The Vigor2925Ln router has most of the functions of the Vigor2925 series
routers, plus a slot for a 4G LTE mobile broadband SIM card. The supported SIM
cards include those from the major broadband service providers in Australia,
Telstra, Optus, Vodafone, etc., as well as those in New Zealand, Spark, 2Degrees
and Vodafone with speeds up to 150Mbps downstream and 50Mbps upstream.
In addition to the 4G LTE mobile broadband, the Vigor2925Ln has other WAN
interfaces including 1 x Gigabit Ethernet WAN and 1 x USB port for a 3G/4G
mobile dongle.
The Vigor2925Ln can connect to the Internet through any of these interfaces,
or with a combination of interfaces for Load Balance and Failover functions.
Like the Vigor2925 series, this router supports business features including an
object-oriented SPI (Stateful Packet Inspection) firewall, IPv6, 50 VPN tunnels,
25 SSL-VPN tunnels, tag-based VLAN, multiple subnets, etc.
For mission critical applications, the Vigor2925Ln router can be used in High
Availability mode to provide uninterrupted network connectivity,if there is a
hardware failure occurrence in the primary router.
The LTE feature makes the Vigor2925L series router an ideal solution for
applications such as:
The Vigor2925L series router can be rack mounted using a 1RU rack mount
bracket on a standard 19 rack or cabinet.
1. LTE Function
The Vigor2925L router has a SIM card slot for a FDD LTE/4G category 4 mobile
broadband modem. The 4G/LTE SIM card slot allows you to insert a SIM card from
your service provider and have Internet access without the need to use
additional hardware. It is protected by a cover.
The Vigor2925L series router has 2 LTE antennas. A 1 metre extension lead
with a magnetic base allows the antennas to be placed in the best position for
optimum 3G/4G reception.
4G LTE bands supported are:
- B3 (1800MHz)
- B7 (2600MHz)
- B8 (900MHz)
- B20 (800MHz)
Note 1: Band 28 (700MHz) is currently not supported in the
Vigor2925Ln router.
Note 2: 3G WCDMA Band 5
(850MHz) is currently not supported in the Vigor2925Ln router.
The maximum data rate for downlink is 150Mbps and the data rate for uplink is
50Mbps.
The SMS feature allows status and alerts to be sent by the router, or an IT
admin can reboot or configure the router with a pre-configured host.
2. WAN Connectivity
The Vigor2925L router supports 4 types of WAN Interfaces, including two
Gigabit Ethernet WAN interfaces, a USB port for a supported USB 3G/4G USB modem,
and a card slot for 4G LTE modem.
3G/4G mobile broadband access can be achieved through either a SIM card in
the 4G LTE SIM card slot, or a USB dongle in the 3G/4G USB port.
With between 2 to 4 WAN interfaces connected, you can configure for Load
Balancing or Failover. For example you can use WAN 1 as your primary Internet
connection and have a failover connection over a 4G LTE connection.
3. LAN and VLAN
The Vigor2925L has 5 x Gigabit LAN ports and supports with 50,000 NAT
sessions.
The Vigor2925L supports both port-based and 802.1q tagged VLANs. Port based
VLANs allow the assignment of a VLAN and IP subnet to each router LAN port. On
the other hand, 802.1q tagged VLANs can extend up to 8 VLANs and the IP subnets
to an attached switch.
4. Wireless LAN
The Vigor2925Ln has a built-in 2.4GHz IEEE802.11n wireless Access Point that
provides good coverage and excellent Wi-Fi performance. The MIMO technology with
diversified antenna arrangement minimises interference effects and ensures good
wireless performance.
To match the business level features of Vigor2925 series, Vigor2925Ln
supports all major Wi-Fi encryption protocols: WEP, WPA, WPA2 and 802.11X, plus
MAC Address access control, and DHCP Fixing to prevent unauthorized
accessing.
The Web-portal setup (log-in) provides four rules along with 4 SSIDs. Each of
the 4 SSIDs can be created and assigned to a VLAN and IP subnet with separate
security levels. The wireless VLAN function lets you isolate wireless clients
from each other or from the wired LAN.
When users connect to the Wireless LAN, they will be directed with your
customised log-in screen before any Internet access is permitted.
The usage information, such as how many and which clients are currently
connected and how much bandwidth they consume, can be displayed on screen.
With WPS (Wi-Fi Protected Setup) feature, you can press the WPS button at the
front of the router to pass on the security keys to a client PC in the LAN,
allowing for easy and secured access to the Wireless LAN.
5. Quality of Service (QoS)
QoS functions allow the network administrator to set priorities for certain
types of traffic to guarantee the required level of performance for data flow.
For example, real-time traffic such as VoIP or Video over IP can be prioritised
as these have less tolerance over delays caused by network congestion.
The traffic type can be assigned to each of the three QoS classes and
reserved bandwidth allocated.
6. Firewall
The Vigor2925Ln has powerful firewall features including object-oriented SPI
(Stateful Packet Inspection) firewall, DoS (Denial of Services), CSM (Content
Security Management) and WCF (Web Content Filter).
Stateful Packet Inspection (SPI) Firewall monitors incoming and outgoing
packets at layer 3 (OSI model) and passes or blocks the data packets based on
the configuration.
The DoS feature protects the network for unwanted access requests from DoS
attackers.
CSM enables network administrators to control and manage IM (Instant
Messenger) and P2P (Peer-to-Peer) applications, for instance, to keep network
users from accessing inappropriate contents and ensure that network traffic flow
efficiently.
WCF classifies all websites into 64 categories, and allows network
administrators to select categories to protect the users from undesirable
website content. DrayTek uses the CYREN WCF database for its Vigor routers, and
each router includes a free 30 day trial license.
The object-based firewall provides flexibility by using Objects in the
firewall settings. Objects can created and placed in groups for IP, service
type, keyword, file extension, etc. This allows a filter rule to be applied to
many IP addresses, reducing number of firewall filters required. In addition
these objects and groups can be reused for other firewall settings resulting in
reduced amount of work required to create multiple firewall rules.
Firewall rules can be applied according to a Time Schedule to control access
to the Internet or network services according to predetermined time slots. Up to
4 time schedules can be applied to each firewall filter rule. For example social
media can be restricted during work hours and be allowed during off work hours
in a company.
7. VPN & SSL-VPN
Vigor2925Ln supports up to 50 simultaneous VPN tunnels, of major protocols
such as IPSec/PPTP/L2TP and 25 tunnels of SSL-VPN protocol. The dedicated VPN
co-processor supports the hardware encryption of AES/DES/3DES, hardware key hash
of SHA-1/MD5, and LDAP authentication, and ensures that VPN traffic is secure
and performance is maximised.
The SSL technology allows secure Web encryption such as those used for
on-line banking. With Vigor2925Ln, you can create SSL-VPN in Full Tunnel mode or
Proxy mode.
Furthermore, since the Vigor2925Ln supports multi-WAN of DSL, Ethernet and
3G/4G, you can create VPN Trunking for VPN Load Balance and VPN Backup. For
instance, you can use a number of connections to a site to increase the
bandwidth, or have a backup connection when the primary connection fails.
8. Central VPN Management
Instead of normal method for VPN connection through web browsers, Vigor2925Ln
supports Central VPN Management (CVM) which utilises TR-069 protocol. You can
create VPN tunnels with just a few mouse clicks on the icons representing your
local network (e.g. public places such as a caf) and remote locations (e.g.
branch or home office), and the router will establish the connection
automatically. This takes away the tedious process required for VPN tunnel
creation.
As well as simplifying creation of VPN tunnels, CVM also provide a console to
monitor multiple CPE devices and VPN tunnels. This includes displaying the CPE
devices on a Google Map.
Other features include scheduling of CPE configuration backup/restore tasks
as well as scheduled firmware upgrade of the CPE devices. Up to 8 DrayTek CPE
devices are supported.
9. Central AP Management
Vigor2925Ln supports Central AP Management (APM) with a console to auto
configure and manage up to 20 directly connected (via LAN cables) Draytek
wireless Access Points including VigorAP 800, VigorAP 810, VigorAP 900 &
VigorAP 910C.
The Dashboard feature displays the status such as traffic and number of
attached stations, of all the attached Access Points.
With Auto Provisioning enabled on the attached Access Points, WLAN profiles
can be created and applied to the selected Access Points from the central
console.
The AP Maintenance feature allows a number of actions to be programmed,
including Configuration Backup and Restore, Firmware Upgrade, Remote Reboot and
Factory Reset, for selected Access Points.
The connected Access Points can also be displayed on a map or floor plan
showing their locations and basic descriptions. Other features include Traffic
Graph, Rogue AP detection, Event Log, Total Traffic, Station number and Access
Point load balancing.
10. Remote Access Management
The Vigor2925Ln includes a number of management options to provide both local
and remote access to monitor and manage the router.
The TR-069 feature integrates with the VigorACS-SI centralised management
system. This can be used to allow system integrators or network administrators
to configure, monitor and manage the Vigor2925Ln remotely from the comfort of
their offices or homes. It can also be used to Auto-Provision the Vigor2925Ln
remotely by sending configuration data to the router. There are 3 wizards: a
Configuration Wizard, a VPN Wizard and a Firmware Upgrade Wizard. These allow
network administrators to quickly and easily carry out complex tasks.
Alarm & Log Management features ensure real time notifications and alerts
to specified phone numbers or email accounts in relation to any faults or issues
of the connected CPEs.
A number of diagnostic functions are also available for the network
administrator to monitor and troubleshoot any network issues. These include Data
Flow Monitor, Traffic Graph and Syslog Explorer, etc.
Like all Vigor routers, Vigor2925Ln supports management options include HTTP,
HTTPS, FTP, SSH, Telnet and SNMP.
11. High Availability Mode
High Availability mode in the Vigor2925Ln router provides hardware redundancy
in the network by the use of one or more Vigor2925L routers in a group that can
be configured for Hot-Standby or Active-Standby. High Availability is essential
in mission critical applications where the network as well as Internet
connectivity needs to be available 100% of the time. Should a hardware failure
occur in the primary router, the standby router will immediately come on line to
provide uninterrupted network connectivity.
Key features of High Availability mode are:
- WCF License share (Hot-Standby only): Network
administrators can create a High Availability group on MyVigor website and
include at most 8 routers to join the group and share the same WCF license.
Only 1 router (the primary) can use the license at a time, and when the
primary router goes down, the secondary router will come up and register to
MyVigor server and continuously provide firewall protection to LAN clients. It
means only one WCF license is required per High Availability group.
- Configuration Sync (Hot-Standby only): Every
configuration/modification made on the primary router will be synchronized to
the other group member(s) ensuring that network functionality is identical
should the primary router fail.
- DDNS Update:For dynamic WAN IP users, High Availability
group members can share the same DDNS account, that when secondary router
become primary, it will update the DDNS profile so the network can still be
accessible via the same DDNS domain.
