session 1 & 2 draytek training at abp technology - enabling ip connectivity
DESCRIPTION
Presentations 1 & 2 by Henry Lo, Technical Engineer of DrayTek and Henry Castillo, Technical Director of ABP Technology at DrayTek Training held 2/25/14 and 2/26/14 at ABP Technology. Sessions 1 & 2 include multi-WAN, LAN, VLAN, load balancing, route policy. Information on future DrayTek training events and webinars can be found at http://www.abptech.com/info/registration/draytek_info.htmlTRANSCRIPT
![Page 1: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/1.jpg)
Session 1 Enabling IP Connectivity
Henry&Lo&&Field&Application&Engineer
These&are&NOT&confidential&sessions&–&please&DO&consider&to&streaming,&blogging,&or&taking&pictures&
![Page 2: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/2.jpg)
Multi-WANs LAN / VLAN
VPN Load-Balance/Route Policy
![Page 3: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/3.jpg)
Multi-WANs LAN / VLAN
VPN Load-Balance/Route Policy
![Page 4: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/4.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 5: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/5.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 6: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/6.jpg)
Why Need Dual/Multi WANs
• Load&Balance&• Good&Backup&• Multi&Service&
– Internet&– IPTV&– Management&– VoIP
![Page 7: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/7.jpg)
Why Need Dual/Multi WANs
• Load!Balance
![Page 8: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/8.jpg)
• 4&Mechanisms&for&WAN&Load&Balance&
-CAH,&cached&-BAL,&balanced&-DNS&-Policy
Why Need Dual/Multi WANs
![Page 9: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/9.jpg)
Why need Dual/Multi WANs
• Good&Backup
![Page 10: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/10.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 11: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/11.jpg)
Multi VLAN Usage
![Page 12: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/12.jpg)
Multi VLAN Usage
![Page 13: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/13.jpg)
Multi VLAN Usage
![Page 14: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/14.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 15: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/15.jpg)
Supported WAN Interfaces
• Ethernet&WAN&(10/100/1000BaseQTx,)&• xDSL&&
– ADSL,&ADSL2/2+&– VDSL2&
• USB&3G/4G&dongle&• Fiber
![Page 16: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/16.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 17: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/17.jpg)
Internet Access Mode
• PPPoE/PPPoA&• MPoA&• Static&or&Dynamic&IP&• PPTP&or&L2TP&• 3G/4G&modem&PPP/DHCP&mode
![Page 18: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/18.jpg)
Internet Access Mode
• IPv6&!
!
!
!
!
!
• How&to&Configure&WAN&for&IPv6&Service&– http://www.draytek.com.tw/index.php?option=com_k2&view=item&id=1809&Itemid=293&lang=en
![Page 19: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/19.jpg)
Outline
• Why&Need&Dual/Multi&WANs&• Multi&VLAN&Usage&• Supported&WAN&Interfaces&&• Internet&Access&Mode&• WAN&Budget&Limit&• Trouble&Shooting
![Page 20: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/20.jpg)
WAN Budget Limit
• Set&Budget&• Budge&Refresh&Time&• Action
![Page 21: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/21.jpg)
• SMS/Mail&Alert&– Set&SMS/Mail&Object&and&Notification&Object
– Include&Notification&Object&into&SMS/Mail&Alert
WAN Budget Limit
![Page 22: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/22.jpg)
Trouble Shooting
• Capture&online&status&page&• Capture&low&–wt&
– http://www.draytek.com.tw/index.php?option=com_k2&view=item&id=2060&Itemid=296&lang=en&
• Capture&WAN&packet&– http://www.draytek.com.tw/index.php?option=com_k2&view=item&id=2059&Itemid=296&lang=en&
• Capture&the&WAN&Setup&Page.
