- 1 x Gigabit Ethernet/SFP combo WAN port
- 1 x Gigabit Ethernet WAN port
- Multi-WAN Load Balancing & Failover
- 4 x Gigabit PoE Ethernet LAN ports with 60,000 NAT sessions
- Complies with 802.3at Power over Ethernet Plus
- Supports PoE power up to 30 watts for each port
- Total PoE power budget up to 60 watts
- 1 x USB port (USB3.0) support 3G/4G LTE mobile broadband access
- 100 x VPN and 50 x SSL-VPN tunnels with Central VPN Management, VPN Load Balance and Redundancy
- High Availability Mode
- Object-oriented Firewall with Content Security Management (CSM)
- IPv6 & IPv4
- Comprehensive QoS features
- Multi subnet WAN/LAN through 802.1Q
- 1 x USB port (USB2.0) support file sharing, external storage, network printer or thermometer
- Central AP Management (up to 30 Access Points)
- Central Switch Management (up to 10 Switches)
- Smart Monitor Traffic Analyzer (up to 100 nodes)
- Works with VigorACS SI management system
- 2 years back to base warranty
The Vigor2952P Dual-WAN broadband router features a Gigabit Ethernet WAN interface and a Gigabit Ethernet/SFP combo port for Optic Fibre or Gigabit Ethernet WAN connection. It also features 4 Gigabit Ethernet LAN ports as well as comprehensive Firewall and VPN capabilities. With 2 Ethernet WAN ports, this router is fit for technology types FTTP, HFC, Satellite and Direct Wireless deployed by NBN in Australia and UFB in New Zealand.
The Dual-WAN and 3G/4G capacity with Load Balance and Failover allow for ﬂexible and secure Internet access options. In addition, features such as the Object-oriented SPI Firewall, comprehensive 100 VPN tunnels, and Gigabit LAN speed, make this router an ideal solution for SOHO to business applications.
The Vigor2952P router is a PoE capable router with 4 x PoE LAN ports providing a total of 60 Watts of power, and is an ideal solution where PoE devices such as Wireless Access Points or IP cameras are deployed on the network.
The Central Management features provide a centralized console to manage your network. This includes: AP Management to conﬁgure and to manage up to 20 DrayTek Access Points, VPN Management to conﬁgure and to manage up to 8 VPN tunnels and Switch Management to conﬁgure and to manage up to 10 DrayTek switches.
The Smart Monitor traffic analyzer can be used with Vigor2952P to record and report network traffic and activity, improving network efficiency and security. Up to 100 nodes can be monitored using Smart Monitor.
This router comes with a metal housing and can be easily rack mounted in a standard 19” rack or cabinet.
Dual-WAN with 2 x Gigabit Ethernet WAN ports (WAN 1 selectable for SFP port), plus 2 x USB ports for Load Balancing & Failover
Vigor2952P – Power over Ethernet (PoE) Function
1. WAN Connectivity
The Vigor2952 router supports 2 types of WAN Interfaces: 2 x Gigabit Ethernet WAN interfaces and the USB port 2 (USB2) for 3G/4G mobile dongles. You can set WAN 1 to be a Gigabit Ethernet port, or a SFP port to accommodate an optic fibre module for fibre installations.
With between 2 to 4 WAN interfaces connected, you can configure for Load Balancing or Failover. For example, you can use WAN 1 as your primary Internet connection and have a failover connection over a 4G LTE connection.
2. Power over Ethernet
The Power over Ethernet (PoE) feature in the router eliminates the need to install separate PoE injectors or switches when only a few PoE powered devices need to be installed in the network. Up to 4 PoE devices such as Wireless Access Points or IP cameras or other PoE enabled devices can be placed anywhere in the premises without the need to install a power point nearby. Power is supplied over the UTP data cabling.
3. LAN and VLAN
The Vigor2952 has 4 x Gigabit LAN ports and supports up to 60,000 NAT sessions.
The Vigor2952 supports both port-based and 802.1q tagged VLANs. Port based VLANs allow the assignment of a VLAN and IP subnet to each router LAN port. On the other hand, 802.1q tagged VLANs can extend up to 8 VLANs and 8 IP subnets to an attached switch port.
4. Quality of Service (QoS)
QoS functions allow the network administrators to set priorities for certain types of traffic to guarantee the required level of performance for data flow. For example real-time traffic such as VoIP or Video Conferencing can be prioritised as these have less tolerance over delays caused by network congestion.
A traffic type can be assigned to each of the three QoS classes and have bandwidth pre-allocated and reserved.
The Vigor2952 has powerful firewall features including: object-oriented SPI (Stateful Packet Inspection) firewall, DoS (Denial of Services), CSM (Content Security Management), and WCF (Web Content Filter).
SPI Firewall monitors incoming and outgoing packets at Layer 3 (OSI model) and passes or blocks the data packets based on the configuration.
The DoS feature protects the network for malicious access requests from DoS attacks.
CSM enables network administrators to control and manage IM (Instant Messenger) and P2P (Peer-to-Peer) applications. For instance, you can stop network users from accessing inappropriate contents, or ensure that network traffic is not affected by undesirable or unauthorized P2P downloads.
WCF classifies all websites on the Internet into 64 categories, and allows network administrators to select categories to protect the users from undesirable website content. DrayTek uses the CYREN WCF database for its Vigor routers, and each router includes a free 30 day trial license.
The object-based firewall provides flexibility by using Objects in the firewall settings. Objects can be created and placed in groups by IP, service type, keyword, file extension, etc. This allows a filter rule to be applied to many IP addresses, reducing number of firewall filters required. In addition, these objects and groups can be reused for other firewall settings resulting in reduced amount of work required to create multiple firewall rules.
Firewall rules can be applied according to a Time Schedule to control access to the Internet or network services according to predetermined time slots. Up to 4 time schedules can be applied to each firewall filter rule. For example social media can be restricted during work hours and be allowed during off work hours in a company.
6. VPN & SSL-VPN
Vigor2952 supports up to 100 simultaneous VPN tunnels of common protocols such as IPSec/PPTP/L2TP, and 50 tunnels of SSL VPN protocol. The dedicated VPN co-processor supports the hardware encryption of AES/DES/3DES, hardware key hash of SHA-1/MD5, and LDAP authentication, and ensures that VPN traffic is secure and performance is maximised.
The SSL technology allows secure Web encryption such as those used for on-line banking. With Vigor2952, you can create SSL VPN in Full Tunnel mode or Proxy mode.
Furthermore, since the Vigor2952 supports multiple Ethernet and 3G/4G WANs, you can create VPN Trunking for VPN Load Balance and VPN Backup. For instance, you can use a number of connections to a site to increase the bandwidth, or have a backup connection when the primary connection fails.
7. Central VPN Management
Instead of normal method for VPN connection through web browsers, Vigor2952 supports Central VPN Management (CVM) through TR-069 protocol. From a CVM page, you can create VPN tunnels with just a few mouse clicks on the icons representing your local network (e.g. a public place such as a café) and remote locations (e.g. branch or home office), and the router will establish the connection automatically. This takes away the tedious process required for VPN tunnel creation.
As well as simplifying creation of VPN tunnels, CVM provides a console to monitor multiple CPE devices and VPN tunnels. This includes displaying the CPE devices on a Google Map.
Other features include scheduling of CPE configuration backup/restore tasks as well as scheduled firmware upgrade of the CPE devices. Up to 8 DrayTek CPE devices are supported.
8. Central AP Management
Vigor2952 supports Central AP Management (APM) with a console to auto-configure and manage up to 20 directly connected (via LAN cables) Draytek wireless Access Points, including VigorAP 800, VigorAP 810, VigorAP 900, VigorAP 910C & VigorAP 902.
The APM Dashboard displays the status, such as traffic and number of attached stations, of all the attached Access Points.
With Auto Provisioning enabled on the attached Access Points, WLAN profiles can be created and applied to the selected Access Points from the central console.
The AP Maintenance feature allows a number of actions, including Configuration Backup and Restore, Firmware Upgrade, Remote Reboot and Factory Reset, to be programmed for selected Access Points.
The connected Access Points can also be displayed on a map or floor plan showing their locations and basic descriptions. Other features include Traffic Graph, Rogue AP detection, Event Log, Total Traffic, Station number and Access Point Load Balancing.
9. Central Switch Management (New Firmware will be released soon)
Central Switch Management provides a convenient and easy way to manage and configure supported VigorSwitches, and save time and reduces troubleshooting efforts.
From a console page on Vigor2952, you can assign VLANs to the switch ports and at the same time update the router configuration, with a few mouse clicks within the graphical user interface. Similarly you can create 802.1q trunk ports in the same way.
The switch status page shows the status of all the attached switches, including switch name, IP address, the model number and system up time. You can see how many ports and are in use in each switch as well as port status and how many clients are connected.
You can backup or restore switch configurations, or reboot, or reset to factory default settings, any of the switches.
10. Remote Access Management
The Vigor2952 supports a number of management options to control access to the router both locally and remotely.
The TR-069 feature integrates with the VigorACS-SI centralised management system, and allow system integrators or network administrators to configure, monitor and manage the Vigor2952 remotely from the comfort of their offices or homes. It can also be used to Auto-Provision the Vigor2952 remotely by sending configuration data to the router.
There are 3 wizards: a Configuration Wizard, a VPN Wizard and a Firmware Upgrade Wizard. These allow network administrators to quickly and easily carry out complex tasks.
Alarm & Log Management features ensure real time notifications and alerts to specified phone numbers or email accounts in relation to faults or status of the connected CPEs.
A number of diagnostic functions, including Data Flow Monitor, Traffic Graph and Syslog Explorer, allow the network administrator to monitor and troubleshoot network conditions remotely.
