Bisa online via VPN ke cabang-cabang dgn biaya murah

Punya banyak cabang tapi ingin tetap online dengan pusat ? Gunakan jaringan speedy dan pasang draytek Vigor. Kemudian setup VPN dengan VPN Management ini.

How to Use Central VPN Management

VPN management is really a difficult work when we want to build VPN connections between several VPN routers. On each router, we need to make a lot of settings, eg. Pre-Shared key, subnet, encryption mode... and so on. Once setting the wrong parameters, it makes us go insane to find out what happens. What if we have to manage lots of routers? Epilepsy! Aren't we?

Well, thanks to Central VPN Management, it becomes simple to manage VPN connections. WithCentral VPN Management, we can setup VPN connections with just one click. We can backup or restore configuration, and we can upgrade firmware as well. In following example, we will have Vigor2925, Vigor2850, and Vigor3200 as CPE(which means Customer Premise Equipment). We will use Vigor2860 to manage VPN network. With CVM on Vigor2860, we can manage 8 CPE in the meanwhile.


There will be two notes,
A. How to manage VPN network
B. What's CPE maintenance



Part A. How to manage VPN network

Before managing VPN network, it's necessary to set TR-069 because CPE will send messages to CVM with TR-069 technology. Besides, we have to enable HTTP Port so that CPE can access CVM. In following case, Vigor3200 and Vigor2860 are taken for example. For step1 to step 7, we will see detail introduction about CPE settings and CVM settings. For step 8 to step 15, we will take a look on how to manage VPN status. 

  1. With TR-069, it's easy for servers to monitor clients. So we should know how to setup TR-069 first. However, before setting TR-069, it's necessary to see CVM's WAN IP address. In this case, we regard Vigor2860 as CVM.
    To see the WAN IP address of Vigor2860,


    a. Click Online Status
    b. Click Physical Connection
    c. Just see WAN 2 Status and IP address will show in the figure as well


  2. The first and the only step of setting CVM,


    a. Click Central VPN Management 
    b. Click General Setup
    c. Enable CVM Port and type 9000 in the column(In this case, we take 9000 for example. Default setting is 8000.) 
    d. Type UsernamePassword. (Attention! The information must be as same as CPE's.)
    e. Choose the correct WAN interface from WAN IP for Remote Connection
    f. Type / as Local Subnet (just exactly which Vigor2860 belongs to)
    g. Press OK button


  3. To enable HTTP Port,(HTTP Port must be enable to allow CVM Maintenance),


    a. Click System Maintenance
    b. Click 
    c. Tick 
    Enable button
    d. Press 
    OK button


  4. Now we know the WAN IP, Username, and Password of Vigor2860. So we can start to set CPE's TR-069 now.(Vigor3200)
    To set TR-069,


    a. Click System Maintenance
    b. Click 
    Type http://x.x.x.x:yy/ACSServer/services/ACSServlet in the URL column. (Please replacex.x.x.x with Vigor2860's WAN IP/domain name, yy with CVM port)Type Username and Passwordwhatever we setup in Vigor2860.
    d. Click CPE Client 
    e. Press 
    OK button

    After finishing all above settings, now we want to establish VPN connections by dialing to Viogr3200. Before establishing VPN connections, the first thing we need to do is add Vigor3200 into Managed Devices List.


  5. As we see, Vigor3200 appears in the Unmanaged Devices List. We have to add it in theManaged Devices List so that we can manage it.
    To manage Vigor3200,


    a. Click Central VPN Management
    b. Click CPE Management
    c. Tick the button to add Vigor3200 into Managed Device List. Type the name of the device inDescription Name and the place where the device is in Location.
    d. Press Add Button


  6. We can see Vigor3200 shows in Managed Devices List with its name and IP address.



  7. Now Vigor3200 is added in the managed list. If we want to get more information about it, we can double click the item. 
    The message box like below will appear immediately. 



  8. Now we complete all settings of CPE and CVM. Now we can try dialing to Vigor3200 in PPTP to establish VPN connection.


    a. Click Central VPN Management
    b. Click VPN Management
    c. Click Vigor3200 
    d. Press PPTP button


  9. Please wait for a few seconds and refresh the page. We will see detail information about VPN connections.



  10. After pressing PPTP button, it will create a profile automatically. We can see detail information about VPN profiles in LAN to LAN Profiles. Both CPE and CVM will create profiles in LAN to LAN Profiles automatically. With CPE dial-in and CVM dial- out, CPE and CVM can establish VPN connections.


    a. Click VPN and Remote Access
    b. Click LAN to LAN 
    c. Index 1 indicates VPN connection has already been established successfully

    Of course we can choose either PPTP or IPsec- just whatever we like. The settings of either PPTPor IPsec is fixed-the username and password are given by system automatically. If we want to select the settings according to personal preference, we can do it with Advanced function. In following case, we want to change PPTP to IPsec with Advanced function.