![Page 23: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/23.jpg)
Multi-WANs LAN / VLAN
VPN Load-Balance/Route Policy
![Page 24: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/24.jpg)
Outline
• Multi&LAN&Subnets/VLAN&- PortQBased&- TagQBased&- InterQLAN&Routing&
• LAN&Subnet&for&NAT/Routing&Usage&• Retrieve&DHCP&Lease&Periodically&• IP&Routed&Subnet
![Page 25: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/25.jpg)
Outline
• Multi&LAN&Subnets/VLAN&- PortQBased&- TagQBased&- InterQLAN&Routing&
• LAN&Subnet&for&NAT/Routing&Usage&• Retrieve&DHCP&Lease&Periodically&• IP&Routed&Subnet
![Page 26: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/26.jpg)
Multi LAN Subnets/VLAN
• The&initial&status
![Page 27: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/27.jpg)
Multi LAN Subnets/VLAN
• PortQBased
![Page 28: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/28.jpg)
• TagQBased
Multi LAN Subnets/VLAN
![Page 29: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/29.jpg)
Multi LAN Subnets/VLAN• A&hybrid&example&- P1&in&LAN1&for&Administrator&management&
- P2,&P3,&P4&in&LAN2&for&3&Dept,&and&are&isolated&from&each&other&
- P5&in&LAN1&for&internal&server&
- P6&in&LAN3&for&Guest&usage
![Page 30: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/30.jpg)
Multi LAN Subnets/VLAN
• Enable&LAN2,&LAN3
• Enable&InterQLAN&Routing
![Page 31: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/31.jpg)
Outline
• Multi&LAN&Subnets/VLAN&- PortQBased&- TagQBased&- InterQLAN&Routing&
• LAN&Subnet&for&NAT/Routing&Usage&• Retrieve&DHCP&Lease&Periodically&• IP&Routed&Subnet&
![Page 32: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/32.jpg)
NAT/Routing Usage
• Choose&NAT/Routing&for&LAN&Subnet&– LAN1&is&always&NATed&
![Page 33: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/33.jpg)
Outline
• Multi&LAN&Subnets/VLAN&- PortQBased&- TagQBased&- InterQLAN&Routing&
• LAN&Subnet&for&NAT/Routing&Usage&• Retrieve&DHCP&Lease&Periodically&• IP&Routed&Subnet&
![Page 34: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/34.jpg)
Retrieve DHCP Lease Periodically
• Retrieve&IP&only&from&Inactive&Clients&&- Active&when&available&IP&less&than&30&&- Send&ARP&Request&every&60&seconds&- Retrieve&IP&if&no&ARP&Reply&
![Page 35: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/35.jpg)
Outline
• Multi&LAN&Subnets/VLAN&- PortQBased&- TagQBased&- InterQLAN&Routing&
• LAN&Subnet&for&NAT/Routing&Usage&• Retrieve&DHCP&Lease&Periodically&• IP&Routed&Subnet&
![Page 36: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/36.jpg)
IP Routed Subnet
• LAN&PC&will&get&public&IP&Address&directly&&– No&NAT&will&be&applied
• Set&Start&IP/Pool&• Set&LAN&Port/Bind&MAC
![Page 37: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/37.jpg)
Multi-WANs LAN / VLAN
VPN Load-Balance/Route Policy
![Page 38: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/38.jpg)
Outline
• Supported&VPN&Protocol&• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&• Special&VPN&Application&
![Page 39: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/39.jpg)
Outline
• Supported&VPN&Protocol&• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&• Special&VPN&Application&
![Page 40: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/40.jpg)
Supported VPN Protocol
• PPTP&(TCP&1723)&• L2TP&(UDP&1701)&• IPsec&(UDP&500)&• L2TP&over&IPsec&• SSL&VPN&(TCP&443)&• mOTP&!
![Page 41: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/41.jpg)
How Many VPN Tunnel does Vigor Support
Vigor!Model !IPsec/PPTP/L2TP SSL
Vigor2110 2 N/A
Vigor2130 2 N/A
Vigor2912 16 N/A
Vigor2920 32 N/A
Vigor2925 25 25
Vigor2930 100 30
Vigor2950 200 10
Vigor2960 200 20
&&&&&&&&&&&&Vigor3200&Series 64 10
&&&&&&&&&&&&Vigor3300&Series 200 NA
Vigor3900 500&(PPTP/L2TP&200) 20
![Page 42: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/42.jpg)
How Many VPN Tunnel does Vigor Support
Vigor!Model IPsec/PPTP/L2TP SSL
Vigor2710 2 N/A
Vigor2760 2 N/A
Vigor2830 32 10
Vigor2850 32 10
Vigor2860 32 10
![Page 43: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/43.jpg)
Outline
• Supported&VPN&Protocol&• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&• Special&VPN&Application&
![Page 44: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/44.jpg)
Outline• Supported&VPN&Protocol&
• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&
- LAN&To&LAN&- Host&To&LAN&- SSL&VPN&- VPN&Trunk&
• Special&VPN&Application&
![Page 45: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/45.jpg)
Outline• Supported&VPN&Protocol&
• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&
- LAN&To&LAN&- Host&To&LAN&- SSL&VPN&- VPN&Trunk&
• Special&VPN&Application&
![Page 46: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/46.jpg)
LAN to LAN
172.17.1.0/24 192.168.1.0/24
• Remote&Office&• Dial&Out&!
