Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Firmware-update: Draytek Vigor 2926 3.8.9

Draytek logo (27 pix)Draytek heeft voor zijn Vigor 2926-routers nieuwe firmware uitgebracht. Deze breedbandrouters beschikken over twee gigabit-ethernetwanpoorten en vier gigabit-ethernetlanpoorten. Daarnaast kan de router vijftig vpn-tunnels opzetten en is er afhankelijk van het model één of twee usb-poorten aanwezig om bijvoorbeeld een printer op aan te sluiten. Verder is er de keuze om de Vigor 2926 zonder wirelessmogelijkheden te nemen, of met 802.11n in de vorm van de Vigor 2926n, of met 802.11ac in de vorm van de Vigor 2926ac of 2926Vac, of met een al ingebouwd lte-modem in de vorm van de Vigor 2926L, 2926Ln of 2926Lac. Het versienummer is aangeland bij 3.8.9 en dit zijn de veranderingen:

New Features
  • Support VigorACS 2 (firmware version:2.3.0).
  • Support DrayOS IKEv1 IPSec XAuth for the security of network connection.
  • Support certificate service offered by “Let’s Encrypt”.
  • Support SMS One Time Password (OTP) for VPN / Remote Management (2FA, two factor authentication).
  • Add an Advanced button to offer more direction options in firewall rule (Firewall>>Edit Filter Set>>Edit Filter Rule).
  • Improved: Support multi-gateway in LAN subnet.
  • Improved: Support Country Object option in Firewall>>Edit Filter Set>>Edit Filter Rule.
  • Improved: Support IKEv2 ECDH Group 19, 20 and 21 in VPN and Remote Access>>LAN to LAN.
  • Improved: Support Diffie-Hellman group 19 as Proposal setting on VPN and Remote Access>>LAN to LAN VPN Profiles.
  • Improved: Support SSL/TLS authentication for Local 802.1X (Applications>>Local 802.1X General Setup).
  • Improved: Add country object which can be selected as route policy.
  • Improved: Improvement for LTE dial up state mechanism.
  • Improved: Allow setting Inter-LAN Routing between DMZ and LAN1 when DMZ is enabled.
  • Improved: Modify firmware upgrade page for displaying firmware header information (System Maintenance>>Firmware Upgrade).
  • Improved: Add options to specify WAN interface for firewall rule (Firewall>>Edit Filter Set>>Edit Filter Rule).
  • Improved: Allow conditional Bind IP to MAC based upon network entry point.
  • Improved: Allow using the same WAN interface for STUN and SIP traffic by default.
  • Improved: Import X.509 certificate via SSH (mngt cert_import cmd).
  • Improved: Support “Use Cycle in hours” for Custom setting in WAN>>WAN budget.
  • Improved: Support Channel Width selections on Central Management >>AP >> WLAN Profile.
  • Improved: Increase X.509 Certificate import size.
  • Improved: Extend the certificate size of Vigor router (for the Certificate Chain Issue).
  • Improved: Add backup/restore buttons to VPN and Remote Access>>Remote Dial-in User.
  • Improved: Remove ZenMate.
  • Improved: The Router Name (set in System Maintenance>>Management) can be used as L2TP Client’s Host name.
  • Improved: Modifications on DrayOS to meet the GDPR.
  • Improved: Modifications on SWM function to meet GDPR.
  • Improved: Modifications on Hotspot Web Portal function to meet GDPR.
  • Improved: Add the option of "IPv6 Address Random Allocation" for DHCPv6 Server on LAN>>General.
  • Improved: Remove the telnet commands, 'ip dmz' and 'ip aux [Join to NAT pool]'.
  • Improved: Enable WAN2 as factory default configuration.
  • Corrected: The IKEv1/IKEv2 selection was visible even IPsec Tunnel was not selected.
  • Corrected: Vigor router continued to send UDP connection request address when the STUN service was disabled.
  • Corrected: Unable to pass the traffic to VPN when VPN Trunk Backup connection was resumed.
  • Improved: Revise the words on System Maintenance >> Time and Date >> Daylight Saving Advanced page.
  • Improved: Change the wording of "Advanced" button into “Advanced DHCP Client Option” on WAN >> Internet Access page.
  • Improved: Modify the position of the note on LAN >> General Setup page.
  • Corrected: Typo in VPN and Remote Access>>IPsec General Setup page.