- LTE Modem
- FDD LTE Category 4
- Max Data Rate : 150Mbps in download & 50Mbps in upload within 20MHz
Bandwidth
- LTE FDD Band 3/7/8/20
- WCDMA Band 1/8
- GPRS/EDGE : 900/1800/1900MHz
- WAN Protocol
- DSL (WAN-1)/Giga Ethernet (WAN-2)
- DHCP Client
- Static IP
- PPPoE
- PPTP / L2TP (WAN-2 only)
- PPPoA (ADSL2 only)
- 802.1q Multi-VLAN Tagging
- LTE (WAN-3)
- IPv6
- Tunnel Mode: TSPC, AICCU, 6rd, Static 6in4
- Dual Stack: PPP, DHCPv6 Client, Static IPv6
- USB
- 3G (HSDPA) as WAN3/WAN4
- Printer Sharing
- File System :
- Support FAT32 File System
- Support FTP Function for File Sharing
- Support Samba for File Sharing
- LTE USB mobile Support List Please Contact
[email protected]
- VPN
- Up to 50 VPN Tunnels
- Protocol : PPTP, IPsec, L2TP, L2TP over IPsec
- Encryption : MPPE and Hardware-based AES/DES/3DES
- Authentication : MD5, SHA-1
- IKE Authentication : Pre-shared Key and Digital Signature (X.509)
- LAN-to-LAN, Teleworker-to-LAN
- DHCP over IPsec
- IPsec NAT-traversal (NAT-T)
- Dead Peer Detection (DPD)
- VPN Pass-through
- VPN Wizard
- mOTP
- SSL VPN: 25 Tunnels
- VPN Trunk (Load Balance/Backup)
- Multi-WAN
- Load-Balance/Route Policy (The Gigabit Ethernet interface, LTE modem and
USB mobile can be used either for WAN-backup or load balancing.)
- WAN Connection Failover
- CSM (Content Security Management)
- IM/P2P Application
- GlobalView Web Content Filter (Powered by )
- URL Content Filter :
- URL Keyword Blocking (Whitelist and Blacklist)
- Java Applet, Cookies, Active X, Compressed, Executable, Multimedia
File Blocking
- Excepting Subnets
- Bandwidth Management
- QoS
- Guarantee Bandwidth for VoIP
- Class-based Bandwidth Guarantee by User-defined Traffic Categories
- DiffServ Code Point Classifying
- 4-level Priority for Each Direction (Inbound/Outbound)
- Bandwidth Borrowed
- Bandwidth/Session Limitation
- Layer-2 (802.1p) and Layer-3 (TOS/DSCP) QoS Mapping
- Network Feature
- Packet Forwarding Acceleration *
- DHCP Client/Relay/Server
- IGMP Snooping/Proxy V2 and V3
- Triple-Play Application
- Dynamic DNS
- NTP Client
- Call Scheduling
- RADIUS Client
- DNS Cache/Proxy and LAN DNS
- UPnP 30 sessions
- Multiple Subnets
- Port-based/Tag-based VLAN (802.1q)
- Routing Protocol:
- Network Management
- Web-based User Interface (HTTP/HTTPS)
- Quick Start Wizard
- CLI (Command Line Interface, Telnet/SSH)
- Administration Access Control
- Configuration Backup/Restore
- Built-in Diagnostic Function
- Firmware Upgrade via TFTP/FTP/HTTP/TR-069
- Logging via Syslog
- SNMP Management MIB-II
- Management Session Time Out
- 2-level Management (Admin/User Mode)
- TR-069
- TR-104
- LAN Port Monitoring
- Support Smart Monitor (30 nodes)
- Central AP Management
- Central VPN Management (Up to 8 Remote Routers)
- Firewall
- Multi-NAT, DMZ Host, Port-redirection and Open Port
- Object-based Firewall, Object IPv6, Group IPv6
- MAC Address Filter
- SPI (Stateful Packet Inspection) (Flow Track)
- DoS/DDoS Prevention
- IP Address Anti-spoofing
- E-mail Alert and Logging via Syslog
- Bind IP to MAC Address
- Time Schedule Control
- User Management
- Wireless AP
- 802.11n WLAN with Single Band 2.4 GHz Frequency
- Wireless Client List
- Wireless LAN Isolation
- 64/128-bit WEP
- WPA/WPA2
- Wireless Wizard
- Hidden SSID
- WPS
- MAC Address Access Control
- Access Point Discovery
- WDS (Wireless Distribution System)
- 802.1x Authentication
- Multiple SSID
- Wireless Rate-control
- IEEE802.11e: WMM (Wi-Fi Multimedia)
- SSID VLAN Grouping with LAN Port (Port-based
VLAN)