1. Home
    2. /
  2. Manuals
    3. /
  3. DrayTek
    4. /
  4. VigorPro 5300
    5. /
  5. 31
Page 151 / 304 Scroll up to view Page 146 - 150
VigorPro5300 Series User’s Guide
143
remote peer requires the Vigor router to callback, the local
ISDN number will be provided to the remote peer. Check
here to allow the Vigor router to send the ISDN number to
the remote router. This feature is useful for
i
model only.
Allowed Dial-In Type
Determine the dial-in connection with different types.
ISDN
Allow the remote ISDN LAN-to-LAN connection. You
should set the User Name and Password of remote dial-in user
below. This feature is useful for
i
model only. In addition, you
can further set up Callback function below.
PPTP
Allow the remote dial-in user to make a PPTP VPN
connection through the Internet. You should set the User
Name and Password of remote dial-in user below.
IPSec Tunnel
Allow the remote dial-in user to trigger an IPSec VPN
connection through Internet.
L2TP
Allow the remote dial-in user to make a L2TP VPN
connection through the Internet. You can select to use L2TP
alone or with IPSec. Select from below:
Page 152 / 304
VigorPro5300 Series User’s Guide
144
None-
Do not apply the IPSec policy. Accordingly, the VPN
connection employed the L2TP without IPSec policy can be
viewed as one pure L2TP connection.
Nice to Have
- Apply the IPSec policy first, if it is applicable
during negotiation. Otherwise, the dial-in VPN connection
becomes one pure L2TP connection.
Must-
Specify the IPSec policy to be definitely applied on the
L2TP connection.
Specify CLID or Remote
VPN Gateway
You can specify the IP address of the remote dial-in user or
peer ID (should be the same with the ID setting in dial-in
type) by checking the box. Enter Peer ISDN number if you
select ISDN above (This feature is useful for
i
model only.).
Also, you should further specify the corresponding security
methods on the right side.
If you uncheck the checkbox
,
the connection type you select
above will apply the authentication methods and security
methods in the general settings.
User Name
This field is applicable when you select ISDN, PPTP or L2TP
with or without IPSec policy above.
Password
This field is applicable when you select ISDN, PPTP or L2TP
with or without IPSec policy above.
VJ Compression
VJ Compression is used for TCP/IP protocol header
compression. This field is applicable when you select ISDN,
PPTP or L2TP with or without IPSec policy above.
IKE Authentication
Method
This group of fields is applicable for IPSec Tunnels and
L2TP with IPSec Policy when you specify the IP address of
the remote node. The only exception is Digital Signature
(X.509) can be set when you select IPSec tunnel either with
or without specify the IP address of the remote node.
Pre-Shared Key -
Check the box of Pre-Shared Key to
invoke this function and type in the required characters
(1-63) as the pre-shared key.
Digital Signature (X.509) –
Check the box of Digital
Signature to invoke this function and select one predefined
Profiles set in the
VPN and Remote Access >>IPSec Peer
Identity
.
IPSec Security Method
This group of fields is a must for IPSec Tunnels and L2TP
with IPSec Policy when you specify the remote node.
Medium-
Authentication Header (AH) means data will be
authenticated, but not be encrypted. By default, this option is
active.
High-
Encapsulating Security Payload (ESP) means payload
(data) will be encrypted and authenticated. You may select
encryption algorithm from Data Encryption Standard (DES),
Triple DES (3DES), and AES.
Callback Function
The callback function provides a callback service only for the
ISDN LAN-to-LAN connection (this feature is useful for
i
model only). The remote user will be charged the connection
fee by the telecom.
Check to enable Callback function
-Enables the callback
function.
Page 153 / 304
VigorPro5300 Series User’s Guide
145
Callback number
-The option is for extra security. Once
enabled, the router will ONLY call back to the specified
Callback Number.
Callback budget
- By default, the callback function has
limitation of callback period. Once the callback budget is
exhausted, the function will be disabled automatically.
Callback Budget (Unit: minutes)-
Specify the time budget
for the dial-in user. The budget will be decreased
automatically per callback connection. The default value 0
means no limitation of callback period.
My WAN IP
This field is only applicable when you select ISDN, PPTP or
L2TP with or without IPSec policy above. The default value is
0.0.0.0, which means the Vigor router will get a PPP IP
address from the remote router during the IPCP negotiation
phase. If the PPP IP address is fixed by remote side, specify
the fixed IP address here. Do not change the default value if
you do not select ISDN, PPTP or L2TP.
Remote Gateway IP
This field is only applicable when you select ISDN, PPTP or
L2TP with or without IPSec policy above. The default value is
0.0.0.0, which means the Vigor router will get a remote
Gateway PPP IP address from the remote router during the
IPCP negotiation phase. If the PPP IP address is fixed by
remote side, specify the fixed IP address here. Do not change
the default value if you do not select ISDN, PPTP or L2TP.
Remote Network IP/
Remote Network Mask
Add a static route to direct all traffic destined to this Remote
Network IP Address/Remote Network Mask through the VPN
connection. For IPSec, this is the destination clients IDs of
phase 2 quick mode.
More
Add a static route to direct all traffic destined to more Remote
Network IP Addresses/ Remote Network Mask through the
VPN connection. This is usually used when you find there are
several subnets behind the remote VPN router.
RIP Direction
The option specifies the direction of RIP (Routing Information
Protocol) packets. You can enable/disable one of direction
here. Herein, we provide four options: TX/RX Both, TX Only,
RX Only, and Disable.
From first subnet to
remote network, you
If the remote network only allows you to dial in with single
Page 154 / 304
VigorPro5300 Series User’s Guide
146
have to do
IP, please choose
NAT
, otherwise choose
Route
.
Change default route to
this VPN tunnel (Only
single WAN supports this )
Check this box to change the default route with this VPN
tunnel. Be aware that this setting is available only for one
WAN interface is enabled. It is not available when both
WAN interfaces are enabled.
3.10.7 Connection Management
You can find the summary table of all VPN connections. You may disconnect any VPN
connection by clicking
Drop
button. You may also aggressively Dial-out by using Dial-out
Tool and clicking
Dial
button.
Dial
Click this button to execute dial out function.
Refresh Seconds
Choose the time for refresh the dial information among 5, 10,
and 30.
Refresh
Click this button to refresh the whole connection status.
Page 155 / 304
VigorPro5300 Series User’s Guide
147
3.11 Certificate Management
A digital certificate works as an electronic ID, which is issued by a certification authority
(CA). It contains information such as your name, a serial number, expiration dates etc., and
the digital signature of the certificate-issuing authority so that a recipient can verify that the
certificate is real. Here Vigor router support digital certificates conforming to standard
X.509.
Any entity wants to utilize digital certificates should first request a certificate issued by a CA
server. It should also retrieve certificates of other trusted CA servers so it can authenticate
the peer with certificates issued by those trusted CA servers.
Here you can manage generate and manage the local digital certificates, and set trusted CA
certificates. Remember to adjust the time of Vigor router before using the certificate so that
you can get the correct valid period of certificate.
Below shows the menu items for Certificate Management.
3.11.1 Local Certificate
Generate
Click this button to open
Generate Certificate Request
window.

Rate

4.5 / 5 based on 2 votes.

Popular DrayTek Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top