  • Add a message to notify the users when they try to turn off LAN port /USB port / LED / Buttons in System Maintenance>>Panel Control.
  • Corrected: IPv6 address with the abbreviation “::” of 0 was note accepted by IPv6 object profile.
  • Corrected: LTE status on dashboard changed the signal display (RSSI/RSRP->RSSI) after performing auto-refresh.
  • Improved: Support subnet mask drop-down selection instead of typing it manually on web user interface.
  • Improved: Use a unified term for the Active Status.
  • Improved: Unify the format for enabling/disabling a profile in the profile settings.
  • Corrected: The color of the menu item did not change from black to white if ever been clicked.
  • Improved: Improve the web user interface of VPN status (VPN and Remote Access>>Connection Management).
  • Improved: Add a Refresh button in VPN and Remote Access>>Connection Management for refreshing connection status.
  • Improved: Re-arrange the hints on Central Management > AP > WLAN Profile > Edit page.
  • Improved: Modify the page layout for CSM>>APP Enforcement Profile.
  • Improved: Remove the asterisk mark (*) besides the options in WAN >> Internet Access >> Details Page.
  • Improved: Remove the unnecessary word, "setup" in WAN >> General Setup.
  • Improved: Improve the layout for WAN VLAN Tag Insertion in WAN>>General Setup>>WAN#.
  • Corrected: Syslog displayed the password setting for WAN DHCP Client Identifier.
  • Corrected: Got incorrect result for the allowed site when WCF firewall was enabled.
  • Corrected: Overnight schedule profile did not work.
  • Corrected: Unable to make network connection with AES encryption for WLAN 5GHz.
  • Corrected: Unable to set TX power for 5GHz using APM (Central AP Management>>WLAN Profile).
  • Corrected: The character “ used for Pre-Shared Key(PSK) on Wireless LAN>>Security would cause abnormal page display.
  • Corrected: The user accessed into USB disk connected to Vigor router through FTP server. While reading the data, if the user unplugged the USB disk, it would result in a system reboot.
  • Improved: Support an easier way to clear space on USB drive by System Maintenance>>SysLog / Mail Alert Setup.
  • After clicking Disconnect button in USB Application>>USB Device Status and unplugging USB disk, the router could not access USB disk if the USB disk inserted again.
  • Corrected: UBDDNS didn't work.
  • Corrected: In Applications >> Dynamic DNS Setup, “” did not work. And the message of "Send HTTP request error" would be shown on the DDNS log.
  • Corrected: Unable to get the domain name after registering and activating the DrayDDNS license.
  • Corrected: Unable to show log of DtDNS in Applications>>Dynamic DNS Setup.
  • Corrected: WAN PPP IPv6 did not work after upgrading firmware from to 3.8.5/1.
  • Corrected: Port redirection configured via telnet took no effect until disabling and then enabling it.
  • Corrected: NAT Port Redirection rule with TCP protocol could not be enabled (yet, UDP protocol could).
  • Corrected: Vigor router sent strange DNS query when Syslog / Mail Alert was enabled.
  • Corrected: Session limit blocked dial-in VPN users.
  • Corrected: DHCP relay did not work for VPN dial-in User.
  • Improved: Display the characters input limitation (for username, password, pre-shared key, and etc.) on web user interface.
  • Corrected: The enabled Allow Management option for IPv4 would enable the option for IPv6 automatically.
  • Corrected: Traffic for the LAN Ports without host connected still counted.
  • Corrected: Vigor router ignored the flag of “Don't fragment” in IP header.
  • Corrected: Could not register Avaya phone [H.323] to IPPBX server through router’s NAT.
  • Improved: Add "Next" and "Previous" links on each object profile editing page. Allow selecting multiple objects when configuring the object group.
  • Corrected: WAN2 could not obtain the IP due to the DHCP broadcast packets from LAN client were sent out of the WAN2.
  • Improved: Support to choose schedule setting profile by drop-down menu.
  • Improved: Apply QoS VoIP function to routing subnet.
