Your Position: Home > Electronics > Router > DrayTek Vigor2955 Broadband Dual WAN Router

View History

DrayTek Vigor2955 Broadband Dual WAN Router

prev next

  • NO.:000237
  • Brand:DrayTek
    Package Weight:3.500kilogram
  • Orig.:US$1021.48
    Registered users:US$680.99
    Rank: comment rank 5
  • Total:
  • Quantity:
    Limit points for buying:600 integral
  • forward to friends

Items Brief:

Attribute

DrayTek Vigor2955 Broadband Dual WAN 200VPN Switch

The Vigor2955 SSL VPN Security Firewall is a broadband router with high throughput, high capacity VPN capabilities and dual-WAN interface. It provides policy-based load-balance, fail-over and BoD (Bandwidth on Demand) , and also integrates IP layer QoS, NAT session/bandwidth management to help users control and allocate the bandwidth on networks. With a dedicated VPN co-processor, the hardware encryption of AES/DES/3DES and hardware key hash of SHA-1/MD5 are seamlessly handled, thus maintaining maximum router performance. For remote teleworkers and inter-office links, the Vigor2955 supports up to 200 simultaneous VPN tunnels (such as IPSec/PPTP/L2TP protocols)and 50 sessions of SSL VPN.
 
It allows users to access Internet and combine the bandwidth of the dual WAN to speed up the transmission through the network. Each WAN port can connect to different ISPs, Even if the ISPs use different technology to provide telecommunication service (such as DSL, Cable modem, etc.). If any connection problem occurred on one of the ISP connections, all the traffic will be guided and switched to the normal communication port for proper operation.
 
Without the necessity of installing VPN client on individual PC, the Secure Socket Layer (SSL) virtual private network (VPN) facility lets remote workers connect to the office network at any one time. SSL is supported by standard web browsers such as FireFox and IE. For users of small offices and teleworkers who need to access enterprises's internal applications, file server and file sharing, Vigor2955 security router series allow up to 50 concurrent SSL sessions.
 
The Vigor2955 also provides high-security firewall options with both IP-layer and content based protection. The DoS/DDoS prevention and URL/Web content filter strengthen the security outside and inside the network. The enterprise-level CSM (Content Security Management) enables users to control and manage IM (Instant Messenger) and P2P (Peer to Peer) applications more efficiently. The CSM hence prevents inappropriate content from distracting employees and impeding productivity. Furthermore, the CSM can keep office networks threat-free and available. With CSM, you can protect confidential and essential data from modification or theft.

1. WAN Protocol Ethernet
 
2. Dual WAN Outbound policy based Load Balance
 
3. VPN Protocols : PPTP, IPSec, L2TP, L2TP over IPSec
Up to 200 Sessions Simultaneously
VPN Trunking
SSL VPN
LDAP
VPN Throughput
NAT-Traversal (NAT-T)
PKI Certificate : Digital signature (X.509)
IKE Authentication : Pre-shared key; IKE phase 1 aggressive/standard modes & phase 2 selectable lifetimes
Authentication : Hardware-based MD5, SHA-1
Encryption : MPPE and hardware-based AES/DES/3DES
RADIUS Client
DHCP over IPSec
Dead Peer Detection (DPD)
Smart VPN Software Utility
Easy of Adoption
Industrial-standard Interoperability
 
4. Content Filter URL Keyword Blocking
Web Content Filter
Time Schedule Control
 
5. Firewall Stateful Packet Inspection (SPI)
Content Security Management (CSM)
Multi-NAT
Port Redirection
Open Ports
DMZ Host
Policy-based IP Packet Filter
DoS/DDoS Prevention
IP Address Anti-spoofing
Object-based Firewall
Notification
Bind IP to MAC address
WDS Security
 
6. USB 3.5G USB Modem (USB 3.5G backup only for WAN1)
Printer Sharing
 
7. System Management Web-based User Interface (HTTP/HTTPS)
DrayTek's Quick Start Wizard
User Administration
CLI ( Command Line Interface, Telnet/SSH)
DHCP Client/Relay/Server
Dynamic DNS
Administration Access Control
Configuration Backup/Restore
Port-based VLAN
Built-in Diagnostic Function
NTP Client/Call Scheduling
Firmware Upgrade via TFTP/HTTP/FTP
Remote Maintenance
Wake On LAN
Logging via Syslog
SNMP Management
 
8. Bandwidth Management Traffic Shaping
Bandwidth Reservation
Packet Size Control
DiffServ Codepoint Classifying
4 Priority Levels (Inbound/Outbound)
Individual IP Bandwidth/Session Limitation
Bandwidth Borrowing
User-defined Class-based Rules
 
9. Routing Functions Router
Advanced Routing and Forwarding
DNS
DHCP
NTP
Policy-based Routing
Dynamic Routing
Static Routing
 
