1. WAN Connectivity
The Vigor2832 router supports 3 types of WAN Interfaces: an ADSL2+ WAN, a
Gigabit Ethernet WAN and a USB port (WAN 3) for a supported USB 3G/4G USB
modem.
With between 2 to 3 WAN interfaces connected, you can configure the router
for Load Balancing or Failover. For example you can have the ADSL2+ as your
primary Internet connection and have a failover connection over an attached 4G
USB modem.
2. Load Balance / Route Policy
The Load Balance/Route Policy in the Vigor2832 router allows outgoing
Internet traffic to be directed to the desired WAN interface based on matching
criteria for the data flow. For example traffic to a mail server may need to be
sent through a particular service provider associated with one of the WAN
connections.
3. LAN and VLAN
The Vigor2832 has 4 x Gigabit LAN ports and supports 50,000 NAT sessions.
The Vigor2832 supports both Port-based and 802.1q Tagged VLANs. Port based
VLANs allow the assignment of a VLAN and IP subnet to each router LAN port. On
the other hand, 802.1q Tagged VLANs can extend up to 8 VLANs and any of the four
IP subnets to an attached switch.
4. Quality of Service (QoS)
QoS functions allow the network administrator to set priorities based on
types of traffic to ensure time critical traffic types are treated with higher
priorities. For example real-time traffic such as VoIP or Video Conferencing can
be prioritised as these have less tolerance over delays caused by network
congestion.
The traffic type can be assigned to each of the three QoS classes and
reserved bandwidth allocated.
5.Firewall
The Vigor2832 has powerful firewall features including object-oriented SPI
(Stateful Packet Inspection) firewall, DoS (Denial of Services), CSM (Content
Security Management) and WCF (Web Content Filter).
Stateful Packet Inspection (SPI) Firewall monitors incoming and outgoing
packets at layer 3 (OSI model) and passes or blocks the data packets based on
the configuration.
The DoS feature protects the network for unwanted access requests from DoS
attackers.
CSM enables network administrators to control and manage IM (Instant
Messenger) and P2P (Peer-to-Peer) applications. For instance, you can keep
network users from accessing inappropriate contents and ensure that network
traffic flow is not affected by undesirable traffic types.
With WCF, all websites are classified into 64 categories; network
administrators can select these categories to protect the users from undesirable
website content. DrayTek uses the CYREN WCF database for Vigor 2832, and each
router includes a free 30 day trial license.
The object-based firewall provides flexibility by using Objects in the
firewall settings. Objects can be created and placed in groups for IP, service
type, keyword, file extension, etc. This allows a filter rule to be applied to
many IP addresses, reducing number of firewall filters required. In addition
these objects and groups can be reused for other firewall settings resulting in
reduced amount of work required to create multiple firewall rules.
Firewall rules can be applied according to a Time Schedule to control access
to the Internet or network services according to predetermined time slots. Up to
4 time schedules can be applied to each firewall filter rule. For example social
media can be restricted during work hours and be allowed during off work hours
in a company.
6.VPN & SSL-VPN
Vigor2832 supports up to 32 simultaneous VPN tunnels, of major protocols such
as IPSec/PPTP/L2TP, and 10 tunnels of SSL VPN protocol. The dedicated VPN
co-processor supports the hardware encryption of AES/DES/3DES, hardware key hash
of SHA-1/MD5, and LDAP authentication, and ensures that VPN traffic is secure
and performance is maximised.
The SSL technology allows secure Web encryption such as those used for
on-line banking. With the Vigor2832, you can create SSL VPN in Full Tunnel mode
or Proxy mode.
Furthermore, since the Vigor2832 supports multi-WAN of DSL, Ethernet and
3G/4G, you can create VPN Trunking for VPN Load Balance and VPN Backup. For
instance, you can use a number of connections to a site to increase the
bandwidth, or have a backup connection when the primary connection fails.
7. Remote Access Management
The Vigor2832 includes a number of management options to provide both local
and remote access to monitor and manage the router.
