Draytek Vigor 2900g Broadband Security Router Reviewed

Setup and Administration

The 2900G comes set to as its factory default and with its built-in DHCP server enabled. It also comes without a default password set, so when the login authentication box pops up, all you need do is hit return and you'll be at the Home screen (Figure 2).

Vigor 2900G - Home screen

Figure 2: Home screen

Providing an understandable and easy-to-navigate interface is important in order for users to take advantage of all that the 2900G has to offer. Unfortunately, DrayTek has a ways to go to achieve this. While the Home screen presents links to all the major functional groups, you'll be visiting it a lot because the 2900G's interface doesn't have a navigation bar that appears on each screen.

You instead navigate around using your browser's Back button or the back-arrow and house icons that appear on most pages - a method that gets old real quick. I also found some problems with button clicks not being accepted while using Mozilla 1.6b as my browser, which switching to IE 6 seemed to remedy.

Vigor 2900G - Management options

Figure 3: Management options

You actually get a pretty good set of management options (Figure 3), including a command-line Telnet interface and support for SNMP. You can also limit remote access (disabled by default) to three different IP addresses. You can't, however, access the admin features from a wireless client, since DrayTek feels this is too insecure.

One of your first duties will be to set up your Internet access (Figure 4).

Vigor 2900G - WAN DHCP client settings

Figure 4: WAN DHCP client settings

You choose between Static / Dynamic IP, PPPoE and PPTP connection types and can set the WAN port connection speed and full / half duplex (WAN physical type) in all three. PPPoE users should note that connections with static IPs are supported and you can choose from PAP or PAP / CHAP authentication. You can also adjust the MTU value, but you'll need to Telnet into the command-line interface to do it (see FAQ #8 on this page).

A feature that flashed me back to the very early days of consumer routers is the Call Schedule setup. Its ability to schedule the times and days that the 2900G is connected to the Internet is probably more suited to the ISDN versions of the 2900. But in these days of around-the-clock port scans, worms and other Internet-based attacks, I can see how it would be handy just to simply automatically disconnect your LAN from the Internet while your office is closed or family is fast asleep (or supposed to be).

The 2900G also has Multi-NAT capability, handling up to eight WAN IPs if you're fortunate enough to get them from your ISP. You can't use Multi-NAT if you're using a PPTP or PPPoE connection, though, and only one IP address can be shared using the 2900G's NAT router. The other seven can only be passed through to one LAN client each, essentially opening all ports on each IP address to each client.

The interface is generally quick, with very quick reboots needed to get the changes you make on each page to take. Multiple admin logins are allowed, with no warning given when two or more admins log on. Once you're logged in, there's no idle timeout, and you just need to remember to quit your browser when you're done, because there's no logout button.