User manual | DrayTek Vigor2910 Series Ro

Add to my manuals
5 Pages

advertisement

User manual | DrayTek Vigor2910 Series Ro | Manualzz

Vigor 2910VG Series Router

Firewall

Broadband Router & Firewall

3G (Cellular) Modem support

(Firmware Upgradable)

Content Filtering (by matched keyword or data type)

SurfControl Web Site Category Filtering

Ethernet Virtual LAN segmentation (common/distinct)

Configurable QoS Features (For traffic prioritisation)

VPN Dial-in/dial-out (up to 16 tunnels)

802.11g Wireless LAN ('G' Model only)

Selectable Secondary WAN Port for backup

Twin Voice-over-IP Phone Ports ('V' model only)

USB Port for Printer sharing or 3G Modem connection

Highly configurable but easy to install and monitor

Overview

Vigor 2910 VG Router Firewall

The Vigor 2910 VG is a router firewall which provides a great balance of security, VPN, routing and optional VoIP/Wireless facilities. Content filtering helps protect against inappropriate web usage or time wasting using either keyword matching or Surfcontrol web site categorisation (Subject to subscription).

Optional 3G Cellular data increases the product's flexibility too, allowing you to make use of cellular networks for broadband-like HSDPA networks without needing a fixed line. This can be used for backup or your primary Internet feed. Alternatively, a switchable Ethernet port can be used as a secondary WAN port to a second broadband connection, for example.

The Vigor 2910VG model provides 802.11g connectivity for your laptops or other wirelessly connected PCs.

The Vigor 2910 supports several independent levels of wireless security to protect your data. In addition,

WDS mode can be used to provide repeating or bridging to a secondary router to increase wireless coverage or set up a secondary remote site (within range) where cables cannot be practically run.

The Vigor 2910's VPN facilities provide up to 16 simultaneous tunnels. These tunnels can be encrypted and authenticated with ind ustry standard methods, making your data secure as it passes over the public

Internet. VPNs are ideal for both remote office linking and teleworker connections to access branch or head office resources.

3G

3G Cellular Data Features

The Vigor 2910's USB port can host a compatible 3G modem or cellphone for access to the cellular network for full Internet Access. Most UK networks now provide high speed HSDPA data connections at up to 3.6Mb/s download speed. The 3G connection can be used as your primary/only Internet access, or as backup to your main ADSL line connection. This is not only ideal for homes or offices which don't want to pay fixed line + broadband rental, but also for temporary locations, or those to where fixed lines aren't available.

With the Wireless LAN of the Vigor 2910VG your local users can be connected wirelessly to the router, so instant free 'hotspots' can be deployed quickly and easily. Mains power is required for the router's PSU, but this could be from a mobile generator or equivalent so you need to plan for this.

Page 1 of 5 ©2008 SEG. Reproduction prohibited without written permission. 11.06.09

Supported Modems / Phones

Huawei E220 (As used by Vodafone, T-Mobile, 3)

Huawei E270

Huawei E172

Option Globesurfer iCon 7.2 (not '225' or '7.2s)

Nokia N70

Nokia N95

Nokia 6233

Nokia N95

Telstra HSDPA USB Modem

4G System XSPlug P3

Zapp Telemodem Z020

Option Globesurfer iCON

4G System XSPlug P3

ZTE AC8700 3G

Benq EF91

LG U8380

Telstra Next G 3G USB

ZTE AC8700

Additional Modem Support is added continuously or you can request specific models .

A USB connection cable is required for your phone (not supplied).

The Vigor 2910 and 3G cellular modem setup is ideal for:

Backup to your primary Internet feed (ADSL, cable etc.)

Providing lower cost broadband than a fixed line solution

Areas without fixed line broadband access

Compatible with a wide range of 3G modems/phones

Temporary Locations

Mobile Homes

Locations on the move - coaches, trains

Fairgrounds & temporary exhibitions

Outdoor locations (the router and modem itself must be indoors!)

Disaster Planning & High Availability

WLAN

Wireless LAN Features

The Vigor 2910 VG with built-in Wireless LAN allow you to use your wireless equipped computers or laptops wirelessly, without needing a cable back to the router; this provides convenience and mobility in your home or office. By adding an additional Vigor 2700 wireless model, you can expand the wireless range using WDS

(in repeater mode) and for increasing range potential, DrayTek have a range of directional aerials (see

'accessories').

