DrayTek Vigor2860Vn-plus Router Manual PDF (Setup & Configuration Guide)

Page 321 / 794 Scroll up to view Page 316 - 320

Vigor2860 Series User’s Guide

307

user to adjust suitable rate manually. There are 100 groups

of rate ratio for Member1:Member2 (range from 1:99 to

99:1).

VPN Load Balance Policy

Below shows the algorithm for Load Balance.

Edit

– Click this radio button for assign a blank table for

configuring Binding Tunnel.

Insert after

– Click this radio button to adding a new

binding tunnel table.

Tunnel Bind Table Index

- 128 Binding tunnel tables are

provided by this device. Specify the number of the tunnel

for such Load Balance profile.

Active

– In-active/Delete can delete this binding tunnel

table. Active can activate this binding tunnel table.

Binding Dial Out Index

– Specify connection type for

transmission by choosing the index (LAN to LAN Profile

Index) for such binding tunnel table.

Scr IP Start /End

– Specify source IP addresses as starting

point and ending point.

Dest IP Start/End

– Specify destination IP addresses as

starting point and ending point.

Dest Port Start /End

– Specify destination service port as

starting point and ending point.

Protocol

–

Any

means when the source IP, destination IP,

destination port and fragment conditions match with the

settings specified here, such binding tunnel table can be

established for TCP Service Port/UDP Service

Port/ICMP/IGMP specified here.

TCP

means when the source IP, destination IP, destination

port and fragment conditions match with the settings

specified here and TCP Service Port also fits the number

here, such binding tunnel table can be established.

UDP

means when the source IP, destination IP, destination port

and fragment conditions match with the settings specified

here and UDP Service Port also fits the number here, such

binding tunnel table can be established.

TCP/UPD

means

when the source IP, destination IP, destination port and

fragment conditions match with the settings specified here

and TCP/UDP Service Port also fits the number here, such

binding tunnel table can be established.

ICMP

means when

the source IP, destination IP, destination port and fragment

conditions match with the settings specified here and ICMP

Service Port also fits the number here, such binding tunnel

table can be established. IGMP means when the source IP,

destination IP, destination port and fragment conditions

match with the settings specified here and IGMP Service

Port also fits the number here, such binding tunnel table can

be established.

Other

means when the source IP,

destination IP, destination port and fragment conditions

match with the settings specified here with different TCP

Service Port/UDP Service Port/ICMP/IGMP, such binding

tunnel table can be established.

Page 322 / 794

Vigor2860 Series User’s Guide

308

Detail Information

This field will display detailed information for Binding

Tunnel Policy. Below shows a successful binding tunnel

policy for load balance:

Note : To configure a successful binding tunnel, you

have to:

Type Binding Src IP range (Start and End) and Binding Des

IP range (Start and End). Choose TCP/UDP, IGMP/ICMP

or Other as Binding Protocol.

Detailed Settings for Advanced Backup

Available settings are explained as follows:

Page 323 / 794

Vigor2860 Series User’s Guide

309

Item

Description

Profile Name

List the backup profile name.

ERD Mode

ERD means “Environment Recovers Detection”.

Normal

– choose this mode to make all dial-out VPN

TRUNK backup profiles being activated alternatively.

Resume

– when VPN connection breaks down or

disconnects, Member 1 will be the top priority for the

system to do VPN connection.

Detail Information

This field will display detailed information for Environment

Recovers Detection.

3.11.8 Connection Management

You can find the summary table of all VPN connections. You may disconnect any VPN

connection by clicking

Drop

button. You may also aggressively Dial-out by using Dial-out

Tool and clicking

Dial

button.

Available settings are explained as follows:

Item

Description

Dial-out Tool

General Mode -

This filed displays the profile configured

in LAN-to-LAN (with Index number and VPN Server IP

address). The VPN connection built by General Mode does

not support VPN backup function.

Backup Mode -

This filed displays the profile name saved

Page 324 / 794

Vigor2860 Series User’s Guide

310

in VPN TRUNK Management (with Index number and

VPN Server IP address). The VPN connection built by

Backup Mode supports VPN backup function.

Dial -

Click this button to execute dial out function.

Refresh Seconds -

Choose the time for refresh the dial

information among 5, 10, and 30.

Refresh -

Click this button to refresh the whole connection

status.

3.12 Certificate Management

A digital certificate works as an electronic ID, which is issued by a certification authority

(CA). It contains information such as your name, a serial number, expiration dates etc., and the

digital signature of the certificate-issuing authority so that a recipient can verify that the

certificate is real. Here Vigor router support digital certificates conforming to standard X.509.

Any entity wants to utilize digital certificates should first request a certificate issued by a CA

server. It should also retrieve certificates of other trusted CA servers so it can authenticate the

peer with certificates issued by those trusted CA servers.

Here you can manage generate and manage the local digital certificates, and set trusted CA

certificates. Remember to adjust the time of Vigor router before using the certificate so that

you can get the correct valid period of certificate.

Below shows the menu items for Certificate Management.

3.12.1 Local Certificate

Available settings are explained as follows:

Page 325 / 794

Vigor2860 Series User’s Guide

311

Item

Description

Generate

Click this button to open

Generate Certificate Request

window.

Type in all the information that the window requests. Then

click

Generate

again.

Import

Click this button to import a saved file as the certification

information.

Refresh

Click this button to refresh the information listed below.

View

Click this button to view the detailed settings for certificate

request.

Delete

Click this button to delete selected name with certification

information.

GENERATE

Click this button to open

Generate Certificate Signing Request

window. Type in all the

information that the window request such as certifcate name (used for identifying different

certificate), subject alternative name type and relational settings for subject name. Then click

GENERATE

again.

Note:

Please be noted that “Common Name” must be configured with rotuer’s WAN IP or

domain name.

Rate

Popular DrayTek Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share