...
Page 219: Request A Ca Certificate And Set As Trusted On Windows Ca Server
Use web browser connecting to the CA server that you would like to retrieve its CA certificate. Click Retrive the CA certificate or certificate recoring list. Vigor2710 Series User’s Guide...
Page 220 You may review the detail information of the certificate by clicking View button. Note: Before setting certificate configuration, please go to System Maintenance >> Time and Date to reset current time of the router first. Vigor2710 Series User’s Guide...
Page 221: Trouble Shooting
Turn on the router. Make sure the ACT LED blink once per second and the correspondent LAN LED is bright. If not, it means that there is something wrong with the hardware status. Simply back to “1.3 Hardware Installation” to execute the hardware installation again. And then, try again. Vigor2710 Series User’s Guide...
Page 222 Go to Control Panel and then double-click on Network Connections. Right-click on Local Area Connection and click on Properties. Select Internet Protocol (TCP/IP) and then click Properties. Vigor2710 Series User’s Guide...
Page 223 Select Obtain an IP address automatically and Obtain DNS server address automatically. Double click on the current used MacOs on the desktop. Open the Application folder and get into Network. On the Network screen, select Using DHCP from the drop down list of Configure IPv4. Vigor2710 Series User’s Guide...
Page 224 Open the Application folder and get into Utilities. Double click Terminal. The Terminal window will appear. Type ping 192.168.1.1 and press [Enter]. It the link is OK, the line of “64 bytes from 192.168.1.1: icmp_seq=0 ttl=255 time=xxxx ms” will appear. Vigor2710 Series User’s Guide...
Page 225 Click Internet Access group and then check whether the ISP settings are set correctly. Check if the Enable option is selected. Check if Username and Password are entered with correct values that you got from your ISP. Vigor2710 Series User’s Guide...
Page 226 Go to System Maintenance and choose Reboot System on the web page. The following screen will appear. Choose Using factory default configuration and click OK. After few seconds, the router will return all the settings to the factory settings. Vigor2710 Series User’s Guide...
Page 227: Contacting Your Dealer
After restore the factory default setting, you can configure the settings for the router again to fit your personal request. If the router still cannot work correctly after trying many efforts, please contact your dealer for further help right away. For any questions, please feel free to send e-mail to support@draytek.com. Vigor2710 Series User’s Guide...

This manual is also suitable for:

Vigor2710n Vigor2710vn

Draytek Vigor2710 Series User Manual

Preface

Configuring Basic Settings

User Mode Operation

Admin Mode Operation

Application and Examples

Trouble Shooting

Quick Links

Related Manuals for Draytek Vigor2710 Series

Summary of Contents for Draytek Vigor2710 Series

This manual is also suitable for:

Table of Contents