Hi
I have experience of draytek 2820 for several customers but have set up a 2925 for a customer in the last few days and am having problems.
First of all, I'll try to keep it simple: the customer has two sites, site b is 1100 metres from site a.
site a has an adsl connection but site b is too far from an exchange to receive an adsl signal, it does have a satellite broadband connection which is limited to 40gb per month.
There is a tall antenna installed at both ends and netgear waps installed to provide a wifi connection from site a to site b
This does work, the satellite connection is faster but volume limited.
At site b, some switches and waps connect to the satellite and others to the broadband which is unsatisfactory
I introduced a 2925, connected the cable from the wap to the adsl at site a to wan1 and cable from the satellite to wan2.
P2 connects to a switch and devices within the firewall can see each other and access the internet.
I configured a policy to direct certain devices to wan1 and wan2 - all working more or less as it should.
However, at site a with the adsl there are several computers which have to be accessed from site b.
Before installing the draytek, machines at both sites had IPs in the range 10.0.0.x and could be accessed from both sites.
Now within the draytek firewall, machines and devices are at the default IP of 192.168.1.x - (I know it can be changed, but there are enough problems already!!)
It is not now possible for machines within the firewall, for example 192.168.1.201 to access devices such as the waps with ip addresses 10.0.0.x or to use windows explorer to access machines outside the draytek firewall with IP addresses 10.0.0.x
I configured open ports, initially to limited ranges, but eventually trying to connect a large range of ports from and to 192.168.1.1-255 and 10.0.0.1-255
I also configured one of the PCs in the DMZ without success.
My previous experience of drayteks has been sites with a single adsl connection, where I needed to open ports from outside to access servers for mail or ssh/webmin (linux servers)
However, this customer does not have a server, just peer-to-peer windows 10 machines, and the requirement is for at least one PC within the draytek firewall to access a PC outside the draytek firewall, but within the adsl connection at site a.
Hope I have made this clear,
I also configured the 2925 for management from the internet, but when I got home found I cannot access it, so another 50 mile trip when I get some answers!

Not quite sure what you are saying, but I think that remote management only works via wan1, so if I read what you have written that is the ADSL link into Site A, via the netgear WAPs to site B, and then in WAN 1 on the 2925...

I can't use remote management through wan2 anyway, the satellite connection has the ports closed. remote management will only be possible with the isp's business package, so I can forget that. I am not sure if I can remote manage via the adsl router at site a, through the waps to the draytek at site b.
Anyway. remote management is not the major issue. I can use teamviewer to access a PC at site b, in order to access the draytek.
My question is how should the draytek be configured, so that a pc inside the firewall at site b, can access a pc outside at site a.
I opened ports 135-139 and 445 in both directions, but no joy.