10. Internet CSM (Content Security Management) Featuring URL keyword filtering - whitelist or blacklist specific sites or keyword in URLs
Block web sites by category (subject to subscription)
Prevent accessing of web sites by using their direct IP address (thus URLs only)
Blocking automatic download of Java applets and Active X controls
Blocking of web site cookies
Block http downloads of file types (binary, compressed, multimedia)
Time schedules & exclusions for enabling/disabling these restrictions
Block P2P (Peer-to-Peer) file sharing programs (e.g. Kazaa, WinMX etc.)
Block Instant messaging programs (e.g. IRC, MSN/Yahoo Messenger)
 
11. Support Smart Monitor (Free & Optional Utility ): Network service analyze, User Management, System Management, System Management, Top10 ranking system, Up to 100 PC Users
Warranty : 2-year limited warranty, technical support through e-mail and Internet FAQ/Application Notes
Firmware Upgrade : Free Firmware upgrade form Internet
 
12. Declaration of Conformity  



Technical Specifications of Vigor2955
Hardware Interface LAN 5-port 10/100/1000 base-T switch
WAN 2-port 10/100 base-TX Ethernet
USB 1-port USB 1.1
WAN Protocol Ethernet PPPoE, PPTP, DHCP client, static IP, L2TP, BPA
Dual WAN Outbound Policy Based Load Balance
  • Allow your local network to access Internet using multiple Internet connections with high-level of Internet connectivity availability
  • Two dedicated Ethernet WAN ports (10/100Mb/s)
  • WAN fail-over or load-balanced connectivity
Bandwidth on Demand service/IP based preference rules or auto-weight
VPN Protocols PPTP, IPSec, L2TP, L2TP over IPSec
Up to 200 sessions simultaneously LAN to LAN, remote access (teleworker-to-LAN), dial-in or dial-out
VPN Trunking VPN load-balancing and VPN backup
SSL VPN Allow users to use a web browser for secure remote user login tunnel mode, application mode, proxy mode and SSTP
LDAP Lightweight directory access protocol. The enterprises use LDAP authentication technology to allow administrator, IT personnel and users to be authenticated when trying to access company's intranet environment.
VPN Throughput 50Mbps
NAT-Traversal (NAT-T) VPN over routes without VPN pass-through
PKI certificate Digital signature (X.509)
IKE Authentication Pre-shared key; IKE phase 1 aggressive/standard modes & phase 2 selectable lifetimes
Authentication Hardware-based MD5, SHA-1
Encryption MPPE and hardware-based AES/DES/3DES
RADIUS Client Authentication for PPTP remote dial-in
DHCP over IPSec Because DrayTek add a virtual NIC on the PC, thus, while connecting to the server via IPSec tunnel, PC will obtain an IP address from the remote side through DHCP protocol, which is quite similar with PPTP
Dead Peer Detection (DPD) When there is traffic between the peers, it is not necessary for one peer to send a keep-alive to check for liveness of the peer because the IPSec traffic serves as implicit proof of the availability of the peer
Smart VPN software Utility Provided free of charge for teleworker convenience ( Windows environment)
Easy of Adoption No additional client or remote site licensing required
Industrial-standard Interoperability Compatible with other leading 3rd party vendor VPN devices
Firewall Stateful Packet Inspection (SPI) Outgoing/Incoming traffic inspection based on connection information
Content Security Management (CSM) Appliance-based gateway security and content filtering
Multi-NAT You have been allocated multiple public IP address by your ISP. You hence can have a one-to-one relationship between a public IP address and an internal/private IP address. This means that you have the protection of NAT(see earlier) but the PC can be addressed directly from the outside world by its aliased public IP address, but still by only opening specific ports to it (for example TCP port 80 for an http/web server)
Port Redirection The packet is forwarded to a specific local PC if the port number matches with the defined port number. You can also translate the external port to another port locally
Open Ports As port redirection (above) but allows you to define a range of ports
DMZ Host This opens up a single PC completely. All incoming packets will be forwarded onto the PC with the local IP address you set. The only exceptions are packets received in response to outgoing requests from other local PC or incoming packets which match rules in the other two methods.
The precedence is as follows :
Port Redirection > Open Ports > DMZ
Policy-based IP Packet Filter The header information of an IP packet (IP or MAC source/destination addresses; source/destination ports; DiffServ attribute; direction dependent, bandwidth dependent, remote-site dependent
DoS/DDoS Prevention Act of preventing customers, users, clients or other computers from accessing data on a computer
IP Address Anti-spoofing Source IP address check on all interface: only IP address classified within the defined IP networks are allowed
Object-based Firewall Utilizes object-oriented approach to firewall policy
Notification E-mail alert and logging via syslog
Bind IP to MAC Address Flexible DHCP with 'IP-MAC binding
USB
3.5G USB Modem (USB 3.5G backup only for WAN1)
Printer Sharing
Content Filter URL Keyword Blocking
Whitelist and Blacklist, Java applet, cookies, active X, compressed, executable, multimedia file blocking
