DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Vigor 2820 LAN-LAN L2TP/IPSec
- bjblackmore
- Topic Author
- Offline
- New Member
Less
More
- Posts: 7
- Thank you received: 0
13 Aug 2009 10:19 #57204
by bjblackmore
Vigor 2820 LAN-LAN L2TP/IPSec was created by bjblackmore
Hi,
At the moment we're using PPTP to connect 3 sites together. However, I'm a bit concerned over security, and would like to up the VPN security to L2TP with IPSec. Is this possible between 2 Vigor 2820's? Having looked at the product guide:http://www.draytek.co.uk/support/vpn_setup.html it only shows hows to setup PPTP.
When I try and setup L2TP with IPSec I can enter a Pre-Shared Key in the dial out settings of one 2820, bit can't add a Pre-Shared Key to the dial in settings of the other.
Any help or suggestions, especially on securing LAN-LAN VPNs with the Vigor 2820, would be welcome!
Cheers
Ben
At the moment we're using PPTP to connect 3 sites together. However, I'm a bit concerned over security, and would like to up the VPN security to L2TP with IPSec. Is this possible between 2 Vigor 2820's? Having looked at the product guide:
When I try and setup L2TP with IPSec I can enter a Pre-Shared Key in the dial out settings of one 2820, bit can't add a Pre-Shared Key to the dial in settings of the other.
Any help or suggestions, especially on securing LAN-LAN VPNs with the Vigor 2820, would be welcome!
Cheers
Ben
Please Log in or Create an account to join the conversation.
- bjblackmore
- Topic Author
- Offline
- New Member
Less
More
- Posts: 7
- Thank you received: 0
13 Aug 2009 11:29 #57208
by bjblackmore
Replied by bjblackmore on topic Vigor 2820 LAN-LAN L2TP/IPSec
Found the following article which got L2TP over IPSec working: http://www.draytek.com/user/SupportAppnotesDetail.php?ID=157
However, you have to specifly the remote connecting servers IP address on the Dial-in server settings. Is there anyway around this, as we use a dynamic IP address, rather than static, on the remote connecting servers. This means when their ADSL connections drop & reconnect, they have different IP addresses, so the dial-in server won't allow them to connect.
However, you have to specifly the remote connecting servers IP address on the Dial-in server settings. Is there anyway around this, as we use a dynamic IP address, rather than static, on the remote connecting servers. This means when their ADSL connections drop & reconnect, they have different IP addresses, so the dial-in server won't allow them to connect.
Please Log in or Create an account to join the conversation.
- voodle
- Offline
- Big Contributor
Less
More
- Posts: 1139
- Thank you received: 0
13 Aug 2009 15:42 #57211
by voodle
Replied by voodle on topic Vigor 2820 LAN-LAN L2TP/IPSec
The workaround for that should be to enter the pre-shared key in IPSec General Setup section instead of specifying the remote address.
Please Log in or Create an account to join the conversation.
- bjblackmore
- Topic Author
- Offline
- New Member
Less
More
- Posts: 7
- Thank you received: 0
13 Aug 2009 16:50 #57212
by bjblackmore
Replied by bjblackmore on topic Vigor 2820 LAN-LAN L2TP/IPSec
Thanks for the reply voodle.
That seems to have worked perfectly for 2 of our remote offices. However, with the 3rd, I can't set the Dial-Out Settings correctly.
When I select 'L2TP with IPSec Policy' the 2 working 2820's drop down list becomes available and I can select 'nice to have' or 'must' & the IKE Pre-shared key option becomes available. However this last 2820, if I select 'L2TP with IPSec Policy' the drop down lost stays greyed out with 'none' selected, and I can set an 'IKE Pre-shared key'. I have opened 2 browser windows, 1 with a working 2820, and 1 with this 2820, all the settings for each are exactly the same, I just can't set this last 2820 to use L2TP with IPSec Policy!
Any ideas what could be wrong?
Thanks
Ben
That seems to have worked perfectly for 2 of our remote offices. However, with the 3rd, I can't set the Dial-Out Settings correctly.
When I select 'L2TP with IPSec Policy' the 2 working 2820's drop down list becomes available and I can select 'nice to have' or 'must' & the IKE Pre-shared key option becomes available. However this last 2820, if I select 'L2TP with IPSec Policy' the drop down lost stays greyed out with 'none' selected, and I can set an 'IKE Pre-shared key'. I have opened 2 browser windows, 1 with a working 2820, and 1 with this 2820, all the settings for each are exactly the same, I just can't set this last 2820 to use L2TP with IPSec Policy!
Any ideas what could be wrong?
Thanks
Ben
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek