Vigor Router 2200WE&WPlus CD:v2.4
********************************************************************************************
    Release Notes for Vigor2200We_Wplus Router 

    Firmware Version    : v2.3.1	
    DrayTek Corp.					
    Date: 2003/01/21
********************************************************************************************

    [New Functions]:
	1. MPPE encryption for PPTP VPN.
	2. Default route through VPN tunnel.
	3. VPN aloways-on function.
	4. Keep-alive function for IPSec tunnel.
	5. Support Windows 2000/XP UDP port 1701 file setting for L2TP/IPSec. 
	6. IP assignment for the second subnet(public IPs)by specific MAC address.
	7. DHCP Relay Agent.
        8. ISDN security feature with blocked numbers for Vigor2200X.
        9. ISDN remote activation: ISDN dial in to turn up broadband connection. 

    [Improvements]:
        1. L2TP compatibility improvement.
	2. VPN connection status display.
	3. VPN syslog information.
	4. IP-filter syslog information. 
	4. DHCP client/server improvements.
	5. RIP improvements.
	6. Router on-line status via syslog.
	7. new Vigor Tools v2.3 with new Syslog collector application.	
	8. DDNS improvements.
        9. NTP improvements. 
       10. Added telnet commands for IKE lifetime and PFS settings.	
       11. VoIP gateway pass-through NAT functions improvements.

    [Fixed problems]:
	1. Fixed on-line game "half-life" pass-through NAT problems.
	2. Fixed DHCP client problems.
	3. Corrected the display on the CLID field of LAN-to_LAN Dial-in profile.
	4. Fixed DNS problem with TTL = 0.
	5. Fixed WUI compatible problem with IE 5.0 on Mac OS 9.x platform.
	6. Fixed improper DNS-Proxy triggering WAN connection on Mac OS 10.2 platform.
	7. Fixed ISDN backup problem that broadband can not be access any more sometimes
           after power-up if enable ISDN backup.
	8. Fixed Telent command "tftpd" function.
 	9. Corrected Syslog information for on-line status.
       10. Fixed MSN 4.6 voice traffic pass-through NAT problems.
       11. Corrected slow POP3 authentication for QMail server.
       12. Fixed MSN 5.0 voice traffic pass-through NAT problems.
       13. Other minor bug fixes.
 

Hints for configurating default route through VPN tunnel:
        1. In the LAN-to-LAN profile, check the "Change default route to this VPN tunnel" 
           box to enable this function. Once this tunnel is up, all traffic will pass through
           this tunnel to reach the remote network. When the tunnel is down, the default route
           will be back to the orignal.
        2. This feature can only be enable on the dial-out side and apply to every type 
           of VPN. So once you set it up, this profile can only be used for dial-out setting.

 Notes for IPSec tunnel keep alive function
           Since the IPSec tunnel does not have any in-band checking for loss of connectivity, 
       there is a difficulty for tunnel maintenance. This note describes a mechanism for 
       IPSec tunnel maintenance. By performing regular ICMP pings with a host in the remote
       LAN to detect the tunnel aliveness.
           The following steps will tell you how to enable this feature on this firmware 
       1. In the LAN-to-LAN profile, check the "Enable PING to keep alive" box 
          and set an IP address of the node in the remote network(It can be the LAN IP of the 
          remote Vigor device).
          You must be aware that this feature can only be enable on the dial-out side and also 
          apply to IPSec tunnel only. So once you set it up, this profile can only be used for 
          dial-out setting.
       2. On the dial-in side, there is no any specific setting for this.
       3. Once the dial-out side detects the tunnel is not available, it will clean the tunnel up
          and be ready for next connection.
          But it will not automatically reestablish this tunnel again, unless
          a. The "Always On" box is checked.
          b. Any traffic to the remote network to trigger the tunnel connection
          c. Manually dial out from the Web Configurator
       4. The duration for the detection of loss tunnel may be up to 40 seconds. 

 The new telnet commands for VPN(IKE)
 >vpn l2lset                  - Display the LAN-to-LAN Profiles
 >vpn l2lset ?                - Show available sub telnet commands and usages
 >vpn l2lset <list index>     - Show the setting of this LAN-to-LAN profile
 >vpn l2lset <list index> phase1 <lifetime>
                              - Set key lifetime of IKE phase 1 for this 
                                LAN-to-LAN profile(Dial-out portion)
 >vpn l2lset <list index> phase2 <lifetime>
                              - Set key lifetime of IKE phase 2 for this 
                                LAN-to-LAN profile(Dial-out portion)
 >vpn l2lset <list index> pfs <on/off>
                              - Force-on "perfect forward secret" or disable
                                force-on "perfect forward secret". The default
                                value is off. 


 Supported Models:

        Vigor2200We_Wplus