  • Corrected: The dashboard overview showed wrong DHCP status.
  • Corrected: Internal wireless client could not ping to the wired client in same VLAN with tag.
  • Corrected: Unable to authenticate incoming RDP traffic by User-Based firewall.
  • Corrected: Unable to limit the bandwidth speed in Bandwidth Management>>Quality of Service>>WAN1 General Setup.
  • Corrected: QoS LED on router’s front panel kept lighting up after enabling and then disable QoS.
  • Improved: Remove the reboot mechanism after enabling/disabling the Internal Radius Server in the Applications>>RADIUS/TACACS+>>Internal Radius Server.
  • Improved: Remove the reboot mechanism after configuring the Authentication List in the Applications>>RADIUS/TACACS+>>Internal Radius Server.
  • Improved: Remove the asterisk mark (*) besides the options in WAN >> Internet Access >> Details Page.
  • Corrected: Domain extension [] disappeared from
  • Corrected: VPN remote dial-in user could not access Internet if Hardware Acceleration was enabled.
  • Corrected: IPv6 packet was blocked even if IP filter was set to pass it.
  • Corrected: The behavior of Bind IP to MAC enable toggle switch on router’s WUI could not be displayed correctly in VigorACS 2.
  • Improved: Support to display "Host ID / Comment" or “Comment / Host ID” in the Interface field on Dashboard.
  • Improved: The User Management >>User Online Status page will display only the login event for online users.
  • Improved: Add a new service provider selection, EntryDNS ( for DDNS (Applications>>Dynamic DNS).
  • Corrected: Typo in the Routing>>Load-Balance/Route Policy.
  • Corrected: NAT did not work after pressing OK button on Port Redirection page.
  • Improved: Pop-up a warning message, "The UDP Limited_bandwidth Ratio can not exceed 100%" while QoS UDP Limit Bandwidth Ratio is not enabled.
  • Corrected: Bind IP to MAC did not allow setting up more than 300 entries.
  • Improve: Increase the total number of characters used in Terms and Conditions Content field of Hotspot Web Portal.
  • Corrected: Firewall did not work with schedule profile well.
  • Corrected: Idle timeout in remote dial-in user did not work on SSL VPN.
  • Corrected: ARP Table displayed comments for IP x.x.x.10 and IP x.x.x.101 wrongly (IP Bind MAC Enabled).
  • Improved: Make the behavior for “CN” and “cn” (set as Common Name Identifier) for LDAP be the same.
  • Corrected: No PPPoE status message in Online Status >> Physical Connection.
  • Improved: Add Host Name and Accounting options on Applications >> RADIUS/TACACS+ >> External RADIUS.
  • Improved: Remove the telnet command, 'bpa'.
  • Improved: Separate IPv4 and IPv6 internet access control for IPv4 and IPv6 on System Maintenance>>Management.
  • Corrected: Wrong WAN type displayed under WAN>>Multi-VLAN.
  • Corrected: Unable to display the WAN2 LED on the dashboard if WAN2 was connected physically.
  • Improved: The first priority for VoIP SIP/RTP in QoS can work for VPN.
Versienummer 3.8.9
Releasestatus Final
Website Draytek
Licentietype Freeware

Door Japke Rosink


11-06-2018 • 09:52

1 Linkedin Google+

Bron: Draytek

Reacties (1)

Wijzig sortering
Antwoord van DrayTek NL gekregen waarom Let's Encrypt en de self-signed SSL niet werken:
Het is in de huidige firmware niet mogelijk om gebruik te maken van Let's Encrypt, de Vigor2926 serie gaat pas vanaf versie 3.9.0 Let's Encrypt ondersteunen.

De foutmelding die je te zien krijgt is helaas een bekende bug, in de volgende firmware release (3.9.0) zal dit probleem opgelost zijn.

Wij verwachten dat deze firmware versie spoedig beschikbaar zal zijn voor de Vigor2926.

[Reactie gewijzigd door DJMaze op 30 juli 2018 13:45]

Op dit item kan niet meer gereageerd worden.

Apple iPhone XS Red Dead Redemption 2 LG W7 Google Pixel 3 XL OnePlus 6T (6GB ram) FIFA 19 Samsung Galaxy S10 Google Pixel 3

Tweakers vormt samen met Tweakers Elect, Hardware.Info, Autotrack, Nationale Vacaturebank en Intermediair de Persgroep Online Services B.V.
Alle rechten voorbehouden © 1998 - 2018 Hosting door True