  11. To change encryption according to our preferences,


    a. Click Central VPN Management
    b. Click VPN Management
    c. Press Advanced button


  12. A message box like following will appear immediately.
    To select IPsec,


    a. Choose the correct device
    b. Choose IPsec Tunnel
    c. Type IKE Pre-Shared Key(just whatever we want)
    d. Press OK button


  13. Please wait for a few minutes after finishing all the settings. We can see whether new settings has already applied to the system.
    To see whether new settings are done successfully or not,


    a. Click VPN and Remote Access
    b. Click LAN to LAN
    c. Please roll the window and take a look on part 3(Dial-In Settings). We find IPsec Tunnel has been ticked automatically-which means new settings apply to the system.


  14. Please repeat step1 to step 6 to set TR-069 on each CPE. In this case, we still have two more CPE to set- Vigor2925 and Vigor2850. It's really convenient for us to monitor every router in VPN network. All information can be seen clearly.



  15. Besides application above, there's another interesting function. We can observe the locations of CPE on Google Map! As we see the figure below, there are three points on the map. Once we move mouse to the point, a message box will appear immediately. 
    To see the distribution of CPE on the map,


    a. Click Central VPN Management
    b. Click CPE Management
    c. Click Google Map


After all steps in part A, we are familiar with how to use CVM function. However, there are other functions we can use. For example, we can schedule CPE to store configuration, backup configuration, and update firmware. In part B, we will take Vigor3200 for example to see detail introduction about CPE Maintenance.



Part B. What's CPE maintenance
In part B, we want to schedule Vigor3200 to backup configuration once a day. We want it backup configuration on 12:30 on weekdays since 12:00~13:00 is our rest time. CPE can backup configuration during that time and it will not affect out work. The very first thing is that we should notice USB device is certainly connected well since backup configuration will be stored in USB device.

  1. First we need to create schedule,


    a. Click Applications
    b. Click Schedule
    c. Click Index 1


  2. To setup schedule,


    a. Tick Enable Schedule Setup
    b. Select the exact Date we want(In this case, we set Start Date as 2013.9.4, Start Time as 12:30, and Duration Time as 5. Attention! It's necessary to setup Duration in case of offline. Long duration gives router more time to retry connect once CPE lose connection with CVM)
    c. Keep the default settings(In this case, we want to schedule CPE weekdays. Of course this setting according to personal preference.)


  3. To begin setting CPE Maintenance,


    a. Click Central VPN Management
    b. Click CPE Management
    c. Click the middle choice-CPE Maintenance


  4. To start to create a new profile,


    a. Make sure that USB disk is connected because backup configuration is stored in it.
    b. Click Index 1


  5. Please complete the whole setting,


    a. Type Profile Name
    b. Tick Enable button
    c. Select the exact MAC Address of Vigor3200. 
    d. Choose the Action Type.(In this case, we choose Config Backup)
    e. Type 1(which means Index 1 in schedule will apply to the system)
    f. Press OK button


  6. We can also check the backup configuration in File Explorer.


    a. Click USB Application
    b. Click File Explorer
    c. Click cvm_b0bb29(CVM's MAC Address)


  7. Click 00507F7A02E8(CPE's MAC Address) to continue



  8. Seeing this page means backup configuration has already successfully stored in USB device. Moreover, we can see that the name of the file is determine by date. For example, "20130904_120006" means the file is created on 12:30"00 on 2013.9.4. So all backup configuration must list in order and we can manage easily! How convenient! 



  9. Now we can see whether CPE backups the configuration successfully or not.


    a. Click Central VPN Management
    b. Click Log&Alert
    c. Click Log
    d. The message above indicates CPE stores the configuration successfully


To summary, it makes server easier to manage VPN connections with CVM. Even there are a lot of CPE, we can take it with ease. Vigor2860 CVM can manage maximum 8 CPE. With CVM, we will not be afraid of managing huge VPN network anymore!