My Account
  • Home
  • NEW ARRIVAL
  • Draytek Vigor 2952 Dual Wan Wired Router 4 X Gigabit Lan 2 X Usb Ports 2 Year Warranty Dv 2952
main product photo

Draytek Vigor 2952 Dual Wan Wired Router 4 X Gigabit Lan 2 X Usb Ports 2 Year Warranty Dv 2952

SKU
244606
Brand
Draytek
Manufacturer Link
Manufacturer Product Link
Warranty
1 Year Manufacturer's return to base

No Longer Available

$565.00
Buy Now And Earn 565 Reward Points!
Add to Compare

Vigor 2952 Dual-WAN Router Firewall & Load Balancer

 

The Vigor 2952 is a router/firewall with two Gigabit Ethernet WAN ports, providing load balancing or failover for up to two WAN connections. WAN1 can be selected as either RJ-45 or SFP format (SFP is for fibre modules). There are four LAN RJ-45 ports (Gigabit). The Vigor 2952 runs DrayTek's own DrayOS operating system, providing familiarity for users of other existing DrayTek products.

Vigor 2952 Front

 

Robust & Comprehensive Firewall

Security is always taken seriously with DrayTek routers. The firewall protects against attacks including DoS (Denial of Service) attacks, IP-based attacks and access by unauthorised remote systems. Wireless, Ethernet and VPN are also protected by various protection systems. The DrayTek object-based firewall allows even more setup flexibility than ever, enabling you to create combinations of users, rules and restrictions to suit multi-departmental organisations. The Vigor 2952 now also allows selective direction firewall rules of LAN to WAN, WAN to LAN or LAN to VPN. In addition, QoS (Quality of Service Assurance) can now be selectively applied to specific users.

High Availability

For mission critical applications, a pair of Vigor 2952's can be set up in high-availability mode - also known as 'hardware failover'. This removes the Vigor 2952 as a single point of failure if it ceases operation or is damaged - the standby router takes over operations. See more details on High Availability here.

Web Content Filtering

GlobalView Categories

The content control features of the Vigor 2952 allows you to set restrictions on web site access, blocking download of certain file or data types, blocking specific web sites with whitelists or blacklists, blocking IM/P2P applications or other potentially harmful or wasteful content. Restrictions can be per user, per PC or universal. Using DrayTek's GlobalView service, you can block whole categories of web sites (e.g. gambling, adult sites etc.), subject to an annual subscription to the Cyren Globalview service, which is continuously updated with new or changed site categorisations or sites which have become compromised (such as infected with Malware). A free 30-day trial is included with your new router.

 

User Management/Authentication

The Vigor 2952 has built-in user management which allows you to provide conditional internet access to different users based on their own unique login (stored in the router, or on an external Radius server) and including the restrictions of web content filtering (above) too. For full details of this feature, click here.

 

3G/4G Cellular Data Features

 

3G Dongle

 

The Vigor 2952's USB port can host a compatible 3G/4G/LTE USB modem for access to the cellular network for full Internet Access as your primary or failover WAN connectivity. For further details, see hereand for a list of supported 3G/4G modems see this page.

 

 

 

 

Network Attached Storage (NAS)

USB Memory

Either of the Vigor 2952's USB ports can also be used to add storage memory to the unit in the form of a USB memory stick. That memory can be used for recording syslogs or accessed as a simple FTP/file storage for users, local or remote (password protected). Requires a USB memory stick (up to 64Gb, FAT32 formatted).

 

WAN Load Balancing & Backup

The Vigor 2952's two WAN interfaces can be used either for WAN-Backup or load balancing. Each of the 2 WAN Ethernet ports can be connected to any Ethernet-based Internet connection, such as a DSL modem, cable modem, leased line etc. One port can use an SFP module instead of Ethernet.

In Load-balancing mode, the router will spread your Internet sessions across all Internet connections to make best use of your available total bandwidth. This can be automatic, according to rules or reserving specific WAN connections for specific clients or services.

WAN-Backup (failover) provides contingency (redundancy) in case of your primary connection or ISP sufferers temporary outage. Internet Traffic will be temporarily routed via the second, third or fourth Internet connection. When normal services is restored to your primary line(s), all traffic is switched back to that.

 

 

802.1q Tagged, Wireless & Port Based VLAN

The Vigor 2925 features a hugely flexible VLAN system. Each of the six Gigabit LAN ports can be isolated from each other, for example to feed different companies or departments but keeping their local traffic completely separated.

