Router Charts

Router Charts

Router Ranker

Router Ranker

Router Chooser

Router Chooser

NAS Charts

NAS Charts

NAS Ranker

NAS Ranker

More Tools

More Tools

Wireless Reviews

Features

The 2830n plus shares many features with the last Draytek we reviewed, the Vigor 2920. Although the 2920 was reviewed with 3.3.3.1 firmware. The current web demo running 3.3.6.1 firmware presents a feature set very similar to the 2830n plus'.

The table below, pulled from the 2830 plus' web page summarizes its feature set.

Multi-WAN Outbound Policy-based Load-balance
BoD (Bandwidth On Demand)
WAN Connection Fail-over
WAN Protocol ADSL2+ (WAN-1) DHCP Client
Static IP
PPPoE / PPPoA
BPA
Giga Ethernet (WAN-2) DHCP Client
Static IP
PPPoE
PPTP
L2TP
BPA
USB (WAN-3) PPP
VPN Up to 32 VPN Tunnels
Protocol : PPTP, IPSec, L2TP, L2TP over IPSec
Encryption : MPPE and Hardware-based AES / DES / 3DES
Authentication : MD5, SHA-1
IKE Authentication : Pre-shared Key and Digital Signature (X.509)
LAN-to-LAN, Teleworker-to-LAN
DHCP over IPSec
IPSec NAT-traversal (NAT-T)
Dead Peer Detection (DPD)
VPN Pass-through
VPN Wizard
mOTP
Firewall Multi-NAT / DMZ Host / Port-redirection / Open Port
Object-based Firewall
MAC Address Filter
SPI (Stateful Packet Inspection) (Flow Track)
DoS / DDoS Prevention
IP address Anti-spoofing
E-Mail Alert and Logging via Syslog
Bind IP to MAC Address
Time Schedule Control Firewall v3
Bandwidth Management QoS Guarantee Bandwidth for VoIP
Class-based Bandwidth Guarantee by User-Defined Traffic Categories
DiffServ Code Point Classifying
4-level Priority for Each Direction (Inbound / Outbound)
Bandwidth Borrowed
Bandwidth / Session Limitation
Layer-2 (802.1 p) and Layer-3 (TOS/DSCP) QoS Mapping
CSM (Content Security Management) IM/P2P Application V3 (App Enforcement)
GlobalView Web Content Filter (Powered by Commtouch)
User Management
URL Content Filter URL Keyword Blocking (Whitelist and Blacklist)
Java Applet, Cookies, Active X, Compressed, Executable, Multimedia File Blocking
Excepting Subnets
Time Schedule Control
Network Feature Packet Forwarding Acceleration
DHCP Client / Relay / Server
IGMP Version 2 and Version 3
Dynamic DNS
NTP Client
Call Scheduling
RADIUS Client
DNS Cache/Proxy
UPnP 30 sessions
Multiple Subnets
VLAN Tagging (802.1q) on LAN
Routing Protocol Static Routing
RIP V2
USB 3.5G/4G * as WAN - 3
Printer Sharing
File System Support FAT32/FAT16 File System
Support FTP Function for File Sharing
Network Management Web-based User Interface (HTTP / HTTPS)
Quick Start Wizard
CLI (Command Line Interface , Telnet / SSH)
Administration Access Control
Configuration Backup / Restore
Built-in Diagnostic Function
Firmware Upgrade via TFTP / FTP / HTTP / TR-069
Logging via Syslog
SNMP Management MIB-II
Management Session Time Out
2-level Management (Admin/User Mode)
TR-069
TR-104
Switch Port-based VLAN
Triple-Play Application
IGMP Snooping
Tag-based (802.1 q) VLAN
Layer-2 (802.1 p) QoS
Table 1: Vigor 2830n plus feature set

It's hard to tell whether the 2830n plus brings additional routing features to the party over the 2920, since the downloadable product matrix doesn't include the 2830 and the online spec sheets have slightly different formats. But given the design and firmware similarities, it appears that routing and VPN feature sets are essentially the same, with both products supporting a total of 32 site-to-site and client-to-gateway tunnels that can be mixes of PPTP, IPSec, L2TP and L2TP over IPSec.

One difference I could find by comparing the 2920 and 2830n online simulators was the 2830's WAN > Multi-PVC menu (Figure 4) vs. the 2920's WAN > Multi-VLAN menu (Figure 5). (PVCs [Permanent Virtual Circuit] are used in ATM networks.)

Vigor 2830 Multi-PVC menu

Figure 4: Vigor 2830 Multi-PVC menu

I think this difference is primarily due to the 2830's ADSL2+ modem.

Vigor 2920 Multi-VLAN menu

Figure 5: Vigor 2920 Multi-VLAN menu

It also looks like Draytek has granted Doug's wish for 802.1q VLAN tagging (Figure 6). The 3.3.6.1 2920 firmware also expands the number of VLANs to 8 and enables SSID's to be assigned to VLANs, but doesn't support tagging on the LAN side.

2830 VLAN with tagging

Figure 6: 2830 VLAN with tagging

The 2830 supports three WAN connections, but only one each of Gigabit Ethernet, ADSL2+ and USB WWAN. The three connections can be configured for fail-over, "Outbound Policy-based Load-balance" and bandwidth-on-demand modes. I didn't check any of these modes since Doug did a good job of that in the 2920 review. While you're over there, you might as well read through the rest of the feature details, since the 2830 supports them too.

I asked Draytek about jumbo frame support because there aren't any controls visible in the Web GUI. The answer was that they are supported, but you still need to set them up via the command line interface as Doug described.

The 2830's Firewall features use the same hierarchical model, i.e. creating Objects and Profiles and then applying them to Rules. The menus are the same—NAT, Firewall, Objects, Users and Content Security Management (CSM.)—but I found a subtle difference in the NAT menu.

Figure 7 shows the Address Mapping page that is not present in the 2830n. This menu appears to support mapping multiple WAN IP addresses to internal LAN subnet ranges. But I say appears, because the feature isn't described in the 2920 User Guide that I downloaded.

2920 Address mapping menu

Figure 7: 2920 Address mapping menu

All the other Firewall-related menus appear to be the same, including the ability to activate subscription-based content filtering. You get a free 30 day trial of the CommTouch service when you register your new router. But after 30 days, the subscription costs $95 - $110 / year.

Doug liked the logging features better than I did, probably because he used the free syslog server software that you can download from Draytek. I tried to view logs via the web GUI, which first involved a trip to the System Maintenance > SysLog / Mail Alert page to enable syslog and point it to the 2830 itself. I then hit the Diagnostics > Web Firewall Syslog page (not present in the 2920) to view the log. Figure 8 shows the log from a successful L2TP / IPsec client connection as an example.

Example log

Figure 8: Example log

But I wouldn't recommend this method. Each time I changed the Syslog Type dropdown, the log appeared to be cleared rather than just filtered. And this log method was no help in diagnosing failed VPN connects. I asked Draytek about this and they said the best approach is to use the Syslog tool.

The other tools in the Diagnostics menu that Doug liked in the 2920 (route table, arp cache, DHCP table, and NAT sessions, ping and traceroute tool) are also found in the 2830, along with the data flow monitor and traffic graph (Figure 9).

Traffic graph

Figure 9: Traffic graph

More Wireless

Amazon Top-Selling Wireless Routers

Top Performing Routers

AC2350
AC1900
AC1750
AC1200
N600

Top Performing NASes

1 drive
2 drives
4 drives
6 drives
8 drives