• Main&Office&• Dial&In&!
![Page 47: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/47.jpg)
![Page 48: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/48.jpg)
![Page 49: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/49.jpg)
![Page 50: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/50.jpg)
• Use&with&caution!Only&this&remote&IP&will&be&eligible!&
• Drop&the&rests&!
![Page 51: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/51.jpg)
Outline• Supported&VPN&Protocol&
• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&
- LAN&To&LAN&- Host&To&LAN&- SSL&VPN&- VPN&Trunk&
• Special&VPN&Application&
![Page 52: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/52.jpg)
Host to LAN
• Client&site&OS&could&be&– Windows&(may&use&Smart&VPN&
client)&– Mac&OS/iOS&– Android&– Ubuntu&
![Page 53: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/53.jpg)
![Page 54: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/54.jpg)
Outline• Supported&VPN&Protocol&
• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&
- LAN&To&LAN&- Host&To&LAN&- SSL&VPN&- VPN&Trunk&
• Special&VPN&Application&
![Page 55: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/55.jpg)
VPN Trunk-Load Balance
![Page 56: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/56.jpg)
VPN Trunk-Backup
![Page 57: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/57.jpg)
![Page 58: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/58.jpg)
![Page 59: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/59.jpg)
Outline
• Supported&VPN&Protocol&• How&Many&Tunnels&does&Vigor&Support&• VPN&Application&• Special&VPN&Application&
![Page 60: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/60.jpg)
Outline• Supported&VPN&Protocol&
• How&Many&Tunnels&does&Vigor&Support&
• VPN&Application&• Special&VPN&Application&
- Change&Default&Route&to&this&VPN&Tunnel&- Apply&VPN&Tunnel&into&L/B&Policy&- VPN&Backup&when&Specified&WAN&Drops&- Packets&Trigger&to&Establish&the&VPN&Tunnel&- Add&more&Network&into&Phase&2&SA&
![Page 61: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/61.jpg)
Change Default Route to VPN tunnel
• Enable&VPN&default&route&• Go&via&VPN&tunnel&for&
localized&service
![Page 62: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/62.jpg)
Apply VPN Tunnel as Interface for L/B Policy
• How&to&Use&LoadQBalance/Route&Policyhttp://www.draytek.com.tw/index.php?option=com_k2&view=item&id=5181&Itemid=293&lang=en
![Page 63: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/63.jpg)
VPN Backup when Specified WAN Down
![Page 64: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/64.jpg)
Add More Network into Phase2 SA
![Page 65: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/65.jpg)
Multi-WANs LAN / VLAN
VPN Load-Balance/Route Policy
![Page 66: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/66.jpg)
Outline
• How&does&it&Work&– When&matching&criteria,&send&via&the&route&
• What&does&it&Do&– 2&real&usage&examples&
• Trouble&Shooting&– Ping&/&Trace&Route&
• Application&Note
![Page 67: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/67.jpg)
Outline
• How&does&it&Work&– When&matching&criteria,&send&via&the&route&
• What&does&it&Do&– 2&real&usage&examples&
• Trouble&Shooting&– Ping&/&Trace&Route&
• Application&Note
![Page 68: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/68.jpg)
How does it Work (1/3)
• Set&Criteria&- Protocol&- Source&IP&- Dest&IP&- Dest&Port&
• Set&the&Route&- Interface&- Gateway&- NAT&or&Routing
![Page 69: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/69.jpg)
How does it Work (2/3)
• Protocol&- TCP&- UDP&- ICMP&
• Source&IP&• Dest&IP&• Dest&Port
![Page 70: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/70.jpg)
• Interface&- WAN/Virtual&WAN&- LAN&- VPN&
• Gateway&- Default&- Specified&
• Do&NAT&or&Routing&- NAT&is¬&applicable&for&LAN&and&VPN
How does it Work (3/3)
![Page 71: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/71.jpg)
Outline
• How&does&it&Work&– When&matching&criteria,&send&via&the&route&
