1. Home
    2. /
  2. Manuals
    3. /
  3. DrayTek
    4. /
  4. Vigor 2830
    5. /
  5. 35
Page 171 / 357 Scroll up to view Page 166 - 170
Vigor2830 Series User’s Guide
159
4.5 User Management
User Management is a security feature which disallows any IP traffic (except DHCP-related
packets) from a particular host until that host has correctly supplied a valid username and
password. Instead of managing with IP address/MAC address, User Management function
manages hosts with user account. Network administrator can give different firewall policies or
rules for different hosts with different User Management accounts. This is more flexible and
convenient for network management. Not only offering the basic checking for Internet access,
User Management also provides additional firewall rules, e.g. CSM checking for protecting
hosts.
Note
: Filter rules configured under Firewall usually are applied to the host (the one that
the router installed) only. With user management, the rules can be applied to every user
connected to the router with customized profiles.
Note
: If
Transparency Mode
is selected in
Firewall>>General Setup
, User
Management cannot be used any more. Please uncheck Transparency Mode first if you
want to utilize user management to handle users in LAN, WAN or WLAN.
Page 172 / 357
Vigor2830 Series User’s Guide
160
4.5.1 General Setup
General Setup can determine the standard (rule-based or user-based) for the users controlled
by User Management. The mode (standard) selected here will influence the contents of the
filter rule(s) applied to every user.
Mode
There are two modes offered here for you to choose. Each
mode will bring different filtering effect to the users involved.
User-Based
- If you choose such mode, the router will apply
the filter rules configured in
User Management>>User
Profile
to the users.
Rule-Based
–If you choose such mode, the router will apply
the filter rules configured in
Firewall>>General Setup
and
Filter Rule
to the users.
Page 173 / 357
Vigor2830 Series User’s Guide
161
4.5.2 User Profile
This page allows you to set customized profiles (up to 200) which will be applied for users
controlled under
User Management
. Simply open
User Management>>User Profile
.
To set the user profile, please click any index number link to open the following page. Notice that
profile 1 (
admin
) and profile 2
(System Reservation)
are factory default settings. Profile 2 is
reserved for future use.
Enable this account
Check this box to enable such user profile.
User Name
Type a name for such user profile (e.g.,
LAN_User_Group_1,
WLAN_User_Group_A, WLAN_User_Group_B,
etc). When a
Page 174 / 357
Vigor2830 Series User’s Guide
162
user tries to access Internet through this router, an
authentication step must be performed first. The user has to
type the User Name specified here to pass the authentication.
When the user passes the authentication, he/she can access
Internet via this router. However the accessing operation will
be restricted with the conditions configured in this user profile.
Password
Type a password for such profile (e.g.,
lug123,
wug123,wug456,
etc). When a user tries to access Internet
through this router, an authentication step must be performed
first. The user has to type the password specified here to pass
the authentication. When the user passes the authentication,
he/she can access Internet via this router with the limitation
configured in this user profile.
Confirm Password
Type the password again for confirmation.
Idle Timeout
If the user is idle over the limitation of the timer, the
network
connection will be stopped for such user.
By default, the Idle
Timeout is set to 10 minutes.
Max User Login
Such profile can be used by many users. You can set the
limitation for the number of users accessing Internet with the
conditions of such profile. The default setting is 0 which
means no limitation in the number of users.
Policy
It is available only when
User-Based
mode selected in
User
Management>>General Setup
.
Default
– If you choose such item, the filter rules
pre-configured in
Firewall
can be adopted for such user
profile.
Create New Policy
– If you choose such item, the following
page will be popped up for you to define another filter rule as
a new policy.
For the detailed configuration, simply refer to
Firewall>>Filter Rule
. The firewall filter rules that are not
selected in
Firewall>>General>>Default rule
can be
available for use in
User
Management>>User Profile
.
External Service
The router will authenticate the dial-in user by itself or by
Page 175 / 357
Vigor2830 Series User’s Guide
163
Authentication
external service such as LDAP server or Radius server. If
LDAP or Radius is selected here, it is not necessary to
configure the password setting above.
Log
Time of login/log out, block/unblock for the user(s) can be
sent to and displayed in Syslog. Please choose any one of the
log items to take down relational records for the user(s).
Pop Browser Tracking
Window
If such function is enabled, a pop up window will be displayed
on the screen with time remaining for connection if Idle
Timeout is set. However, the system will update the time
periodically to keep the connection always on. Thus, Idle
Timeout will not interrupt the network connection.
Authentication
Any user (from LAN side or WLAN side) tries to connect to
Internet via Vigor router must be authenticated by the router
first. There are three ways offered by the router for the user to
choose for authentication.
Web
– If it is selected, the use can type the URL of the router
from any browser. Then, a login window will be popped up
and ask the user to type the user name and password for
authentication. If succeed, a
Welcome Message
(configured in
User Management >> General Setup)
will be displayed.
After authentication, the destination URL (if requested by the
user) will be guided automatically by the router.
Alert Tool
– If it is selected, the user can open Alert Tool and
type the user name and password for authentication. A window
with remaining time of connection for such user will be
displayed. Next, the user can access Internet through any
browser on Windows. Note that Alert Tool can be downloaded
from DrayTek web site.
Telnet
– If it is selected, the user can use Telnet command to
perform the authentication job.
Enable Time Quota
Time quota means the total connection time allowed by the
router for the user with such profile. Check the box to enable
the function of time quota. The first box displays the
remaining time of the network connection. The second box
allows to type the number of time (unit is minute) which is
available for the user (using such profile) to access Internet.
Refresh
– Click this button to recalculate the time quota.
Add
– Click this box to set the time quota for such profile.
Index (1-15) in Schedule
You can type in four sets of time schedule for your request.

Rate

4.7 / 5 based on 3 votes.

Popular DrayTek Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top