Page 2 of 5 ©2008 SEG. Reproduction prohibited without written permission.

11.06.09

802.11b & 802.11g Compatibility

802.11g Super-G Wireless LAN (Total bandwidth up to 108Mb/s)

WEP & WPA Wireless Encryption

WDS - Wireless Distribution System for expanding wireless networks

Optional Higher-Gain Aerials

Wireless Security Features :

WEP, WPA and WPA2 Wireless Security & Encryption

WLAN Isolation - Isolate WLAN from wired LAN

SSID Stealthing

Restricted access list for clients (by MAC address)

Time Scheduling (WLAN can be disabled at certain times of day)

802.1x User Authentication (via Radius Server, EAP-TLS Mode)

VoIP

Voice over IP

The Vigor2910 VG provides twin phone ports for VoIP (Voice-over-IP). VoIP enables you to use your existing broadband capacity to carry regular voice calls to suitably equipped remote sites, for example another Vigor VoIP enabled router or to any other compatible hardware/software products, worldwide. The

Vigor2910 VG supports the industry standard 'SIP' system for compatibility with other vendors' produdcts.

The calls between the two sites in the example above are, of course, free of charge because they are making use of your existing always-on ADSL connection, but cost isn't the only advantage; using VOIP means that you have additional call capacity in your home or office, without tying up your regular phone line. Using a

VoIP-PSTN gateway service, such as DrayTEL you can also fully integrate with the PSTN, making and receiving calls to and from any regular phone number, worldwide.

2nd WAN

Secondary WAN Port

The primary 'WAN' interface (the connection to the outside world) is 10/100BaseT Ethernet. This can connect to any Ethernet based router IP or

Internet feed which might typically be fed via

Leased Line, cable modem, ADSL, Satellite system

- anything which is then terminated in Ethernet.

In addition, one of the LAN Ethernet ports can be selected as a secondary WAN (Internet) Interface.

The second interface can be used as the primary interface, backup failover for the primary WAN port, load balancing or just for increased total bandwidth. This allows you to use two Internet feeds simulataneously to provide higher total capacity, or rule-based routing over two feeds

(load balancing). If you do not have a second

WAN feed, you can use the 2nd WAN port as a regular LAN port instead.

Page 3 of 5 ©2008 SEG. Reproduction prohibited without written permission.

11.06.09

Specification

Vigor 2910 Router Specification

Combination Ethernet router, VPN Device, Firewall and Load-Balancer

Primary Ethernet WAN Interface

Selectable secondary WAN Interface

Load Balancing across both WAN ports with automatic or user-defined policies

WAN Backup using secondary WAN in case of primary WAN failure

Four-Port 10/100BaseT autosensing Ethernet interface with manual speed over-ride (one port switchable to WAN2 port)

Printer Port - built-in USB port compatible with most standard printers and any Windows 98SE, 2000 or XP client PC.

Internet Firewall facilities featuring :

Automatic Keep-state facility for tracking packets and denying unsolicitied incoming data

Selectable DoS/DDoS protection

IP Address anti-spoofing

User-configurable packet-filtering

NAT/PAT for Automatic LAN/WAN Mapping and Security

NAT Port Redirection with automatic internal ranging

NAT Port Forwarding (Up to 200 IP ports)

QoS (Quality of Service) assurance with 8 selectable levels & Diffserv support

Internet Content Filtering:

URL Keyword Filtering - Whitelist or Blacklist specific sites or keywords in URLs

Surfcontrol Support - Block Web sites by category (subject to subscription)

Prevent accessing of web sites by using their direct IP address (thus URLs only)

Blocking automatic download of Java applets and ActiveX controls

Blocking of web site cookies

Block http downloads of file types :

Binary Executable : .EXE / .COM / .BAT / .SCR / .PIF

Compressed : .ZIP / .SIT / .ARC / .CAB/. ARJ / .RAR

Multimedia : .MOV / .MP3 / .MPEG / .MPG / .WMV / .WAV / .RAM / .RA / .RM / .AVI / .AU

Time Schedules for enabling/disabling these restrictions

Block P2P (Peer-to-Peer) file sharing programs (e.g. Kazza, WinMX etc. )

Block Instant Messaging programs (e.g. IRC, MSN/Yahoo Messenger)

VPN facilities :

High performance VPN supports up to 32 simultaneous VPN tunnels.