Vigor 2952 - Technical Specification

  • Physical Interfaces:
    • WAN Ports:
      • WAN1 : Selectable:
        • RJ-45 Gigabit Ethernet (1000Mb/s) or
        • SFP Gigabit Slot for Fibre or other module (1000Mb/s)
      • WAN2 : RJ-45 Gigabit Ethernet (1000Mb/s)
      • WAN3 : USB 2.0 Port for 3G/4G Cellular Modem or NAS feature
      • WAN4 : USB 3.0 Port for 3G/4G Cellular Modem or NAS feature
    • LAN Ports:
      • 4 X RJ-45 Gigabit Ethernet (1000Mb/s) - LAN
  • Performance:
    • Firewall: Up to 500Mb/s
    • IPSec VPN: Up to 200Mb/s
    • NAT Sessions : 100,000
  • Load Balance/Failover Features:
    • Outbound Policy-Based Load-Balance to direct traffic via:
       
      • NAT or Routing
      • WAN Interface
      • LAN Interface
      • Specific LAN Gateway
      • VPN Tunnel
    • IP-Based or Session-Based Load Balance modes
    • WAN Connection Fail-over
    • BoD (Bandwidth on Demand)
    • Configurable Load-Balance pool, specify WAN interfaces to load balance
    • WAN Budget
  • WAN Protocols (Ethernet):
    • DHCP Client
    • Static IP
    • IPv4 / IPv6
    • PPPoE
    • PPTP
    • L2TP
  • IPv6 Features:
    • Operation on all of the WAN ports
    • Default-Deny Firewalling
    • Static IP, DHCPv6 or PPP
    • Connectivity to ISPs provided direct/native IPv6
    • Built-in tunnelling to IPv6 brokers:
      • TSPC
      • AICCU
      • 6in4
      • 6rd
    • Default stateful firewall for all IPv6 LAN Clients/Devices
    • DHCPv6 & RADVD for client configuration
    • IP Filtering Rules
    • QoS for IPv6 with DiffServ
    • Router Management over IPv6 (Telnet/HTTP) with IPv6 Access List
    • Dual-Stack (Concurrent) operation with IPv4)
  • Firewall & Security Features:
    • CSM (Content Security Management):
      • URL Keyword Filtering - Whitelist or Blacklist specific sites or keywords in URLs
      • Block Web sites by category (e.g. Adult, Gambling etc. Subject to subscription)
      • Prevent accessing of web sites by using their direct IP address (thus URLs only)
      • Blocking automatic download of Java applets and ActiveX controls
      • Blocking of web site cookies
      • Block http downloads of file types :
        • Binary Executable : .EXE / .COM / .BAT / .SCR / .PIF
        • Compressed : .ZIP / .SIT / .ARC / .CAB/. ARJ / .RAR
        • Multimedia : .MOV / .MP3 / .MPEG / .MPG / .WMV / .WAV / .RAM / .RA / .RM / .AVI / .AU
      • Time Schedules for enabling/disabling the restrictions
      • Block popular P2P (Peer-to-Peer) file sharing programs
      • Block Instant Messaging programs (e.g. IRC, MSN/Yahoo Messenger etc.)
    • DNS Filter: Use DNS to enforce categorisation
    • Web Portal
    • Multi-NAT (32 WAN IPs per WAN1 & WAN2)
    • DMZ Host
    • DMZ Port (via LAN port P1, switchable)
    • 40 Port Redirection rules
    • 40 Open Port rules (10 port ranges per rule)
    • Policy-Based Firewall
    • MAC Address Filter
    • SPI ( Stateful Packet Inspection ) with new FlowTrack Mechanism
    • DoS / DDoS Protection
    • IP Address Anti-spoofing
    • E-Mail Alert and Logging via Syslog
    • Bind IP to MAC Address
    • User Management:
      • Up to 200 Profiles
      • Supports external authentication via LDAP or RADIUS
      • Per User Bandwidth and Time Quota
      • Schedule Control to delete or disable account automatically
  • Bandwidth Management:
    • Quality of Service (QoS)
       
