DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Vigor 2820 LAN-LAN L2TP/IPSec

  • bjblackmore
  • Topic Author
  • Offline
  • New Member
  • New Member
More
13 Aug 2009 10:19 #57204 by bjblackmore
Vigor 2820 LAN-LAN L2TP/IPSec was created by bjblackmore
Hi,

At the moment we're using PPTP to connect 3 sites together. However, I'm a bit concerned over security, and would like to up the VPN security to L2TP with IPSec. Is this possible between 2 Vigor 2820's? Having looked at the product guide: http://www.draytek.co.uk/support/vpn_setup.html it only shows hows to setup PPTP.

When I try and setup L2TP with IPSec I can enter a Pre-Shared Key in the dial out settings of one 2820, bit can't add a Pre-Shared Key to the dial in settings of the other.

Any help or suggestions, especially on securing LAN-LAN VPNs with the Vigor 2820, would be welcome!

Cheers

Ben

Please Log in or Create an account to join the conversation.

  • bjblackmore
  • Topic Author
  • Offline
  • New Member
  • New Member
More
13 Aug 2009 11:29 #57208 by bjblackmore
Replied by bjblackmore on topic Vigor 2820 LAN-LAN L2TP/IPSec
Found the following article which got L2TP over IPSec working: http://www.draytek.com/user/SupportAppnotesDetail.php?ID=157

However, you have to specifly the remote connecting servers IP address on the Dial-in server settings. Is there anyway around this, as we use a dynamic IP address, rather than static, on the remote connecting servers. This means when their ADSL connections drop & reconnect, they have different IP addresses, so the dial-in server won't allow them to connect.

Please Log in or Create an account to join the conversation.

More
13 Aug 2009 15:42 #57211 by voodle
Replied by voodle on topic Vigor 2820 LAN-LAN L2TP/IPSec
The workaround for that should be to enter the pre-shared key in IPSec General Setup section instead of specifying the remote address.

Please Log in or Create an account to join the conversation.

  • bjblackmore
  • Topic Author
  • Offline
  • New Member
  • New Member
More
13 Aug 2009 16:50 #57212 by bjblackmore
Replied by bjblackmore on topic Vigor 2820 LAN-LAN L2TP/IPSec
Thanks for the reply voodle.

That seems to have worked perfectly for 2 of our remote offices. However, with the 3rd, I can't set the Dial-Out Settings correctly.

When I select 'L2TP with IPSec Policy' the 2 working 2820's drop down list becomes available and I can select 'nice to have' or 'must' & the IKE Pre-shared key option becomes available. However this last 2820, if I select 'L2TP with IPSec Policy' the drop down lost stays greyed out with 'none' selected, and I can set an 'IKE Pre-shared key'. I have opened 2 browser windows, 1 with a working 2820, and 1 with this 2820, all the settings for each are exactly the same, I just can't set this last 2820 to use L2TP with IPSec Policy!

Any ideas what could be wrong?

Thanks

Ben

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami