DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

setup vpn for remote dial in worker & dyndns: vigor 2830n

More
02 May 2011 12:32 #7 by nobody
Replied by nobody on topic Re: setup vpn for remote dial in worker & dyndns: vigor 2830
in the Router UI,
go into the VPN and Remote Access, PPP General setup.
Check the encryption settings.
Recommended: Require MPPE, or maximum MPPE.

in you VPN client, make sure, you use the same settings, as defined on the VPN Server.

Please Log in or Create an account to join the conversation.

  • tester2830n
  • Topic Author
  • Offline
  • New Member
  • New Member
More
14 May 2011 16:39 #8 by tester2830n
Replied by tester2830n on topic Re: setup vpn for remote dial in worker & dyndns: vigor 2830
I have problem is IPSec tunneling.

DrayTek VPN Smart Client setup and IPSec Tunnelling problems

What do I select for my IP. Is this the remote ip of my laptop outside the DrayTek Router, which is trying to make the VPN connection?

In the standard IPSec Tunnel:

My settings are set as default for:

Remote subnet: 0.0.0.0
Remote Subnet mask: 255.255.255.0

I only have one subnet on my home network, which is 192.168.1.0. So does that mean for Standard IPSec Tunnel remote subnet be set to 192.168.1.0?

PPTP vpn to the draytek router works. DrayTek router shows it as connected.
I can connect to my router using PPTP. But IPSec tunneling is giving me problems. DrayTek Smart Client says connected via IPSec, DrayTek router doesn't show it as connected.

Please Log in or Create an account to join the conversation.

More
14 May 2011 17:37 #9 by nobody
Replied by nobody on topic Re: setup vpn for remote dial in worker & dyndns: vigor 2830
If you are behind a NAT router, dont forget to press the button "enable IPSEc Nat-Traversal" in the smart VPN client, and reboot the computer

Set the remote subnet to your home network: 192.168.1.0
VPN however will not work, if you are in a location/subnet, which uses the same subnet.

Set the preshared key to some large random string
Choose a desired encryption, ESP, DES with SHA1 or 3DES with SHA1

In the web-interface of the Draytek router, under VPN, IPSec General Setup,
set the preshared key to the same value you choosed for the client.

Then, it should work (if the router which you are behind with your client is able to passthrough IPSec traffic).

The tunnel will however will be brought up only if you try to send data, or enable the "ping to keep alive" feature in the draytek client.

Note: all remote dial-in-users will have to share this same key -unless you have a public static IP on the client side, or you have a client which can use aggressive mode (AFAIK the draytek client does not support this feature). So, if you want to have more then a few users, maybe use L2TP over IPSec, where you can specify an additional username & password in addition to the preshared key.

Please Log in or Create an account to join the conversation.

  • tester2830n
  • Topic Author
  • Offline
  • New Member
  • New Member
More
15 May 2011 17:43 #10 by tester2830n
Replied by tester2830n on topic Re: setup vpn for remote dial in worker & dyndns: vigor 2830
Thank you. It's working. IPSec is working....I am so happy.

Please Log in or Create an account to join the conversation.