Use Ethereal

Ethereal is an excellent and free third-party tool useful if you wish to examine the data that your PC is sending, at the TCP/IP level (across the Ethernet). It is often referred to as a 'sniffer'. Ethereal is not a DrayTek produced or supported product but we provide some installation documentation as a courtesy here.

Ethereal will capture data packets coming in and out of your PC and is therefore very useful to an engineer for diagnosing problems, or improving compatibility with specifical applications. Although these instructions looks long and complicated, the program is actually very easy to use and reasonably intuitive, though we would not recommend Ethereal for novices.

1. Download the WinPCap utility from here
2. Download Ethereal for Windows 98/Me/XP/2k from here.
3. Load the program by double clicking the dekstop icon :
   
4. The main program window will appear, similar to this :
   
5. Select Capture and Start (or press Ctrl-K):
   
6. If you get the following error, you must firstly install the WinPCap driver (see earlier) :
   
7. After selecting 'Capture' this screen will appear :
   
   Ensure that all of the buttons in the Name Resolution section are NOT selected (i.e. they should not be depressed).
8. In the filename box, enter a suitable filename for the capture file. It is this file which you will examine later, or send to your support contact, so give it a name that is fairly unique, not something too generic like "log.txt":
   
9. Ensure that there is no other Ethernet/Internet activity running on your PC, such as a download; such activity will add unnecessary data to the log we're about to make.
10. Click the OK button and capture will commence; the following window will appear on your screen to show that capure is in progress :
    
11. Now, leaving Ethereal running, you should now immediately carry out the function/process that you are trying to diagnose. For example, if it is a VPN client connection, try the connection.
12. Once the process under examination/test has completed, go back to Ethereal and in the status window, click :
    
13. Depending on how much data it captures, Ethereal will take a few seconds to collate the information. Once ready, your Ethereal window will be filled with data, something like this :
    
14. You can now close Ethereal and examine the data it captured which will have been saved to the filename you selected earlier. If you have been asked for send that capture to someone, it's the same file you should send.

Syslog

Syslog is a method of logging router activity. When enabled, the router continuously outputs syslog event messages; these can be captured by a syslog daemom (a listening/capturing program) and displayed or logged to a file. DrayTek provide a syslog tool on the CD-Rom which comes with your router, or you can download the latest version.

One the program is installed, go to the Syslog option on the router's main menu. Enter the IP address of the PC which is running the Syslog program (in our example 192.168.1.8):

Run the Syslog program and you will start to see messages and statistics build up. You can leave the Syslog program running continuously (add it to your Windows start up group if you want to):

---

How do I use 'Mail Alert' ?

Enabling 'Mail Alert' will cause the router to email your chosen address with certain alerts, notably potential firewall attacks. It is a simple function to set up - go to the Syslog/Mail Alert menu on the router and enter the address of your chosen mail server (local or ISP's) and the addres you want the alerts sent to:

---

How do I use store syslog on USB Disk?

Instead of the router sending syslog message to a PC and running a sylog utility on that PC, some DrayTek router models can store syslog to an attached USB Disk. The Vigor2820 series supports this functionality from firmware 3.3.3 and later, check the product specification for your specific model

To enable the router to send syslog message to an attached USB Disk instead of an IP Address, enable the toggle button in the [Syslog] menu. The setting can only be saved if the router has detected that a USB storage device is connected to its USB port. After enabling the setting, the router will create a syslog directory and .log file on the USB disk when it needs to write output to teh USB Disk.

The router does not immediately write the output to the USB Disk, it stores in memory first and then, once the log reaches 32KB, it writes the file to the .log file on the USB drive. Once the .log file on the USB drive reaches 1MB, the router will create a new .log with an incremented filename