Vigor 2960 Series Router Firewall

£ 396.70 396.7 GBP

£ 396.70

Add to Cart

High-Performance SSL VPN Router/Firewall

The Vigor 2960 Series serves as a VPN gateway and a central firewall for multi-site offices and tele-workers. With its high data throughput of two-Gigabit Ethernet Dual WAN VPN trunking and 4 Gigabit Ethernet LAN ports the device facilitates productivity of versatile business operations. To secure communications between sites is the establishment of VPN tunnels up to 200 simultaneous tunnels.

Returns and Refunds
You may return your hardware within 14 days of shipment to you, as long as it is in new condition and is unopened in original packaging. No returns are accepted over 14 days. The purchaser must purchase return postage to process a return. Priority shipping charges selected at checkout are non-refundable.  All prices shown on this website are ex VAT and delivery. see full Terms & Conditions.

Physical Interfaces

  • LAN: 4-port Gigabit (10/100/1000 Base-T)

  • WAN: 2-port Gigabit (10/100/1000 Base-T) Ethernet

  • USB: 2 USB 2.0 Ports (for flash storage and 3G)

  • WAN Protocols: PPPoE, PPTP, DHCP Client, Static IP

  • Load Balancing: Policy based or automatic

  • WAN Failover: Switch to other connection when primary WAN lost

VPN Services

  • Remote Dial In Teleworker Protocols

    • PPTP

    • IPSec

    • L2TP

    • L2TP over IPSec

    • SSL VPN

  • LAN to LAN VPN Tunnel Protocols:

    • PPTP

    • IPSec

    • SSL VPN

    • GRE (LAN to LAN Tunnel)

  • Up to 200 simultaneous tunnels (LAN-to-LAN or Teleworker-to-LAN)

  • PPTP Acceleration (90Mbps with encryption, 400Mbps without encryption)

  • Dial-in and Dial-out supported

  • VPN Trunking: allows alternative failover route or multiple tunnels to the same destination to increase capacity/throughput

  • Multiple SA (Security Association) IPsec VPN support: send multiple Local and Remote subnets through one VPN tunnel

  • Teleworker - Remote Dial-In VPN Features:

    • LDAP/Active Directory: Teleworker VPNs can be authenticated by a LDAP/AD server

    • XAuth authentication support for IPsec Remote Dial-In Teleworker VPN tunnels

    • Radius Client: Authentication for Remote Dial-In Teleworkers

    • Scheduled Remote Dial-In VPN - configure times that specified Teleworkers are allowed to Dial In

    • DrayTek Smart-VPN Software utility

  • IPsec IKE Protocols:

    • IKEv1

    • IKEv2

  • IPsec IKE Authentication:

    • Pre-shared key (PSK)

    • PKI Certificate (RSA): Use X.509 Digital Signatures

    • Phase 1 Main Mode or Aggressive Mode

    • Phase 2 selectable lifetimes

  • Encryption:

    • Hardware-based AES (128, 192, 256 bits)

    • Hardware-based DES/3DES (56 & 168 bits)

    • Hardware-based MD5, SHA-1 & SHA-256

    • MPPE (40 or 128 bits)

  • IKE Phase 1 DiffieHelman Groups 1,2,5 & 14

  • IKE Phase 2 DiffieHelman Groups 1,2,5 & 14 (will match phase 1 selection)

  • DHCP over IPSec

  • GRE over IPSec

  • Dead-Peer-Detection (DPD)

  • NAT-Traversal (NAT-T): VPN over routes without VPN Passthrough

  • No extra licencing or additional VPN client costs.

  • Interoperability : Compatible with other 3rd party VPN devices


  • Stateful Packet Inspection (SPI)

  • Content Security Management (CSM)

  • Multi-NAT: Set one-to-one mappings between your private and public IP addresses

  • NAT Port Forward Features:

    • Port Redirection - 256 entries with 16 port ranges per entry

    • DMZ Host

    • Server Load Balance & Inbound Load Balance

  • SIP Application Layer Gateway (ALG)

  • H.323 Application Layer Gateway (ALG)

  • Policy-based IP Packet Filter. Fully configurable policies based on IP address, MAC address (source or destination), DiffServ attribute, direction, bandwidth, remote site

  • DoS/DDoS Protection

  • IP Address Anti-spoofing

  • Object-Based Firewall

  • Notification: Email alerts and logs to syslog

  • Bind IP to MAC address

  • User-Controlled Rules: Interrogates LDAP server to permit access or enforce policies

  • DNSSEC support

  • LAN DNS Features:

    • Control DNS resolution for A and CNAME records for configured hostnames

    • Wildcard support

    • Conditional Forwarding to specified DNS Server(s)

Web Content Filtering & CSM

  • URL Keyword Blocking: Blacklist or Whitelist

  • Content Type Blocking: Java applet, cookies, Active-X

  • Application Enforcement (APPE): IM, P2P, Protocol, Tunnelling, Streaming, Remote Cotnrol, Wed HD

  • Auto APPE Signature Upgrade

  • Block P2P Applications (inc. Kazza, WinMX, Bittorrent)

  • Block Instant messagingBlock access of web sites by direct IP address (thus URLs only)

  • Block HTTP download of compressed, executable or multimedia files

  • Web Content Filter: GlobalView filtering of 64 web site categories (e.g. adult, gambling sites etc.). subscription required (free trial included)

  • Time Scheduling: Blocking rules can be activated based on time schedules

User Management

  • Manage account features through User Profiles - VPN, PPPoE, Web Portal, FTP, Samba

  • Internal RADIUS Server

  • External LDAP / Active Directory server authentication with SSL support

  • External RADIUS server authentication

  • PPPoE Server

  • Guest Profiles with Guest Account Generator

  • Web Portal Features:

    • User Authentication for Internet access with Time Quotas

    • SMS Authentication (requires SMS provider)

    • Web Portal Login Page Customisation

    • Login History