Web Content Filter Dynamic URL filtering database
Time Schedule Control Set rule according to your specific office hours
System Management Web-based User Interface ( HTTP/HTTPS) Integrated web server for the configuration of routers via Internet browsers with HTTP or HTTPS
Draytek's Quick Start Wizard Let administrator adjust time zone and promptly set up the Internet (PPPoE, PPTP, Static IP, DHCP)
User Administration RADIUS user administration for dial-in access (PPP/PPTP)
CLI (Command Line Interface, Telnet/SSH) Remotely administer computers via the telnet
DHCP Client/Relay/Server Provides an easy-to configure function for your local IP network
Dynamic DNS When you connect to your ISP, by broadband you are normally allocated an dynamic IP address. i.e. the public IP address your router is allocated changes each time you connect to the ISP. If you want to run a local server, remoter users cannot predict your current IP address to find you
Administration Access Control The password can be applied to authentication of administrators
Configuration Backup/Restore If the hardware breaks down, you can recover the failed system within an acceptable time. Through TFTP, the effective way is to backup and restore configuration between remote hosts
Port-based VLAN Create separate groups of users via segmenting each of the Ethernet ports. Hence, they can or can't communicate with users in other segments as required
Built-in Diagnostic Function Dial-out trigger, routing table, ARP cache table, DHCP table, NAT sessions table, data flow monitor, traffic graph, ping diagnosis, trace route
NTP Client/Call Scheduling The Vigor has a real time clock which can update itself from your browser manually or more conveniently automatically from an Internet time server (NTP). This enables you to schedule the router to dial-out to the Internet at a preset time, or restrict INternet access to certain hours. A schedule can also be applied to LAN-to-LAN profiles (VPN or direct dial) or some of the content filtering options
Firmware Upgrade via TFTP/HTTP/FTP Using the TFTP server and the firmware upgrade utility software, you may easily upgrade to the latest firmware whenever enhanced features are added
Remote Maintenance With Telnet/SSL, SSH (with password or public key), browser (HTTP/HTTPS). TFTP or SNMP, firmware upgrade via HTTP/HTTPS or TFTP
Wake On LAN A PC on LAN can be woken up from an idle/stand by state by the router it connects when it receives a special 'wake up' packet on its Ethernet interface
Logging via Syslog Syslog is a method of logging router activity
SNMP Management SNMP management via SNMP V2, MIB II
Bandwidth Management Traffic Shaping Dynamic bandwidth management with IP traffic shaping
Bandwidth Reservation Reserve minimum and maximum bandwidths by connection based or total data through send/receive directions
Packet Size Control Specify size of data packet
DiffServ Codepoint Classifying Priority queuing of packets based on DiffServ
4 Priority Levels (Inbound/Outbound) Prioritization in terms of Internet usage
Individual IP Bandwidth/Session Limitation Define session/bandwidth limitation based on IP address
Bandwidth Borrowing Transmission rates control of data services through packet scheduler
User-defined Class-based Rules More flexibility
Routing Functions Router IP and NetBIOS/IP-multi-protocol router
Advanced Routing and Forwarding Complete independent management and configuration of IP networks in the device, i.e. individual settings for DHCP, DNS, firewall, VLAN, routing, QoS etc
DNS DNS cache/proxy
DHCP DHCP client/relay/server
NTP NTP client, automatic adjustment for daylight-saving time
Policy-based Routing Based on firewall rules, certain data types are marked for specific routing, e.g. to particular remote sites or lines
Dynamic Routing It is with routing protocol of RIP v2. Learning and propagating routes; separate settings for WAN and LAN
Static Routing An instruction to re-route particular traffic through to another local gateway, instead of sending it onto the Internet with the rest of the traffic. A static route is just like a 'diversion sign' on a road
Content Security Management Featuring URL keyword filtering - whitelist or blacklist specific sites or keyword in URLs
Block web sites by category (subject to subscription)
Prevent accessing of web sites by using their direct IP address (thus URLs only)
Blocking automatic download of Java applets and Active X controls
Blocking of web site cookies
Block http downloads of file types (binary, compressed, multimedia)
Time schedules & exclusions for enabling/disabling these restrictions
Block P2P (Peer-to-Peer) file sharing programs (e.g. Kazaa, WinMX etc.)
Block Instant messaging programs (e.g. IRC, MSN/Yahoo Messenger)
Support Smart Monitor (Free & Optional Utility ) Network service analyze, User Management, System Management, System Management, Top10 ranking system, Up to 100 PC Users
Warranty 2-year limited warranty, technical support through e-mail and Internet FAQ/Application Notes
Firmware Upgrade Free Firmware upgrade form Internet
Declaration of Conformity
Temperature Operating : 0°C ~ 45°C
Storage : -25°C ~ 70°C
Humidity 10% ~ 90% ( non-condensing )
Max. Power 22 Watt
Dimension L273 * W166 * H44.6 ( mm )
Power AC 100~240V, 50/60Hz