DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Lan to Lan using 2820n

  • charles.hobbs
  • Topic Author
  • Offline
  • New Member
  • New Member
More
04 Apr 2011 16:11 #1 by charles.hobbs
Lan to Lan using 2820n was created by charles.hobbs
Hi,

I am having problems creating a reliable Lan-Lan VPN between a pair of 2820n's that will allow me to access servers in each locations from the other location.

The routers are in London 192.168.100.0/24 subnet and France 192.168.110.0/24 subnet (both running 3.3.3_232201)

The London router 192.168.100.254 is connected to a BT Infinity service via the WAN2 port, and the VPN configured:

Common Settings
Profile Name: Lon-Fra
Enable this profile: ticked
Call Direction: Dial-Out
Always on: ticked
Idle timeout: -1
Enable PING to keep alive: ticked
PING to the IP: 192.168.110.1 (server in France)
VPN Dial-Out through: WAN2 Only
Netbios Naming Packet: Pass
Multicast via VPN: Block

Dial-Out Settings
Type of server: PPTP ticked
Server IP/Hostname: xxxxx.no-ip.biz (DDNS provided by NO-IP.COM)
Username: LonFra
Password: ??????
PPP Authentication: PAP/CHAP
VJ Compression: On

TCP/IP Network Settings
My WAN IP: 0.0.0.0
Remote Gateway IP: 0.0.0.0
Remote Network IP: 192.168.110.0
Remote Network Mask: 255.255.255.0
RIP Direction: TX/RX Both
From first subnet to remote network you have to do: NAT
Change default route to this VPN: unticked

The French router 192.168.110.254 is connected to a Orange Broadband service via the WAN1 port, and the VPN configured:

Common Settings
Profile Name: Lon-Fra
Enable this profile: ticked
Call Direction: Dial-In
Always on: not ticked
Idle timeout: 300
Enable PING to keep alive: not ticked
PING to the IP: blank
VPN Dial-Out through: WAN1 First
Netbios Naming Packet: Pass
Multicast via VPN: Block

Dial-In Settings
Allowed Dial-in Type: PPTP ticked
Specify Remote VPN Gateway: ticked
peer ID: vpn.xxxxx.com (resolves to fixed IP Address)
Username: LonFra
Password: ??????
VJ Compression: On

TCP/IP Network Settings
My WAN IP: 0.0.0.0
Remote Gateway IP: 0.0.0.0
Remote Network IP: 192.168.100.0
Remote Network Mask: 255.255.255.0
RIP Direction: TX/RX Both
From first subnet to remote network you have to do: Route
Change default route to this VPN: unticked

This configuration gives access to all servers on the French network from any device in London, but the French devices cannot access devices in London.

If I set up a similar VPN with the French router dialing the London router I get the bi-directional access I would expect to get with a single VPN, However, after a period of time (6-12 hours?) the links stop functioning and I have found it difficult to find a predictable method of getting them working again.

One concern is my lack of understanding over the "RIP Direction" and "Nat/Route" options in the TCP/IP Network settings, any explanations welcome!!!


Cheers,

Charles

Please Log in or Create an account to join the conversation.

More
14 Apr 2011 18:59 #2 by candl
Replied by candl on topic Re: Lan to Lan using 2820n
I have a similar setup Lan-Lan between two 2820's albeit IPSec rather than PPTP.
AFAIK you need 'From first subnet to remote network you have to do: Route' at both ends and I also have RIP Direction: Disabled at both ends.

Please Log in or Create an account to join the conversation.