• What&does&it&Do&– 2&real&usage&examples&
• Trouble&Shooting&– Ping&/&Trace&Route&
• Application&Note
![Page 72: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/72.jpg)
What does it Do
• Choose&VPN&tunnel&for&certain&destinations(Jump)&– Surf&facebook&– Watch&Netflix&
• Choose&WAN&interface&for&certain&destinations&– WAN1&for&Public&VoIP&and&data,&NAT&– WAN5&for&Private&VoIP,&Routing
![Page 73: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/73.jpg)
What does it Do
• Choose&VPN&tunnel&for&certain&destinations(Jump)&– Surf&facebook&– Watch&Netflix&
• Choose&WAN&interface&for&certain&destinations&– WAN1&for&Public&VoIP&and&data,&NAT&– WAN5&for&Private&VoIP,&Routing
![Page 74: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/74.jpg)
VPN to Remote Server
• Scenario&• Find&the&Destination&IP&Range&• Configuration&• Confirm&the&Routing
![Page 75: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/75.jpg)
Scenario
• Go&via&VPN&tunnel&for&Netflix&and&facebook
![Page 76: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/76.jpg)
Find the Destination IP Range
• ping&/&nslookup
• whois
![Page 77: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/77.jpg)
Configuration
• Dest&IP&• Interface
![Page 78: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/78.jpg)
Confirm the Routing
• Use&tracert&/&traceroute&to&confirm&routing
• First&Hop:&LAN&Gateway&• Second&Hop:&VPN&Gateway&
![Page 79: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/79.jpg)
What does it Do
• Choose&VPN&tunnel&for&certain&destinations(Jump)&– Surf&facebook&– Watch&Netflix&
• Choose&WAN&interface&for&certain&destinations&– WAN1&for&Public&VoIP&and&data,&NAT&– WAN5&for&Private&VoIP,&Routing
![Page 80: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/80.jpg)
WAN5 for Private VoIP
• Scenario&• Rules&Overview&• Configuration&
– Public&server&via&WAN1&– DNS&via&WAN1&– Private&server&via&WAN5&
• Confirm&the&Routing
![Page 81: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/81.jpg)
Scenario
INTERNET
Private
• LAN1&for&PC&
• LAN2&for&IP&Phones&
• Data&via&WAN1&
IP Phones
SIP / PPBX
10.20.10.1/24
PVC1
• VoIP&to&Public&Server&via&WAN1&- May&require&DNS&lookup
• VoIP&to&Private&Server&via&WAN5&
External SIP Server!iptel.org!
217.9.36.145!
Internal SIP Server!Vigor2820 IPPBX!
192.168.11.1!
PVC1, WAN1 : 111.248.121.156 Gateway: 168.95.98.254
PVC2, WAN5 : 192.168.11.13 Gateway: 192.168.11.1
LAN 1 / NAT!
PC 1A!192.168.1.1/24
PVC1
PVC2
![Page 82: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/82.jpg)
Rules Overview
• VoIP&to&Public&Server&via&WAN1,&NAT
• DNS&lookup&via&WAN1,&NAT
• VoIP&to&Private&Server&via&WAN5,&Routing
• Unspecified&traffics&via&WAN1,&NAT
![Page 83: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/83.jpg)
External Server via WAN1
• Source&IP&– IP&phones
• Dest&IP&– Iptel.org
• Interface&– WAN1
• Force&NAT
![Page 84: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/84.jpg)
DNS via WAN1
• DNS&&– UDP&53
• Interface&&– WAN1
• Force&NAT
![Page 85: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/85.jpg)
Private Server via WAN5
• Source&IP&– IP&phones
• Dest&IP&– Any&except&iptel
• Interface&– WAN5
• Routing
![Page 86: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/86.jpg)
Confirm the Routing
• LAN1&PC&tracert&/&traceroute&to&8.8.8.8
• LAN2&IP&phone&tracert&/&traceroute&to&8.8.8.8&
• LAN2&IP&phone&traceroute&to&another&IP&phone&
![Page 87: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/87.jpg)
Trouble Shooting
• Use&ping&/&tracert&to&confirm&the&routing&• Respect&the&first&matched&ruleIgnore&the&rests&
• Firewall&>&InterQLAN&routing&>&LoadQBalance/Route&Policy&>&Static&Route
![Page 88: Session 1 & 2 DrayTek Training at ABP Technology - Enabling IP Connectivity](https://reader033.vdocuments.net/reader033/viewer/2022052506/557cb205d8b42a1b0c8b45a2/html5/thumbnails/88.jpg)
Application Note
• How&to&use&LoadQBalance/Route&Policy?&– http://www.draytek.com.tw/index.php?option=com_k2&view=item&id=5181&Itemid=293&lang=en