Hi

I've had several emails asking me for the settings I used to get a Lan to lan vpn working.

Have to say I'm not a VPN expert and the Lan was kindly setup by Draytek support (3 cheers) I took a screen dump so I could replicate their settings.

To save people the problem of asking I've uploaded thescreen dump of both outstation and server

Hope this helps everyone. Of course if technical assistance is required by all means email me and I'll use my vast expertise to ......

http://www.edwards-micros.co.uk/download/vpn.zipx

Cheers

Ian

Can I suggest you use a less proprietary file format for your attachment?

Hi

it appears that zipx is the new format for winzip, mine upgraded automatically and now defaults to zipx, - shades of office 2007.

Anyway I've done a save as zip so the link is

http://www.edwards-micros.co.uk/download/vpn.zip

Life is never simple

Ian

I am surprised that Draytek have set you up like this. I would have thought they would have you using AES rather than 3DES for the IPSec Security Method. If you can it is worth exploring X509 Digital Signatures as they are better than even a strong PSK.

What advanced options did they set you up with in the IPSec Security Method?

Also your setup is only going to work if both end have fixed IP's.

Hi

both ends do have a fixed IP, as to the ipsec security options

medium (AH)ticked

and DED,3des AND aes with ticks.

It also says data will be encrypted and authentic.

I assumed this was Ok? I make no claims to be an expert in this area.

What was the icing on the cake was that it was a waste of time because Sage does not runover a VPN

cheers

Ian

A bit better would be Ipsec Security Method: AES with authentication (for your Dial-out/head Office Box), and in the advanced settings, enable Perfect Forward Secrecy.