SSL VPN Troubleshooting
The SSL VPN facility on DrayTek routers uses TCP port 443 by default; this will override any existing port forwards using that port. If you need to forward traffic on TCP 443 (HTTPS) to an internal server, it will be necessary to change the router's SSL VPN port so that the port forwarding can operate.
To do that, go to [SSL VPN] - [General Setup], set the Port setting from its default of 443 to another port, in this example, the port has been changed to 444.
To connect to an SSL VPN tunnel, you can use the Draytek Smart VPN Client or access the SSL VPN web page remotely, log in then go to [SSL Tunnel] and click Connect. Connecting using the Java Client requires disabling TLS 1.0 in the Java control panel:
When connecting from a computer with User Access Control enabled, it is necessary to start the web browser as an Administrator for the SSL tunnel software to be able to install correctly:
The SSL Tunnel client software will need to install through the browser; recent versions of Java will bring up a warning before running the application, it is necessary to allow it to run for the tunnel software to install fully:
Once the tunnel driver has installed, it will then bring up the connection window showing the status of the connection and the IP address it has on the remote network. If you don't want to reinstall the driver when connecting again, untick the "Remove Virtual Driver on disconnecting" option:
NOTICE : This document is © SEG Communications and may not be distributed without specific written consent. Information and products subject to change at any time without notice.