Обзор маршрутизатора Draytek серии 2912. Часть вторая

Draytek 2912/2912n , , , , , . , , , SMB/SOHO . , , , .



- , WAN LAN, Load-balancing, , VPN, , NAT , USB, .

.


. 0

, Draytek DHCP-, LAN.

IP , 192.168.1.0/24,
-, - IP LAN 192.168.1.1,
Username:admin,password:admin. .


. 1

Online Status


. 2

3.7.8.1_R , , PPTP , :


. 3

, , Draytek.com
Supports -> Downloads -> Firmware — Vigor2912 Series.

3.8.1.1 , , , - System Maintenance >> Firmware Upgrade v2912_3811.all, «Upgrade».


. 4

, - .

, Draytek 2912n, .


. 4-1

WAN , , .

: LAN0=192.168.1.0/24 LAN1=192.168.2.0/24. SSID: DrayTek, DrayTek_Guest DrayTek_Unencrypted. VLAN . VPN Smart VPN Client PPTP IPSec. SmartMonitor LAN .

, Draytek, , - , , , . , : (Wizards), WAN LAN, (Firewall, Objects Settings, CSM) (User Management), (Applications). VPN , (Wireless LAN), USB-(USB Application) (System Maintenance) (Diagnostics).

, , - .

.

, , , , .

Wizards

, . , «Finish» . , , , .

Quick Start Wizard – WAN 1-3 .
Service Activation Wizard – Web Content Filter.

VPN Client Wizard VPN Server Wizard , VPN LAN-to-LAN Remote Dial-in User, . , 3 , VPN .

PPTP, , Draytek Smart VPN . VPN VPN and Remote Access.


. 5


. 6


. 7

Wireless Wizard . .


. 8

.

Online Status

: Physical Connection – LAN, WAN 1-3 , , Virtual WAN.


. 9

System Maintenance -> System Status.

WAN

. WAN 1 2


. 10-1

Load balance mode WAN . , Auto Weigh, . WAN 3 3/4G .

WAN 2 , .


. 10-2

Internet Access .


. 10-3

Detalils Page WAN 2, , IP, DHCP-. , PPTP/L2TP PPPoE, IPv6.


. 11

Multi-VLAN WAN 1-2 LAN , .


. 12

, WAN 1-2 WAN 5-7 VLAN «» LAN 1-3(4 NAT), , WAN 5-7 IP DHCP, L3. , IPTV WAN LAN.

LAN

. LAN , 192.168.1.1/24 192.168.2.1/24, . DHCP IP- . , DHCP- DHCP-, , , TFTP-.


. 13

, LAN 1 2 Inter-LAN Routing

LAN >> Static Route Setup 10 IP- LAN 1-2.

LAN >> VLAN Configuration VLAN LAN P2-4(P1 WAN2 ) SSID 1-4 VLAN . VLAN Tag , VID, LAN, . VLAN. VLAN0 LAN P 2-4 SSID1 – LAN 1 . VLAN1 SSID2 SSID3 – LAN 2 .


. 14

VLAN , VLAN VID.

LAN >> Bind IP to MAC. MAC- IP-, IP- MAC- . .

LAN >> LAN Port Mirror LAN Mirrored port Mirror port. Draytek Smart Monitor, .


. 15

LAN >> Web Portal Setup , LAN WLAN- URL- -, , , SSID1.


. 16

, .

, - www.ucexpert.ru, «Continue» - .

.


. 17

Load-Balance/Route Policy

General Setup – Diagnose – , .


. 18

, IP LAN IP 8.8.8.8 WAN1, , IP 8.8.4.4 WAN2. , WAN1, WAN1, WAN2. , , .

, , , , .


. 19

.


. 20

NAT

NAT (Network Address Translation), Port Redirection – WAN IP- LAN, FTP-, ..

DMZ Host DMZ LAN WAN .

Open Ports , , P2P, IP- LAN.


. 21

Port Triggering Open Ports. Open Ports, , Port Triggering, , .

.

Firewall

, , .
3 :

1. IP- Call Filter/ Data Filter
2. Stateful Packet Inspection (SPI)
3. Denial of Service (DoS) /Distributed DoS (DDoS)

Call Filter Data Filter.
Call Filter , WAN, - (WAN- ) Call Filter, , .

WAN-, Data Filter, WAN- .


. 22

( Objects Settings), , IP- IP-, , , , ( User Management) , CSM (Content Security Management), , , Skype, URL- Web Content Filter.

, , Web Content Filter -, .

Firewall >> General Setup, , Firewall >> Filter Setup, , Firewall >> Filter Setup >> Edit Filter Set, .


. 23

block-social


. 24

-, Schedule , , , 9-30 18-00 . , Direction, IP- , Objects Setting >> Service Type Object, , + .

, Filter «Pass If No Further Match» — , . , , ok.ru, . — URL Content Filter, – – .

, , . , , , , , Web Content Filter – -.

DoS Defense. DoS , , . .

User Management

:

Rule-Based, , , , IP- . IP-.

User-Based, . . . IP , .

User Management >> General Setup, IP- .

IP- : IP- , IP-.

