DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Unable to access LAN resources once connected to SSL VPN

  • draytek_2865_2
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
28 Jul 2022 11:28 #101478 by draytek_2865_2
Hello

I have recently setup a new Draytek router and it has LAN 2 LAN VPN's setup which work fine, I have just setup a remote user with SSL VPN and the connection connects ok but I am unable to access any servers or resources on the Draytek subnet. The DHCP address the SmarVPN client gets is correct but nothing will connect.

Any suggestions please? I have tried on a couple of pc's and all are the same. I have looked at this but doesn't offer any real help.

Home Sunbet is 192.168.1.0 and the remote is 192.168.10.0

https://www.draytek.co.uk/support/guides/kb-smartvpn-troubleshooting

Many thanks!

Please Log in or Create an account to join the conversation.

More
28 Jul 2022 12:13 #101479 by piste basher
I don't know if it's of any help but the latest firmwares appear to have changed things with regard to the firewall and features such as VPN connections, as described in the various release notes. I have to confess that I don't fully understand the release notes and what the changes mean.

Please Log in or Create an account to join the conversation.

  • draytek_2865_2
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
28 Jul 2022 13:07 #101480 by draytek_2865_2
hmmmm, I am running the latest firmware.


I have logged a support call with them to see if they can help.

Thanks!

Please Log in or Create an account to join the conversation.

More
29 Jul 2022 09:45 #101482 by mbames
I've not played much with user dial in VPNs, but do you have split mode/tunnel enabled?

Wonder if you need to route all traffic via the dial in VPN connection to then be able to reach the machines at the end of the site 2 site VPN.

Please Log in or Create an account to join the conversation.

  • draytek_2865_2
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
29 Jul 2022 11:09 #101483 by draytek_2865_2
I'm not sure, I haven't played with it much before either but don't recall on the last one I did doing anything different.

Where are the options you mention.

Thanks!

Please Log in or Create an account to join the conversation.

More
29 Jul 2022 11:20 #101484 by mbames
In the old days if was a setting found on the client side of the configuration, not sure where it is hidden on windows 11.

Arh, just looked, it seems to be enabled by default. Its a bit of a scroll, but you should eventually find it!
https://allthings.how/how-to-manually-configure-a-vpn-in-windows-11/

Edit: just had a play here.
MS Surface hotspotted to my phone
MS Surface then established a VPN connect to my vigor 2925 (L2TP dial in user)
VPN site 2 site connection to 2860 x2 (both via IPSec tunnels)

If I have "use default gateway" enabled on the L2TP connection on my Surface then I can reach 2x 2860s and my 2925.
If I have "use default gateway" disabled on the L2TP connection on my Surface then I can only reach my 2925 (which is the termination of the L2TP connection).

2925 is 192.168.100.x
2860 (a) is 192.168.102.x
2860 (b) is 192.168.113..x

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami