Draytek Vigor 2820/2830 Configuration. A guide for Exa Resellers and IT Contractors



Similar documents
DSL-G604T Install Guides

Wireless G Broadband quick install

PPTP Server Access Through The

Multi-Homing Dual WAN Firewall Router

Half Bridge mode }These options are all found under Misc Configuration

Firewall VPN Router. Quick Installation Guide M73-APO09-380

How to configure your Thomson SpeedTouch 780WL for ADSL2+

Quick Installation Guide DSL-2750U/NRU. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch

Quick Installation Guide DAP Wireless N 300 Access Point & Router

Multi-Homing Security Gateway

BROADBAND INTERNET ROUTER USER S MANUAL. Version Page 1 of 13 -

Firmware Release Notes

Setting up D-Link VPN Client to VPN Routers

STATIC IP SET UP GUIDE VERIZON 7500 WIRELESS ROUTER/MODEM

Full Install Setup Guide Actiontec F2250 Gateway

Quick Installation Guide DSL-2750U. 3G/ADSL/Ethernet Router with Wi-Fi and Built-in Switch

1. Hardware Installation

Configuring Static IP for your Pace Devices

Please use only wired network connections to configure the Router.

Prestige 623R-T. Quick Start Guide. ADSL Dual-link Router. Version 3.40

Front LEDs... 2 Rear Ports... 3 BASIC INSTALLATION... 4 Connecting Your Router... 5 Network Configuration... 6

Comtrend 1 Port Router Installation Guide CT-5072T

Chapter 6 Using Network Monitoring Tools

Initial Access and Basic IPv4 Internet Configuration

Using SonicWALL NetExtender to Access FTP Servers

Best Practices: Pass-Through w/bypass (Bridge Mode)

Broadband Phone Gateway BPG510 Technical Users Guide

Chapter 3 Connecting the Router to the Internet

AP6511 First Time Configuration Procedure

DSL-2600U. User Manual V 1.0

P-660R-TxC Series. ADSL2+ Access Router. Quick Start Guide

UIP1868P User Interface Guide

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

Quick Installation Guide DIR-620. Multifunction Wireless Router Supporting GSM, CDMA, WiMAX with Built-in 4-port Switch

Broadband Router ALL1294B

Chapter 3 LAN Configuration

ADSL2+ Service Gateway

DSL-G604T Wireless ADSL Router

Chapter 3 Security and Firewall Protection

Quick Installation Guide

Chapter 1 Configuring Basic Connectivity

How to Configure a DIR-120 Broadband Router

Configuring a BEC 7800TN Wireless ADSL Modem

Chapter 6 Using Network Monitoring Tools

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0

V310 Support Note Version 1.0 November, 2011

Overview. Introduction

Please use only wired network connections to configure the router.

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

Chapter 7 Troubleshooting

Setting up VPN connection: DI-824VUP+ with Windows PPTP client

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Prestige 650R-31/33 Read Me First

Overview of WebMux Load Balancer and Live Communications Server 2005

Chapter 1 Connecting Your Router to the Internet

ADSL MODEM. User Manual V1.0

Document No. FO1001 Issue Date: Draft: Work Group: FibreOP Technical Team October 1, 2013 Final:

User Manual. Page 2 of 38

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

Building Networks For People. DIR-100 Ethernet Broadband Router User Manual

Chapter 9 Monitoring System Performance

Broadband Router ESG-103. User s Guide

TW100-BRV204 VPN Firewall Router

Quick Start Guide. RV 120W Wireless-N VPN Firewall. Cisco Small Business

Optimum Business SIP Trunk Set-up Guide

SSL-VPN 200 Getting Started Guide

DRO-210i LOAD BALANCING ROUTER. Review Package Contents

How To Set Up A Computer With A Network Connection On A Cdrom 2.5 (For A Pc) Or Ipad (For Mac) On A Pc Or Mac Or Ipa (For Pc) On An Ipad Or Ipro (

Barracuda Link Balancer

Barracuda Link Balancer Administrator s Guide

ADTRAN 3120 / 3130 Internet Configuration Guide

Chapter 1 Configuring Internet Connectivity

PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications

OfficeConnect Internet Firewall 25 Internet Firewall DMZ. QuickStart Guide (3C16770, 3C16771)

Prestige 324. Prestige 324. Intelligent Broadband Sharing Gateway. Version 3.60 January 2003 Quick Start Guide

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Comtrend 4 Port Router Installation Guide CT-5361T

Model:BL-WDR Mbps Wireless Dual Band 11AC Router

Chapter 2 Connecting the FVX538 to the Internet

Using Cisco UC320W with Windows Small Business Server

Quick Installation Guide DSL-2640U. Wireless N 150 ADSL2+ Modem Router

Actiontec GT784WN Router

Chapter 2 Preparing Your Network

P-660R-T1 v3 QUICK START GUIDE. ADSL2+ Access Router DEFAULT LOGIN DETAILS. Firmware v3.40 Edition 1, 09/2008. IP Address:

NF3ADV VoIP Setup Guide (for TPG)

Almond. Quick Setup Guide

6.40A AudioCodes Mediant 800 MSBG

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub

Steps for Basic Configuration

Internet Access Setup

Steltronic Focus. Main Desk Internet connection

Broadband ADSL2+ Modem DM111PSPv2

BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual

How To Check If Your Router Is Working Properly

DDNS Management System User Manual V1.0

DVG-2101SP VoIP Telephone Adapter

Prestige 324 Quick Start Guide. Prestige 324. Intelligent Broadband Sharing Gateway. Version V3.61(JF.0) May 2004 Quick Start Guide

P-870HN-51b n VDSL2 4-port Gateway DEFAULT LOGIN DETAILS. Firmware v1.00 Edition 1, 9/2009. IP Address:

Applies to: F1PG200ENau Belkin Analogue Telephone Adapter (ATA) Firmware release notes

Turn off all of your network devices, including your computer, Modem and the Router.

Transcription:

Draytek Vigor 2820/2830 Configuration A guide for Exa Resellers and IT Contractors

Contents About this guide...3 Vigor Router Configuration (ADSL)...4 Vigor Router Configuration (FTTC)...4 Vigor Router Configuration (3G & Failover)...4 Vigor Router Configuration (Pre-amble)...5 Vigor Router Configuration (LAN) Single LAN...5 Vigor Router Configuration (LAN) Multi-LAN...6 Vigor Router Configuration (DHCP)...7 Vigor Router Configuration (Finalisation)...7 Vigor Router Configuration - Access internal website on real world IP...8 Exa Networks Ltd 2013- -2- Revision 20131023-1

About this guide This document has been compiled from internal documentation created by the Exa Networks Ltd Technical Support and Production department. As such, though all confidential references should have been removed prior to publication, this document is solely for the use of Exa Networks employees, their resellers, the customers of the aforementioned and anyone performing IT and networking work for the aforementioned. Other use of this document is prohibited, though derivative works which do not mention Exa Networks nor any of their products may be produced if full acknowledgement is given in such works. Draytek and Vigor are registered trademarks of Draytek Corporation Exa Networks and SurfProtect are registered trademarks of Exa Networks Ltd This guide should not be treated as a substitute technical manual for Draytek hardware, merely hints and instructions. Derivative configurations of those here will, no doubt, be possible and indeed often some steps are not completely necessary. For example: The rebooting of a router is not necessary during configuration, and simply skipping to a new step or menu option after clicking an 'OK' button will suffice. Those with the inclination or technical experience may wish to consult other resources, such as the router manual (provided in PDF format on a CD supplied with the router), or the Draytek (UK) website, as well as other networking and internet connectivity resources in order to modify or improve on the information given here. Comments and suggestions for this documentation can be sent to support@exa-networks.co.uk Exa Networks Ltd 2013- -3- Revision 20131023-1

Vigor Router Configuration (ADSL) 1. Follow the instructions at Vigor Router Configuration (Pre-amble) 2. Choose the WAN connection (WAN > Internet Access) 1. Default configurations already have the drop-down against WAN1 set to PPPoE / PPPoA; If not, set this, and set WAN2 and WAN3 to none (unless this is some kind of hybrid connectivity with fail-overs). 3. Configure WAN details (WAN > Internet Access > WAN1 > Details Page) 1. Set DSL username, password and any other settings 2. Click OK and allow router to reboot again 4. Follow the instructions at Vigor Router Configuration (Finalisation) Vigor Router Configuration (FTTC) 1. Follow the instructions at Vigor Router Configuration (Pre-amble) 2. For Vigor 2820 only: Go to WAN > General Setup 1. Change the Enabled drop-down for WAN2 to Yes 2. Change the Physical Mode drop-down to Ethernet 3. Change the Enabled drop-down for WAN1 to No (unless this is some kind of hybrid connectivity with failovers, or migrating from DSL to FTTC) 3. For Vigor 2830 only: Go to WAN > Internet Access 1. Default configurations have the drop-down against WAN1 set to PPPoE / PPPoA; Unless this is some kind of hybrid connectivity with fail-overs, or migrating from DSL to FTTC, disable WAN1 by: 1. Go into the WAN1 configuration and set it to Disabled 2. Click OK and allow the router to reboot This is annoying, but sometimes the routers absolutely refuse to remember the settings from the drop-downs on the parent screen. 2. Set WAN3 to none. This is probably already set, but if not and there is to be no form of hybrid connectivity, disable WAN3 by: 1. Go into the WAN3 configuration and set it to Disabled 2. Click OK and allow the router to reboot. 3. Set WAN2 to PPPoE and enter the details page 4. Configure WAN details (WAN > Internet Access > WAN2 > Details Page) 1. Select the Enabled option 1. This is a follow on from the routers often forgetting the settings from the parent screen. 2. Set DSL username, password and any other settings 3. Click OK and allow router to reboot again 1. N.B. WAN2 connections do not use the DSL (sync) light; They use the WAN2 light! (More investigation of the WAN2 light's behaviour is needed). 5. Follow the instructions at Vigor Router Configuration (Finalisation) Vigor Router Configuration (3G & Failover) 1. Follow the instructions at Vigor Router Configuration (Pre-amble) 2. Go to WAN > Internet Access 1. Set the WAN3 dropdown to PPP 2. Select the Enabled radio option 3. Click OK 3. If this is to be a failover, go to WAN > General Setup 1. Set the Active Mode dropdown to Backup 2. Tick the WAN1 and WAN2 options for which of these is to be the failover 3. Click OK allowing the router to reboot if necessary Other failover configurations are possible, including cascade from FTTC to ADSL to 3G where necessary. There are certain difficulties with this if other configuration elsewhere on the router is set to a specific WAN interface, which may be unavoidable. Exa Networks Ltd 2013- -4- Revision 20131023-1

Vigor Router Configuration (Pre-amble)... continuing from other instructions 1. Obtain preferred internal IP details from end user technical contact: 1. What is(/are) the internal IP range(s) for the router? Up to four internal IP ranges are allowed. NB: Vigor 2830s are better multiple ranges than 2820s Caution: Unless VLAN IDs are being used, different ranges must be assigned to different physical ports on the router. 2. What is(/are) the internal subnet address(es) for the above range(s)? 3. What specific IP(s) should the router be given (for each network)? This is so that it can be the gateway for that(/those) network(s). 4. For each network, should DHCP be On or Off? If On: What should the lowest allocation address be (in that network)? How big should the IP pool be? Caution: Different LAN ports will have to be assigned to different subnets if multiple DHCP is required 5. If the connection is to be SurfProtected, there are separate LANs, and the connection owner does not have an ICAP capable proxy, is each LAN to be treated differently by SurfProtect? e.g. many schools have a Staff network and a Student network (often called Admin and Curriculum), are different rights to be granted to each network? 6. Are there any other Configuration details, such as port forwarding and firewalling? For example, when enabled - as in the finalisation - the router's remote administration runs on ports 80 and 443, and SSL VPN also runs on 443, so any internal resources running on them would require these ports to be reassigned, and for port forwarding to be configured for the services' internal IP address. HTTPS can be blocked for one network and not another 2. Connect router to network card, plug in, switch on; Use cables and power adapter from box 1. May need to set network card to DHCP to be able to talk to the router. Default IP is usually 192.168.1.1 3. Log into router. Default details are usually admin and admin or admin and no password 4. Follow the instructions at Vigor Router Configuration (LAN) Single LAN or Vigor Router Configuration (LAN) Multi- LAN depending on the necessary configuration. 5. Log into router again... return to previous instructions Vigor Router Configuration (LAN) Single LAN... continuing from other instructions Configure LAN details (LAN > General Setup) For single IP configurations: 1. Go into LAN1 or the first LAN configuration area 2. Set Internal IP + Internal Subnet + DHCP (See Vigor Router Configuration (DHCP)) with settings provided by end-user technical contact 3. Click OK and allow router to reboot... return to previous instructions Exa Networks Ltd 2013- -5- Revision 20131023-1

Vigor Router Configuration (LAN) Multi-LAN For multiple IP configurations: Vigor 2820s are not very good at this. 2830 or greater is recommended 1. Go into the VLAN Configuration (LAN > VLAN) and Enable VLANs 2. Set each port on the router to be associated with a different individual LAN a) Set the port to which you are connected to be LAN1, as they are all initially LAN1. b) e.g. you might set ports 1 and 2 to be LAN1 and ports 3 and 4 to be LAN2. c) Don't tick the specific VLAN Enable boxes unless there are known VLAN IDs from inside the end-user's network! Even though the tick-boxes allow it, running multiple ID-less VLANs over any single port can cause problems; Vigors are unpredictable when such a configuration is used and this is not recommended. This is especially true of DHCP. Multiple DHCP on one port will make the router inaccessible and it will have to be factory reset! d) These settings can be changed later 3. Go back to the main LAN screen and set the various LANs with their necessary settings as provided by the end-user technical contact - IP range, Subnet, Any DHCP (See Vigor Router Configuration (DHCP)) a) Click OK and reboot as necessary 4. Return to the VLAN Configuration and assign LANs to ports as necessary a) Ports can multiple ID-less VLANs, which is a nice trick, so it's possible to run all LANs on all ports, provided there's no DHCP clash. 5. If no DHCP has been assigned, manually set network card to be able to connect to the router using the (or one of) the IP range(s) associated with the port you are connected to on the router. 6. If the different subnets are to be treated differently by the outside world, i.e. they are to appear to come from different real-world IPs: a) This is necessary for one of the possible non-icap SurfProtect configurations b) N.B. This only works for Vigor2830s with June 2011 firmware or greater. Older 2830s will need to be updated. c) Log into the router again d) Go to (WAN >> Internet Access) e) Select the WAN configuration for whichever connectivity is being used (WAN1 for ADSL, WAN2 for FTTC) f) Click the WAN IP Alias button g) Add as many IPs from the connectivity's real world IP pool as necessary into the pop-up Ensure each entry is enabled Ensure each entry is set to join the NAT IP Pool N.B. If the connectivity only has the one real-world IP then either new IPs will need to be obtained or alternative methods of performing the subnet identification will need to be explored. h) Click OK i) Go to (NAT >> Address Mapping) N.B.: If this menu option is not present, the router does not have the latest firmware j) Select an unused rule by index number (Repeat as necessary for all subnets that are to be uniquely identifiable by real world IP) k) Set the Protocol to ALL l) Set the WAN interface to the interface of the associated connection (WAN1 for ADSL, WAN2 for FTTC) m) Set the WAN IP to one of the IPs set in WAN IP Alias earlier. n) Set the Private IP and subnet mask to be one of (or even part of) one of the LAN ranges on the router. This ties in with placing internal equipment into a specific subnet or network for different firewalling or filtering, as mentioned elsewhere o) Tick the Enable box and click OK... return to previous instructions Exa Networks Ltd 2013- -6- Revision 20131023-1

