Following on from my last - having sorted out the anti-virus package I still have the same problem. I think that the defining fact is that setting Site B to dial out does not connect the link.

Murray

You were correct - I should have configured the IPSec tunnel. Having referred the problem to DrayTek Technical Support I was finally given a link to a description of how to do it: - http://draytek.com/user/SupportAppnotesDetail.php?ID=154

I think I will now pour myself a large glass!

Thank you again for all your efforts.

Murray

A PPTP tunnel should still work but IPSec is better.

Also look at the FAQ's on the UK web site for setting up VPN's.

Now that the IPSec configuration is working, and both routers have been upgraded to the latest firmware, I am disappointed to find that I cannot create network connections to shared folders on the networks at either end. The IPSec configuration sets RIP direction to 'Disable' and uses 'Route'.

Should I be creating network drives for the folders I want to access?

I have another similar installation with Vigor 2600s, which is configured for PPTP. On this setup I am able to create network connections from one end but not the other. The RIP direction is 'TX/RX Both' Ver 2 using NAT.

I had never realised before how slow the LAN to LAN link is, compared with a VPN link to the router and using Remote Desktop Connection! Have I made some basic configuration error?

Any suggestion gratefully received

Murray

You can share resources across the VPN but there are some issues:
- If you use Windoze firewall you cannot browse connections in My Network Places. Instead you need to use the IP address of the remote PC e.g. in Start > Run type \\192.168.2.45\sharename. The same goes for mapping network drives
- In Windoze firewall you will need to go into the File and Printer settings and allow a custom range for each port. This range should include the local and remote subnets - you could allow 192.168.1.0/255.255.255.0 and 192.168.2.0/255.255.255.0, or, if my subnetting calculations are right, just 192.168.0.0/253

It is totally up to you if you want to create network drives. If you often access them, it makes sense. If you have to create a lot you have a problem as there are not enough drive letters, but you can create a folder and put shortcuts in it to each drive.

Don't worry about RIP. I did not find it made any difference so I disabled it.

The speed of the VPN is governed by the upload speeds at each end of the connection. If you are displaying huge files or doing database work I would expect RDP could be quicker as processing is done on the far PC and the VPN only has to carry the results as a screen image. What speeds are you getting and what are your connection speeds?

I have tried the Start> Run approach without success - I am told to ask the network administrator for permission, even for SharedDocs.

The speeds are as follows: -

For the dial-out end - from Syslog WAN1 TX 4352 RX 768 - LAN to LAN from the router display TX 745 RX 134. For the dial-in end - from Syslog WAN1 TX 1589 RX 229 - LAN to LAN from the router display TX 3 RX 3.

The main purpose of the LAN to LAN link is ODBC connections to database servers, so (obviously!) the traffic depends on the number of tables involved in a query and the number of rows, BUT they do want access to shared folders on a PC in the dial-out end from the other location. The best way to provide that seems to me to be a teleworker VPN link to the router, which will allow the use of a network connection.

Murray