      • Guaranteed Bandwidth for VoIP
      • Class-based Bandwidth Guarantee by User-Defined Traffic Categories
      • Layer 2&3 (802.1p & TOS/DCSP)
      • DiffServ Code Point Classifying
      • 4-level Priority for each Direction (Inbound / Outbound)
      • Bandwidth Borrowed
      • App QoS: Classify traffic by Application
    • Temporary (5 minute) Quick Blocking of any LAN Client
    • Bandwidth Limit (Shared or individual limit)
    • Smart Bandwidth Limitation (Triggered by Traffic / Session)
    • Session Limit
  • Network/Router Management:
    • Web-Based User Interface (HTTP / HTTPS)
    • CLI ( Command Line Interface ) / Telnet / SSH
    • Web Console: Access CLI through Web Interface
    • Administration Access Control
    • Configuration Backup / Restore
    • Configuration Import from Vigor 2920, Vigor 2925, Vigor 2930, Vigor 2950 & Vigor 2955
    • Built-in Diagnostic Function
    • Firmware Upgrade via Web Interface, TFTP, FTP
    • Logging via Syslog
    • Supports SmartMonitor (up to 50 IPs monitored)
    • SNMP v3 Management with MIB-II
    • TR-069
    • TR-104
    • Access Point Management: Centrally Manage up to 30 DrayTek VigorAPs
  • VPN Facilities:
    • Up to 100 Concurrent VPN Tunnels (incoming or outgoing)
    • Tunnelling Protocols:
      • PPTP
      • IPSec
      • L2TP
      • L2TP over IPSec
      • DrayTek SSL
    • IPSec Main and Aggressive modes
    • IKE Phase 1 DiffieHelman Groups 1,2,5 & 14
    • IKE Phase 2 DiffieHelman Groups 1,2,5 & 14 (will match phase 1 selection)
    • Encryption : MPPE, DES and Hardware-Based AES (128/192/256bits) / DES / 3DES (168bits)
    • Authentication : Hardware-Based MD5, SHA-1 and SHA-256
    • IKE Authentication : Pre-shared Key or X.509 Digital Signature
    • SSL VPN for teleworkers - Up to 50 user. Proxy or tunnel.
    • LAN-to-LAN & Teleworker-to-LAN connectivity
    • DHCP over IPSec
    • NAT-Traversal ( NAT-T )
    • Dead Peer Detection (DPD)
    • VPN Pass-Through (PPTP, L2TP, IPSec)
    • MOTP (Mobile One Time Password)
    • Virtual IP Mapping, map a remote IP subnet/range to another range to resolve IP subnet/range conflicts
  • SSL VPN:
    • Up to 50 Concurrent VPN Tunnels (incoming or outgoing)
    • SSL Application support for RDP, VNC & Samba
    • Encryption/Authentication : RC4 (128bits), AES (128bits), DES/3DES
    • X.509 Digital Signature
  • Network Features:
    • Port-Based VLAN (Inclusive/Exclusive Groups)
    • 802.1q VLAN Tagging
    • Port Mirroring
    • 802.1X LAN Port Authentication
    • Multi Subnet DHCP Servers with DHCP Relay
    • Custom DHCP Option support
    • Dynamic DNS
    • DNS Transparent Proxy
    • DNS Caching
    • LAN DNS (supports CNAME)
    • NTP Client (Synchronise Router Time)
    • Call Scheduling (Enable/Trigger Internet Access by Time)
    • RADIUS Client
    • LDAP Client
    • TACACS+ Client
    • Internal RADIUS Server
    • PPPoE Server
    • Microsoft™ UPnP Support
    • High Availability
    • Routing Protocols:
      • Static Routing
      • RIP V2
  • Certificate Management:
    • Trusted CA
    • Local Certificate
  • Operating Requirements:
    • Rack Mountable (brackets included)
    • Temperature Operating : 0°C ~ 45°C
    • Storage : -25°C ~ 70°C
    • Humidity 10% ~ 90% (non-condensing)
    • Silent operation (fanless)
    • Power Consumption: 19 Watt Max.
    • Dimensions: L273 * W176 * H46 ( mm )
    • Operating Power: 220-240VAC directly to unit
    • Warranty : Two (2) Years RTB
Dual-WAN with 2 x Gigabit Ethernet WAN ports (WAN 1 selectable for SFP port)
Single WAN or Multi-WAN Load Balance and Failover
2 x USB ports (1 x USB 2.0, 1 x USB 3.0)
Only USB port 2 (USB2) can be used for 3G/4G LTE mobile. USB port 1 (USB1) can be used for external storage, printer or thermometer
4 x Gigabit LAN ports with 60,000 NAT sessions
8 Private LANs + DMZ LAN + IP routed LAN
IPv6 compliant
Object-based SPI Firewall with Content Security Management (CSM)
QoS functions
100 x VPN and 50 x SSL VPN tunnels with VPN Load Balance and Redundancy
Central VPN Management
Central AP Management*
Central Switch Management**
High Availability Mode
Smart Monitor Traffic Analyzer (up to 100-nodes)
Supports VigorACS SI Central Management (TR-069)
2 years back to base warranty