The TR-069 feature integrates with the DrayTeks VigorACS-SI centralised
management system. This can be used to allow system integrators or network
administrators to configure, monitor and manage the Vigor2832 remotely from the
comfort of their offices or homes. It can also be used to Auto-Provision the
Vigor2832 remotely by sending configuration data to the router. There are 3
wizards: a Configuration Wizard, a VPN Wizard and a Firmware Upgrade Wizard.
These allow network administrators to carry out complex tasks quickly and
easily.
Alarm & Log Management features ensure real time notifications and alerts
to specified phone numbers or email accounts for any faults or issues of the
connected CPEs.
A number of diagnostic functions are available for the network administrators
to monitor and troubleshoot network issues. These include Data Flow Monitor,
Traffic Graph and Syslog Explorer, etc.
Like all Vigor routers, Vigor2832 supports management options include HTTP,
HTTPS, FTP, SSH, Telnet and SNMP.
Connectivity
- ADSL2/2+
- DHCP Client
- Static IP
- PPPoE/PPPoA/MPoA
- 802.1p/q Multi-VLAN Tagging
- Ethernet WAN
- IPv4
- DHCP Client, Static IP, PPPoE, PPTP, L2TP, 802.1q Multi-VLAN
Tagging
- IPv6
- Tunnel Mode: TSPC, AICCU, 6rd, Static 6in4
- Dual Stack: PPP, DHCPv6 Client, Static IPv6
- WAN Connection Failover
- WAN Budget
- Load Balance/Route Policy
- Ethernet LAN
- IPv4/IPv6 DHCP Server
- Static Routing/RIP
- Multiple Subnets
- Port/Tag-based VLAN
- USB
- 3.5G/4G-LTE as WAN
- Printer Server/File Sharing
Security
- Multi-NAT, DMZ Host, Port-redirection and Open Port
- Object-based Firewall, Object IPv6, Group IPv6
- MAC Address Filter
- SPI (Stateful Packet Inspection) (Flow Track)
- DoS/DDoS Prevention
- IP Address Anti-spoofing
- E-mail Alert and Logging via Syslog
- Time Schedule Control
- Firewall v3
- User Management
Management
- System Maintenance
- HTTP/HTTPS with 2-level Management (Admin/User)
- Logging via Syslog
- SNMP Management MIB-II (v2/v3)
- CLI (Command Line Interface, Telnet/SSH)
- Administration Access Control
- Web-based Diagnostic Functionality
- Firmware Upgrade via TFTP/FTP/HTTP/TR-069
- CWMP Support (TR-069/TR-104)
- LAN Port Monitoring
- Network Management
- Bandwidth Management by Session/Bandwidth
- User Management by Time/Data Quota
- LAN DNS and DNS Forwarding
- Dynamic DNS
- IGMP Snooping/Proxy v2 and v3
- QoS (DSCP/Class-based/4-level Priority)
- Guarantee Bandwidth for VoIP
- Support Smart Monitor (Up to 30 nodes)
VPN
- Up to 32 VPN Tunnels (Including 10 SSL-VPN Tunnels)
- Protocol : PPTP, IPsec, L2TP, L2TP over IPsec
- Encryption : MPPE and Hardware-based AES/DES/3DES
- Authentication : MD5, SHA-1
- IKE Authentication : Pre-shared Key and Digital Signature (X.509)
- LAN-to-LAN, Teleworker-to-LAN
- DHCP over IPsec
- IPsec NAT-traversal (NAT-T)
- Dead Peer Detection (DPD)
- VPN Pass-through
- VPN Wizard
- mOTP
- VPN Trunk: VPN Backup and Load Balance
Hardware Interface
- 1 x ADSL2/2+ Port (WAN-1), RJ-11 for Annex A/RJ-45 for Annex B
- 1 x 1000Base-TX, RJ-45 (WAN-2)
- 4 x 10/100/1000Base-TX LAN, RJ-45
- 2 x USB Host 2.0
- 1 x Factory Reset Button