Like all Vigor routers, Vigor2952 supports management options include HTTP, HTTPS, FTP, SSH, Telnet and SNMP.
11. High Availability Mode
High Availability is essential in mission critical applications where the network as well as Internet connectivity needs to be available 100% of the time. Should a hardware failure occur in a primary router, a standby router will immediately come on line to provide uninterrupted network connectivity.
High Availability mode in the Vigor2952 router provides hardware redundancy by the use of one or more Vigor2952 routers to be configured for Hot-Standby or Active-Standby.
Key features of High Availability mode are:
- WCF License share (Hot-Standby only)
Network administrators can create a High Availability group on MyVigor website and include at most 8 routers to join the group and share the same WCF license. Only 1 router (the primary) can use the license at a time, and when the primary router goes down, the secondary router will come up and register to MyVigor server and continuous to provide firewall protection to LAN clients. It means only one WCF license is required per High Availability group.
- Configuration Sync (Hot-Standby only)
Every configuration/modification made on the primary router will be synchronized to the other group member(s) ensuring that network functionality is identical should the primary router fails.
- DDNS Update
For dynamic WAN IP users, High Availability group members can share the same DDNS account, that when the secondary router become primary, it will update the DDNS profile so the network can continue to be accessible via the same DDNS domain.
- Ethernet WAN
- DHCP Client, Static IP, PPPoE, PPTP, L2TP, 802.1q Multi-VLAN Tagging
- Tunnel Mode: TSPC, AICCU, 6rd, Static 6in4
- Dual Stack: PPP, DHCPv6 Client, Static IPv6
- WAN Connection Failover
- WAN Budget
- Load Balance/Route Policy
- Ethernet LAN
- IPv4/IPv6 DHCP Server
- Static Routing/RIP
- Multiple Subnets
- Port/Tag-based VLAN
- Standard: 802.3at
- PoE Ports: 4 ports
- Power Budget: 60 Watt (Max. 30Watt per port)
- Mode : Auto or Manual
- PD Device Check
- Notification (Add a new Category in Notification Object)
- PoE information on Dashbaord
- 3.5G/4G LTE(PPP, DHCP) as WAN3/ WAN4
- Printer Server/File Sharing
- System Maintenance
- HTTP/HTTPS with 2-level Management (Admin/User)
- Logging via Syslog
- SNMP Management MIB-II (v2/v3)
- CLI (Command Line Interface, Telnet/SSH)
- Administration Access Control
- Web-based Diagnostic Functionality
- Firmware Upgrade via TFTP/FTP/HTTP/TR-069
- CWMP Support (TR-069/TR-104)
- LAN Port Monitoring
- Network Management
- Bandwidth Management by Session/Bandwidth
- User Management by Time/Data Quota
- LAN DNS and DNS Proxy/Cache
- Dynamic DNS
- IGMP Snooping/Proxy v2 and v3
- QoS (DSCP/Class-based/4-level Priority)
- Guarantee Bandwidth for VoIP
- Support Smart Monitor (Up to 100 nodes)
- Central AP Management
- Central VPN Management
- Switch Management (New Firmware will be released soon)
- Multi-NAT, DMZ Host, Port-redirection and Open Port
- Object-based Firewall, Object IPv6, Group IPv6
- MAC Address Filter
- SPI (Stateful Packet Inspection) (Flow Track)
- DoS/DDoS Prevention
- IP Address Anti-spoofing
- E-mail Alert and Logging via Syslog
- Bind IP to MAC Address
- Time Schedule Control
- Content Security (IM/P2P, URL, Keywords, Cookies, etc.)
- Up to 100 VPN Tunnels
- Protocol: PPTP, IPsec, L2TP, L2TP over IPsec
- Encryption: MPPE and Hardware-based AES/DES/3DES
- Authentication: MD5, SHA-1
- IKE Authentication: Pre-shared Key and Digital Signature (X.509)
- LAN-to-LAN, Teleworker-to-LAN
- DHCP over IPsec
- IPsec NAT-traversal (NAT-T)
- Dead Peer Detection (DPD)
- VPN Pass-through
- VPN Wizard
- Supports 50 SSL VPN Tunnels
- VPN Trunk: VPN Backup and Load Balance
- 1 x Combo WAN, 10/100/1000Base-Tx, RJ-45 or SFP (WAN1)(Fiber Port is High Priority)
- 1 x 10/100/1000Base-Tx, RJ-45 (WAN2)
- 4 x 10/100/1000Base-Tx LAN, RJ-45 (P1 is Configurable as DMZ Port)
- 2 x USB Host (USB1 is 2.0 and USB2 is 3.0)
- 1 x Factory Reset Button
Vigor2952 Series for Branch Offices Deployment
Business Continuity – High Availability
CVM (Central VPN Management)
Security & Firewall
VPN Trunk (Load Balance/Backup)
Open Link in New Tab http://eu.draytek.com:12952/