DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Traffic Routing

  • hmuser
  • Topic Author
  • Offline
  • New Member
  • New Member
More
27 Sep 2010 15:03 #7 by hmuser
Replied by hmuser on topic Traffic Routing

turnma wrote:

Voodle wrote: I think what they're saying is that the More function isn't for second subnet / additional LAN subnets, it's for additional subnets that can be reached through that VPN using another VPN, more like a static route setting that's configured to go through the VPN.



I hope so, because that's exactly how I'm using it. I have two remote subnets that can be reached through the VPN. The Draytek correctly adds routes to the two subnets through the VPN, but then only seems to actually send data for one of the subnets into the tunnel. I've logged a support call, so I'll see what they come back with.

thanks



That is exactly what i had. Let us know what response you get.

Please Log in or Create an account to join the conversation.

More
27 Sep 2010 22:22 #8 by turnma
Replied by turnma on topic Traffic Routing
Okay, got a response. Seems that the Draytek just doesn't support IPSec VPNs with more than one subnet. I asked if that meant that this would probably work okay with PPTP and they said it would, so I suppose that's always an option. Just a bit disappointing that this is missing on IPSec VPNs.

Please Log in or Create an account to join the conversation.

More
27 Sep 2010 22:25 #9 by voodle
Replied by voodle on topic Traffic Routing
That's probably not quite right, I'm using an IPSec VPN to one router, that connects to another router - I haven't tried it with the one LAN connected to a different subnet using static routes though.

Something that might be worth trying would be to put the LAN to LAN VPN as the default route, that way you can be certain that's going to route through - something to consider is that the other end also needs to be aware that traffic for that LAN has to go through a specific gateway as well.

Please Log in or Create an account to join the conversation.

More
28 Sep 2010 18:35 #10 by turnma
Replied by turnma on topic Traffic Routing

Voodle wrote: That's probably not quite right, I'm using an IPSec VPN to one router, that connects to another router - I haven't tried it with the one LAN connected to a different subnet using static routes though.

Something that might be worth trying would be to put the LAN to LAN VPN as the default route, that way you can be certain that's going to route through - something to consider is that the other end also needs to be aware that traffic for that LAN has to go through a specific gateway as well.



I think it's more of an implementation thing on the Draytek. The tunnel is only negotiating the subnet specified on the main page, not the additional ones on the "More" page. Routing appears to be okay, because the routes do get added. I'm guessing that you're only specifying a single subnet at the Draytek end, even if that subnet effectively supernets the multiple subnets that sit behind the VPN at the other end. For instance, if I tell the Draytek to just set the VPN to 10.0.0.0/8 then everything works fine. The reason I can't do that is that the VPN server at the other end doesn't then like the fact that the subnet at my end overlaps with that network range, so I need to state the specific subnets on the Draytek.

Please Log in or Create an account to join the conversation.

More
29 Sep 2010 09:22 #11 by voodle
Replied by voodle on topic Traffic Routing
That makes sense, I'm only using Draytek routers for the VPN but it's definitely not using supernetting to do it, I've got some LAN IPs in the 10.x range and some in the 192.168.x range.

Please Log in or Create an account to join the conversation.