Does anyone know what we have to set (Vigor 2900) to allow an encrypted teleworker connection into a Windows NT domain. Everything we have tried just gets a 691 error :
Access denied because username and/or password is invalid on the domain

We have tried all forms of username on the 2900 (name, domain\name, domain/name).

I assume the VPN works without any attempt to get on to domain I.E.
vpn in with "User" "Somepassword" actually connects in some form?

If the basic user and password does not work it is more likely a problem with something along the way stopping the vpn. Some ISP's provide basic firewalling that can stop VPN's or even a router can fail to pass the traffic.

Sorry if this is stupid question but the password (and domain challenge) often come up SIMPLY because the VPN is blocked, non existent or the public IP address has changed etc.

It appears the Draytek Smart VPN Client isn't very good at errors. Using Windows 7 VPN the errors I get relate to invalid IKE and security layer failure.
An unsecured PPTP tunnel works without a problem it is only when I try to add encryption things fall over. The IKE keys are correct.

When using Windows PPTP do you manually set the type of VPN to pptp and force encryption to maximum?

I have seen issues where it seem to not negotiate properly while IPSEC is enabled as an option on the router and "type" left as auto on the ms client.

Haven't tried the Draytek client (recently) but vaguely remember hearing good reports for the Shrewsoft one - http://www.shrew.net/download/vpn

Thanks, but we have given up and are now using a Netgear ssl312 which worked straight away.

Good to know, I've avoided Netgear in the past due to the extra VPN client licensing charges (not sure if that is still true) but if it works without stress maybe it's the solution.