User-Based, , , . , User Management >> User Profile.


. 25

,


. 26

, , , LDAP RADIUS. , .

Landing Page — . , : «Login Success!», -, , . Landing page :

<body stats=1><script language='javascript'> window.location='<a href="http://www.draytek.com/">http://www.draytek.com</a>'</script></body>

.
- , , «Login Success!» .


. 27

User Group , , , . User Online Status .

Objects Setting

Draytek 2912 SPI (Stateful Packet Inspection) (Object-based), : ( IP), IP- IP-, , , . , .

Objects Setting .

IP Object , IP- , MAC- IP-. IP Group IP , .

IPv6 Object IPv6 Group IP IPv6.

Service Type Object Service Type Group , .


. 28

Keyword Object Keyword Group , , , URL Content Filter Profile DNS Filter Profile CSM. vk.com twitter.com facebook.com ok.ru, social-nets social-ok.ru social-nets-gro Objects Setting >> Keyword Group. , CSM >> URL Content Filter Profile.


. 29

File Extension Object , . , , . . blk-img CSM >> URL Content Filter Profile. .


. 30

SMS/Mail Service Object Notification Object 10 Application>>SMS/Mail Alert Service.

CSM

CSM (Content Security Management), , , URL , , Java Applet, Cookies, Active X, , , IM/P2P , , MySQL, SMB, SSH, UltraVPN, . DNS .

APP Enforcement Profile , , Skype.


. 31

Data Filter, , .
URL Content Filter Profile -. Group/Object Keyword URL Access Control, - . social-nets-gro - .
Web Feature Cookie, Proxy File Extension Profile, , 1-blk-img.

social URL Content Filter.


. 32

, , vk.com, Administration Message, .


. 33

Web Content Filter Profile. CSM — GlobalView Web Content Filter. , , , , , . , , , , . Web Content Filter , .

:


. 34
DNS Filter Profile DNS 53 UDP URL Content Filter Profile Web Content Filter Profile. , .

Bandwidth Management

Bandwidth Management >> Sessions Limit NAT IP- LAN, . , P2P (Peer to Peer) , . IP.

Bandwidth Management >> Bandwidth Limit IP-. , , .

Bandwidth Management >> Quality of Service . IP , DiffServ. , .


. 35

VoIP .

Applicatons

, .

, Schedule, , , 15 .


. 36

LAN DNS IP . RADIUS Active Directory /LDAP . IGMP IGMP IGMP snooping , , IP TV.

VPN and Remote Access

16 VPN* LAN-to-LAN VPN- , PPTP/IPSec/L2P/L2TPover IPSec. AES/DES/3DES IKE . WAN , . , VPN , VPN .

VPN Draytek . LAN-to-LAN, . Dryatek VPN- , Draytek Smart VPN Client, draytek.com

* , , PPTP . , draytek.com.

Remote Access Control Setup VPN , IPsec General Setup Pre-Shared Key IKE Authentication, . , draytek.commmmm


. 37

Remote Dial-in User VPN LAN .


. 38

Status, , ignat «», . , ignat PPTP, IPSec preshared key= draytek.commmmm.


. 39

Draytek Smart VPN Client, .

PPTP.


. 40

VPN- preshared IPsec General Setup draytek.commmmm.


42

Connection Management .


. 43

LAN to LAN VPN . LAN-to-LAN, : – , , VPN – PPTP, L2TP with IPsec Policy  IPsec Tunnel, , , , IKE Pre-Shared Key, . , , . , «» VPN-.

, — .

Connection Management.

Wireless LAN

802.11n . .

4 , , .

General Setup Security Settings. .


. 44

4 , MAC-. Wi-Fi MAC- .
Station List, , , .


. 45

, Access Control, MAC-, , MAC-. .

Advanced Setting , , , , , .

WPS (Wi-Fi Protected Setup) WDS , Wireless LAN.

USB Application

USB-, . -, USB 3G/4G - -, .
-, USB- , - , .


. 46

, , USB- FTP SMB. . , USB Device Status, , USB- 8 .


. 47

USB Application >> File Explorer USB Application >> USB Device Status

-, USB- FTP NetBios/SMB. Modem Support List, LAN SMB Client Support List.

3G/4G , Modem Printer USB Device Status.

System Maintenance

. User Administrator, TR-069 . Configuration Backup . Configuration Backup SysLog, . , .


. 48

, Draytek syslog . Draytek Syslog. .


. 49

Management . , , WAN .


. 50

Diagnostics

, — .

Routing Table , ARP Cache Table MAC- , DHCP-Table DHCP-, NAT- DNS-.


. 51

Ping Traceroute. , : VPN, Firewall, WAN .


. 52

Traffic Graph , , WAN .


. 53

Draytek 2912/2912n. , , , , Draytek 2912n, , , , VPN-, NAS- .

, , , – .

Draytek VigorACS SI, , , , Draytek Smart Monitor . , , . .

, , , WAN LAN, , , VPN, , NAT , USB, . , , – , . , .

Draytek 2912 , , -, CLI TR-69. , VigorACS SI Smart Monitor , . Draytek 2912 , . , , , .