Hello Everyone!

This is my first time posting here. Please go easy on me!

I am really looking forward to the arrival of my: DrayTek Vigor 2860AC

I would appreciate any suggestions / feedback for those of you who have this setup. Were there any obstacles?

In reading a review, I saw this feedback listed. I'm sure I will be very happy with the router and went ahead with the purchase anyway. As I've read and heard many good things about the build quality of DrayTek. Especially going from the BT HomeHub 5!

I wondered if further firmware updates had improved / changed such features / implementations.

With firmware 3.7.8.3 VECTOR

- VPN is restricted to IKEv1, AES-128 and DH2 (many organisations (financial / medical) now require AES-256 and DH5 or greater)

- Remote Access VPN with IPSec + NAT-T is not supported, must use L2TP (effectively sending all traffic over VPN)

- DHCP server can hand out a maximum of 256 addresses (even if your subnet is larger, class A or class B)

- MTU is restricted to 1496 bytes (BT's VDSL supports 'baby jumbo frames' at 1534 bytes, which means largest supported MTU should be 1506 bytes), which leads to a marginal artificial speed decrease.

In regards to the MTU, am I best using the OpenReach VDSL modem? I see from the changelog that the maximum MTU is set to 1500.

Many thanks in reading this!

Kind Regards,

Matthew

The router does support AES 256, SHA256 and DH14, you need to set the IPsec VPN to AES with Authentication then click Advanced and you can select those options for the dial-out proposal. The router should also accept those dial-in types.
You could be referring to the Smart VPN client perhaps? I can see that version 4.3.3.1 is limited to AES256 and DH2, in which case I agree and you should contact support to see if that can be improved.
Other VPN clients such as the Greenbow may not have this limitation.

- Remote Access VPN with IPSec + NAT-T is not supported, must use L2TP (effectively sending all traffic over VPN)

To my knowledge this is supported?

- DHCP server can hand out a maximum of 256 addresses (even if your subnet is larger, class A or class B)

Yes, at the moment the DHCP server supports /24, you would need a Vigor 2960 or Vigor 3900 for larger DHCP subnet sizes (because those two are not limited to /24).

- MTU is restricted to 1496 bytes (BT's VDSL supports 'baby jumbo frames' at 1534 bytes, which means largest supported MTU should be 1506 bytes), which leads to a marginal artificial speed decrease.

In regards to the MTU, am I best using the OpenReach VDSL modem? I see from the changelog that the maximum MTU is set to 1500.

Install the 3.7.8.3 BT firmware, then try using the Path MTU discovery feature:
http://www.draytek.co.uk/support/guides/kb-vigor-mtu-2
That supports larger MTU values.