Vigor Router Configuration (DHCP)... continuing from other instructions Configure DHCP details (LAN > General Setup) These instructions are Vigor 2830 only 1. (For each LAN for which the router is to handle DHCP) Click on the Details Page button for the LAN 2. Either (Where there is equipment with manually configured IPs as well as those with DHCP leases): 1. Set the Start IP address to be an IP in the range for which no lower IPs will be allocated by the router Recommendation: Set this IP to fall on a subnet boundary. This would allow scope for more advanced firewalling / filtering etc. The low IPs are free to be manually assigned to other equipment such as servers, priority workstations, printers, etc. 2. Set the IP pool count to the number of computers that are realistically going to be asking the router for an IP address 3. Set the gateway IP address to be the same as the router's own IP address on the LAN Other configurations are possible, but beyond the scope of this documentation 4. Click OK 3. Or (Where everything requires DHCP, but certain equipment must fall in a particular subnet of DHCP): 1. Set the Start IP address to be the base address of the IP range (usually ending.0) 2. Set the IP pool count to be as large as to encompass everything. This includes all DHCP leasers as well as anything which requires a fixed IP to be allocated by the router 3. Set the gateway IP address to be the same as the router's own IP address on the LAN 4. Click OK 5. Go to (LAN >> Bind IP to MAC) 6. Select the Strict Bind option 7. Enter the MAC address and required internal IP address for specific important equipment, such as servers, priority workstations, printers, etc. 8. Repeat as necessary for all equipment Recommendation: Try to keep the allocations within a specific subnet of the LAN's range. This will allow for easier separate firewalling / filtering for these pieces of equipment where necessary. 4. The previous two rules may be combined if necessary, but doing so is beyond the scope of this documentation.... return to previous instructions Vigor Router Configuration (Finalisation) 1. Log into router for third time 2. Configure Admin Password (System Maintenance > Administrator Password) 1. Set password to be something other than admin; Choices are: 1. The ADSL password 2. A simple password from a Password Generator 3. Something requested by the end-user (though we do not ask for this preference). 2. No reboot needed this time (usually). 3. Configure Remote Admin details (System Maintenance > Management) 1. Set router name to be something pertaining to the customer 1. <customer name>-<first part of postcode> should work, although there is limited space; Use hyphens to separate words e.g. Exa-Networks-BD16 2. Turn on remote admin 3. Turn off telnet 4. Add an accepted (Access list) IP range of 82.219.212.0 with subnet of 255.255.255.0[/24] 5. Click OK and allow router to reboot for the final time 4. Optional: Test new router password Exa Networks Ltd 2013- -7- Revision 20131023-1

Vigor Router Configuration - Access internal website on real world IP For main ADSL Configuration instructions, see Vigor Router Configuration (ADSL) For main Fibre to the Cabinet Configuration instructions, see Vigor Router Configuration (FTTC) For failover and 3G Configuration instructions, see Vigor Router Configuration (3G & Failover) 1. Reconfigure Remote Admin details (System Maintenance > Management) 1. Ensure 'User define ports' is set 2. Change HTTP port to 8080 3. Change HTTPS port to 44300 4. Click OK once, but do not click OK a second time to reboot - this will be done later 2. Move the SSL VPN out of the way (SSL VPN) 1. This feature is only present in 2013 and later firmwares from 3.6.4 onwards but does need to be moved for HTTPS port forwarding to work. 2. Change the HTTPS port to 44301 3. Set up port redirection for HTTP (NAT > Port Redirection) 1. Click on the first available rule (usually 1) 2. Set mode to Single 3. Enter HTTP into the Service Name 4. Select the right real-world IP from the drop-down Further Configuration may be required if the right IP is not available. Docs to follow, but the setting is under WAN > Internet Access > WAN* > WAN IP Alias. 5. Set both the Public Port and Private Port to 80 6. Set the Private IP to the internal web server IP address 7. Tick 'Enable' at the top and click OK at the bottom 4. Set up port redirection for HTTPS (NAT > Port Redirection) 1. Click on the next available rule (usually 2) 2. Set mode to Single 3. Enter HTTPS into the Service Name 4. Select the real-world IP from the drop-down as before 5. Set both the Public Port and Private Port to 443 6. Set the Private IP to the internal web server IP address 7. Tick 'Enable' at the top and click OK at the bottom 5. Similar configuration may be performed through the (NAT > Open Ports) menu option, depending on how many ports need to be passed through. 6. Reboot the router (System Maintenance > Reboot System) 1. Ensure 'using current configuration' is set 2. Click 'Reboot Now' Exa Networks Ltd 2013- -8- Revision 20131023-1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information