Dial-in or dial-out, LAN-to-LAN or Teleworker-to-LAN

Protocol support for PPTP, L2TP, IPSec

MD-5 & SHA-1 Authentication

Encryption : MPPE, DES/3DES & AES

Hardware Co-processor for VPN Encryption

PFS (Perfect Forward Secrecy) - Adds additional key protection

Pre-shared/IKE keying & PKI (X.509) certificate support

IKE Phase 1 Agressive/Standard Modes & Phase 2 Selectable lifetimes

Radius Support for dial-in teleworker profiles

Compatible with other leading 3rd party vendor VPN devices

Page 4 of 5 ©2008 SEG. Reproduction prohibited without written permission.

11.06.09

VoIP Facilities

Voice calls carried over existing ADSL connection

Two VOIP ports (RJ11 to BT type sockets)

Automatic QoS Assurance for Voice-over-IP Calls - VoIP given highest priority

SIP Standard Compliant

VoIP Codecs : 8Kb/s-64Kb/s

Registration with multiple SIP Registrars at the same time

Distinctive Ring for incoming calls on different accounts

Automatically select different SIP providers depending on destination called - New!

Manually select SIP provider for outgoing calls by user-defined prefix - New!

Hotline Facility - connects to a fixed destination when you lift the handset - New!

Do Not Disturb - Phones can be set to not ring according to a time schedule (e.g. at night) -

New!

Speed Dial (Phone Book) for quick dialling

Caller ID on phone ports (UK Standard Compliant)

Integration with the PSTN via ITSP (e.g. DrayTel) enabling you to make/recieve calls from regular phone lines

Connect any standard analogue phone into the phone ports

UK Standard Call progress Tones (Ring, Busy cadence etc.)

Adjustable Gain (volume) for voice tx/rx

Log of incoming/outgoing calls & realtime Status reporting

DTMF Transmission : In-Band, Out-of-Band (RFC2833), SIP Info

Low latency queuing (LLQ), Random Early Detection

G.168 Line Electrical Echo cancellation & Jitter Buffer (125 ms)

Support for VoIP through VPN tunnels

Built-in Call Handling (PBX) Facilities:

Intercom (call) between local voice/phone ports - New!

SIP Compliant Call Diversion (Forwarding) - Always, Busy or No-Answer

DND (Do Not Disturb) with automatic time schedule - New!

Call Waiting - New!

Call Transfer - New!

T.38 Fax Facilities

Outbound NAT Proxy / STUN Server Support

Wireless Features :

802.11g Super-G Wireless LAN (Total bandwidth up to 108Mb/s)

Twin gain aerials provide diversity and optimum coverage

Optional Higher-Gain Aerials

Backward compatible with 802.11b (11Mb/s) and regular 802.11g (54Mb/s) standards

Wireless Security Features :

WEP, WPA and WPA2 Wireless Security & Encryption - New!

WLAN Isolation - Isolate WLAN from wired LAN - New!

SSID Stealthing

Restricted access list for clients (by MAC address)

Time Scheduling (WLAN can be disabled at certain times of day)

802.1x User Authentication (via Radius Server, EAP-TLS Mode)

Optional Username/Password Required for Wireless Users

WDS (Wireless Distribution system) for WLAN Bridging and Repeating

Wireless Client Rate control - New!

Wireless VLAN - Set inclusive/Exclusive wireless groups - New!

Active Client list in Web Interface

Dynamic DNS Posting, compatible with popular services

DHCP Server facility with pre-settable allocations and alien lock-out

Support for non-NAT public subnets (multiple public IP addresses)

LAN Side IP address range and built-in DHCP server/relay is fully configurable

RIP & Static Routing configurable

Diagnostic Facilities:

SNMP Reporting/Monitoring - compatible with industry standard tools

Comprehansive Syslog logging/monitoring (DrayTek Syslog tool supplied)

Ping & TraceRoute from WUI - New!

Real Time Data Flow Monitor, with instant block (cut of any user immediately!) - New!

VPN Passthrough for VPN client/server running behind the router

Page 5 of 5 ©2008 SEG. Reproduction prohibited without written permission.

11.06.09

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

Download PDF

advertisement