DrayTek Vigor-2130 Router Manual PDF (Setup & Configuration Guide)

Page 176 / 241 Scroll up to view Page 171 - 175

Vigor2130 Series User’s Guide

168

4.7.2 PPTP Remote Dial-in

You can manage remote access by maintaining a table of remote user profile, so that users can

be authenticated to dial-in via VPN connection.

The router provides

access accounts for dial-in users.

Adding a New User

Click

Add new user

to open the following page.

Username

Type a name for this user.

Full Name

Type full name for this user.

Password

Type the password for this user.

Password (again)

Type the password again for confirmation.

Allow Disk Sharing

Check this box to have the remote user share the disk

information.

Allow IPSEC/L2TP

Check this box to let the remote user connecting to this

device through IPSEC/L2TP

.

Allow PPTP

Check this box to let the remote user connecting to this

device through PPTP

.

Allow FTP

Check this box to let the remote user connecting to FTP

server via this router.

Delete User

Remove settings on current page and delete the user. This

button is not available for new configuration by pressing

Add a New User

.

Page 177 / 241

Vigor2130 Series User’s Guide

169

When you finish the settings, simply click

OK

to save the configuration. The new user will be

created and displayed on the page.

Editing/Deleting User Settings

To edit a user, click the name link under Username to open the following page. Modify the

settings except Username and then click

OK

to save and exit it. If you want to remove such

user settings, simply click

Delete User

.

4.7.3 IPSec Remote Dial-in

This page allows you to configure IPSec Site-to-Client settings.

Mobile VPN Type

This usually applies to those are remote dial-in user or node

(LAN-to-LAN) which uses dynamic IP address and

Page 178 / 241

Vigor2130 Series User’s Guide

170

IPSec-related VPN connections such as L2TP over IPSec and

IPSec tunnel.

Disabled

– Ignore the configurations set in this page.

Dynamic VPN (IPSec)

– Traffic between this subnet and the

client will travel through the VPN tunnel. If you choose this

type, please specify the IP address and subnet mask for local

network.

L2TP/IPSec

–The range must not overlap the DHCP address

range (if enabled), and must allow for at least one IP address.

Example:

10.10.137.240-10.10.137.245

. If you choose this type,

please specify the IP address range for L2TP/IPSec mode.

Authentication

Shared secret –

Type the shared secret manually and confirm it

again. IPSec remote dial-in clients will use the given secret.

Advanced Settings

Phase 1 (IKE) -

Negotiation of IKE parameters including

encryption, hash, Diffie-Hellman parameter values, and lifetime

to protect the following IKE exchange, authentication of both

peers using either a Pre-Shared Key or Digital Signature (x.509).

The peer that starts the negotiation proposes all its policies to

the remote peer and then remote peer tries to find a

highest-priority match with its policies.

Phase 2 (IPSec) -

Negotiation IPSec security methods

including Authentication Header (AH) or Encapsulating

Security Payload (ESP) for the following IKE exchange and

Page 179 / 241

Vigor2130 Series User’s Guide

171

mutual examination of the secure tunnel establishment.

4.7.4 Remote Dial-in Status

You can find the summary table of all dial-in user status.

Client

Display the name of the VPN IPSec/Mobile client.

Identity

Display the remote ID of the VPN client.

Endpoint

Display the IP address of the VPN client.

IKE Status

Display the status of the phase 1 ISAKMP key exchange.

IKE Alg

Display

the encryption and authentication algorithm used

during phase 1 of the VPN connection Establishment. The

algorithm is used during exchange of key exchange.

ESP Status

Display the status of the phase 2 IPSec ESP key exchange.

ESP Alg

Display the encryption and authentication algorithm used

during phase 2 of the VPN connection Establishment. This

algorithm is used for transporting data, and the choice will

affect the performance of the VPN tunnel.

User Name

Display the dial-in user account.

Interface

Display the connection name assigned by the router.

Remote IP

Display IP address of remote client.

Login Time

Display the system time that the user logs in.

Rx bytes

Display the data total received for such client.

Tx bytes

Display the data total transmitted for such client.

Auto

-

refresh

Check this box to make the system refresh this page

automatically.

Refresh

Click this button to refresh the page immediately.

Page 180 / 241

Vigor2130 Series User’s Guide

172

4.7.5 LAN to LAN

Here you can manage LAN-to-LAN connections by maintaining a table of connection profiles.

You may set parameters including specified connection direction (dial-in or dial-out),

connection peer ID, connection type (VPN connection - including PPTP, IPSec Tunnel) and

corresponding security methods, etc.

The router supports 2 VPN tunnels simultaneously and provides up to

2

profiles. The

following figure shows the summary table.

Name

Indicate the name of the LAN-to-LAN profile.

Endpoint

Display the IP address of the VPN client.

IKE Status

Display the status of the phase 1 ISAKMP key exchange.

IKE Alg

Display

the encryption and authentication algorithm used

during phase 1 of the VPN connection Establishment. The

algorithm is used during exchange of key exchange.

ESP Status

Display the status of the phase 2 IPSec ESP key exchange.

ESP Alg

Display the encryption and authentication algorithm used

during phase 2 of the VPN connection Establishment. This

algorithm is used for transporting data, and the choice will

affect the performance of the VPN tunnel.

Rate

Popular DrayTek Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share