SmallNetBuilder

Follow SmallNetBuilder
Follow SmallNetBuilder on TwitterConnect On Facebook Google+Get the SmallNetBuilder RSS Feed
You are here: Wireless Wireless Reviews Draytek Vigor 2830n plus Dual-WAN ADSL2/2+ Security Firewall Reviewed - Features

Draytek Vigor 2830n plus Dual-WAN ADSL2/2+ Security Firewall Reviewed - Features

Print E-mail
<< Prev - Page 2 of 4 - Next >>

Features

The 2830n plus shares many features with the last Draytek we reviewed, the Vigor 2920. Although the 2920 was reviewed with 3.3.3.1 firmware. The current web demo running 3.3.6.1 firmware presents a feature set very similar to the 2830n plus'.

The table below, pulled from the 2830 plus' web page summarizes its feature set.

Multi-WAN Outbound Policy-based Load-balance
BoD (Bandwidth On Demand)
WAN Connection Fail-over
WAN Protocol ADSL2+ (WAN-1) DHCP Client
Static IP
PPPoE / PPPoA
BPA
Giga Ethernet (WAN-2) DHCP Client
Static IP
PPPoE
PPTP
L2TP
BPA
USB (WAN-3) PPP
VPN Up to 32 VPN Tunnels
Protocol : PPTP, IPSec, L2TP, L2TP over IPSec
Encryption : MPPE and Hardware-based AES / DES / 3DES
Authentication : MD5, SHA-1
IKE Authentication : Pre-shared Key and Digital Signature (X.509)
LAN-to-LAN, Teleworker-to-LAN
DHCP over IPSec
IPSec NAT-traversal (NAT-T)
Dead Peer Detection (DPD)
VPN Pass-through
VPN Wizard
mOTP
Firewall Multi-NAT / DMZ Host / Port-redirection / Open Port
Object-based Firewall
MAC Address Filter
SPI (Stateful Packet Inspection) (Flow Track)
DoS / DDoS Prevention
IP address Anti-spoofing
E-Mail Alert and Logging via Syslog
Bind IP to MAC Address
Time Schedule Control Firewall v3
Bandwidth Management QoS Guarantee Bandwidth for VoIP
Class-based Bandwidth Guarantee by User-Defined Traffic Categories
DiffServ Code Point Classifying
4-level Priority for Each Direction (Inbound / Outbound)
Bandwidth Borrowed
Bandwidth / Session Limitation
Layer-2 (802.1 p) and Layer-3 (TOS/DSCP) QoS Mapping
CSM (Content Security Management) IM/P2P Application V3 (App Enforcement)
GlobalView Web Content Filter (Powered by Commtouch)
User Management
URL Content Filter URL Keyword Blocking (Whitelist and Blacklist)
Java Applet, Cookies, Active X, Compressed, Executable, Multimedia File Blocking
Excepting Subnets
Time Schedule Control
Network Feature Packet Forwarding Acceleration
DHCP Client / Relay / Server
IGMP Version 2 and Version 3
Dynamic DNS
NTP Client
Call Scheduling
RADIUS Client
DNS Cache/Proxy
UPnP 30 sessions
Multiple Subnets
VLAN Tagging (802.1q) on LAN
Routing Protocol Static Routing
RIP V2
USB 3.5G/4G * as WAN - 3
Printer Sharing
File System Support FAT32/FAT16 File System
Support FTP Function for File Sharing
Network Management Web-based User Interface (HTTP / HTTPS)
Quick Start Wizard
CLI (Command Line Interface , Telnet / SSH)
Administration Access Control
Configuration Backup / Restore
Built-in Diagnostic Function
Firmware Upgrade via TFTP / FTP / HTTP / TR-069
Logging via Syslog
SNMP Management MIB-II
Management Session Time Out
2-level Management (Admin/User Mode)
TR-069
TR-104
Switch Port-based VLAN
Triple-Play Application
IGMP Snooping
Tag-based (802.1 q) VLAN
Layer-2 (802.1 p) QoS
Table 1: Vigor 2830n plus feature set

It's hard to tell whether the 2830n plus brings additional routing features to the party over the 2920, since the downloadable product matrix doesn't include the 2830 and the online spec sheets have slightly different formats. But given the design and firmware similarities, it appears that routing and VPN feature sets are essentially the same, with both products supporting a total of 32 site-to-site and client-to-gateway tunnels that can be mixes of PPTP, IPSec, L2TP and L2TP over IPSec.

One difference I could find by comparing the 2920 and 2830n online simulators was the 2830's WAN > Multi-PVC menu (Figure 4) vs. the 2920's WAN > Multi-VLAN menu (Figure 5). (PVCs [Permanent Virtual Circuit] are used in ATM networks.)

