I have just got a 2830. The aim is to replace an existing router (not a Draytek) that is on the blink. So I am trying to configure the 2830 to support an existing configuration that we know works. I've got most of the setup sorted I think, but I cannot get LAN1 connections to 'see' LAN2 connected devices. Grateful if someone can let me know what I need to do to complete the setup.

Configuration is as follows.

• FTTC connection terminating with modem


• Router does PPoE connection to FTTC Modem = I set this up on WAN2


• FTTC has a '248' block of IPs assigned, and Router is set up to use first fixed IP in range and to distribute remainder using DHCP - I set up LAN2 with this fixed IP / DHCP range, and set it to "for routing usage"


• Set up ports P1 and P2 to work on LAN1, and P3 and P4 to work on LAN2 - I did this on the VLAN setup page


• Enabled Inter-LAN routing between LAN1 and LAN 2 - I did this on the LAN / General Setup page


• Connected our mail server to P4 - it picked up a fixed IP could connect to internet and be reached on the assigned fixed IP (i.e. 'it worked')


• Connected our Apple Time Capsule to P3 - it picked up a fixed IP and generated a NAT network to mixture of wired / wireless clients. But users on this network were unable to access internet or the server on LAN2

The old router handles this configuration fine (apart from now being on the blink), so we know it can work. But not yet via the Draytek 2830.

The Time Capsule problem looked very much like a 'Double NAT' type issue. So just to check, we disabled the DHCP on the Time Capsule, put the LAN part into 'Bridge Mode' and connected it to LAN1 (on P1). This worked well: all the clients on the Time Capsule LAN picked up IP addresses from the Draytek "LAN1" NAT'd DHCP server, and all could see the Internet. An improvement over the previous configuration. But we now found that none of the devices on LAN1 could connect to the Server on LAN2.

Devices external to our network were connecting to the fixed IP server without problem. So the issue appears to be one 'internal' to the router. Draytek documentation for 2830 though voluminous was mute on the subject of what might be going on here. So we drew a blank (and so did Draytek premium rate telephone support, who we then called...).

Anyone got any suggestions at all about what might be going on and how to fix? I'm hoping that this is an easy thing to correct.

Thanks in advance for whatever help you can give.

this is how I get the interlan routing working...

The Data network is using Windows Servers for DHCP and the Phone is using a Mitel (PBX)switch for DHCP
There is also an apple airport extreme onsite and it needs to be in bridge mode and the WAN (internet port) plug into a switch in VLAN0

I am only using LAN1 and Lan2 (VLAN0 and VLAN1)








LAN to LAN policy to pass the traffic in both directions

Thanks - helpful.

I think our configuration is pretty much similar to what you have, but we only have on WAN connection.

Can you clarify the final bit of your posting - the enabling LAN to LAN communication. Screengrab looks like it is a setting in your Firewall / Data Filter. Not sure what the settings for this are that provide open pass from LAN1 to LAN2 another look like - in particular I can't work out how to create two different rules to achieve flow in both directions... here is what I see in the Filter Setup panel



Also, on our system (in attempt to get it working) Firewall is disabled, so not sure if I need this rule right now or not (but I guess I will do eventually).

So, can you clarify how you set up the filter rules? Thanks!

enable the firewall!!

this is in the data filter, you need the vice versa as well (the source and destination are flipped in another policy)

Thanks for the extra info. I'd missed the "edit" button for setting up the ranges for the filters.

Sadly however adding the rules didn't help.

I've got the router set up to work perfectly with the Fixed IPs on one LAN (either by creating LAN2 with an allocated range, or by using Routed IP settings), and perfectly with default NAT / LAN1 configuration concurrently, except for the fact that the LAN1 connections simply cannot connect to the LAN2 / fixed IP ones.

Draytek email support providing slow and incoherent (and most recently) wrong advice. Draytek paid telephone support no help at all either.

I am not trying to do anything complicated. I simply cannot understand why this simple arrangement cannot be configured on the router.

All very frustrating

try enabling the syslog on the rule and see if they actually list the traffic