Vigor 2830 Multi-PVC menu

Figure 4: Vigor 2830 Multi-PVC menu

I think this difference is primarily due to the 2830's ADSL2+ modem.

Vigor 2920 Multi-VLAN menu

Figure 5: Vigor 2920 Multi-VLAN menu

It also looks like Draytek has granted Doug's wish for 802.1q VLAN tagging (Figure 6). The 3.3.6.1 2920 firmware also expands the number of VLANs to 8 and enables SSID's to be assigned to VLANs, but doesn't support tagging on the LAN side.

2830 VLAN with tagging

Figure 6: 2830 VLAN with tagging

The 2830 supports three WAN connections, but only one each of Gigabit Ethernet, ADSL2+ and USB WWAN. The three connections can be configured for fail-over, "Outbound Policy-based Load-balance" and bandwidth-on-demand modes. I didn't check any of these modes since Doug did a good job of that in the 2920 review. While you're over there, you might as well read through the rest of the feature details, since the 2830 supports them too.

I asked Draytek about jumbo frame support because there aren't any controls visible in the Web GUI. The answer was that they are supported, but you still need to set them up via the command line interface as Doug described.

The 2830's Firewall features use the same hierarchical model, i.e. creating Objects and Profiles and then applying them to Rules. The menus are the same—NAT, Firewall, Objects, Users and Content Security Management (CSM.)—but I found a subtle difference in the NAT menu.

Figure 7 shows the Address Mapping page that is not present in the 2830n. This menu appears to support mapping multiple WAN IP addresses to internal LAN subnet ranges. But I say appears, because the feature isn't described in the 2920 User Guide that I downloaded.

2920 Address mapping menu

Figure 7: 2920 Address mapping menu

All the other Firewall-related menus appear to be the same, including the ability to activate subscription-based content filtering. You get a free 30 day trial of the CommTouch service when you register your new router. But after 30 days, the subscription costs $95 - $110 / year.

Doug liked the logging features better than I did, probably because he used the free syslog server software that you can download from Draytek. I tried to view logs via the web GUI, which first involved a trip to the System Maintenance > SysLog / Mail Alert page to enable syslog and point it to the 2830 itself. I then hit the Diagnostics > Web Firewall Syslog page (not present in the 2920) to view the log. Figure 8 shows the log from a successful L2TP / IPsec client connection as an example.

Example log

Figure 8: Example log

But I wouldn't recommend this method. Each time I changed the Syslog Type dropdown, the log appeared to be cleared rather than just filtered. And this log method was no help in diagnosing failed VPN connects. I asked Draytek about this and they said the best approach is to use the Syslog tool.

The other tools in the Diagnostics menu that Doug liked in the 2920 (route table, arp cache, DHCP table, and NAT sessions, ping and traceroute tool) are also found in the 2830, along with the data flow monitor and traffic graph (Figure 9).

Traffic graph

Figure 9: Traffic graph



Related Items:

SmallNetBuilder Giveaway Results: Draytek Vigor 2830n plus
SmallNetBuilder Giveaway: Draytek Vigor 2830n plus
New To The Charts: Draytek Vigor 2910G Dual-Wan Wireless Router
Draytek Vigor 2130n Reviewed
Draytek Vigor 2920 Reviewed

User reviews

Average user rating from: 1 user(s)

NOTE! Please post product reviews from actual experience only.
Questions, review comments and opinions about products not based on actual use will not be published.

User Rating    [Back to Top]
Overall: 
 
4.7 Features :
 
5.0 Performance :
 
4.0 Reliability :
 
5.0
 
Ratings (the higher the better)
Features*
 
Performance*
 
Reliability*
 
Comments*
    Please enter the security code.
 
 

Excellent review of Draytek Vigor 2830n plus

Overall rating: 
 
4.7
Features:
 
5.0
Performance:
 
4.0
Reliability:
 
5.0
Reviewed by Keith W.
July 20, 2011
Report this review
 

Excellent review Tim!

I've been looking at getting one of the Draytek 2830Vn-plus routers for a customers application.

One quick note, the Draytek . US site / folks have stopped selling and supporting Draytek products.

I've been speaking a nice fellow ( Alfredo ) over at DSL-Warehouse.com. They seem to be the new U.S. distribution for Draytek. I was told that they do support the products. I've also talked with one of DSL-Warehouse's engineers concerning the application I'm working on, he was very helpful and didn't turn into a ' Sales Guy ' during our conversation.

Thanks again for excellent review!!

Keith

 
 

Amazon Top-Selling Wireless Routers