Hi, we have a Draytek Vigor 2955. Internally we have our main network which is 10.2.x.x /16 and a secondary network 192.168.10.x /24. When we establish a VPN connection it always defaults to the 10.0.x.x address range, but we need to force it to the 1923.168.10.x range only. Does anybody know how to do this, as I am sure we have been through every setting on there, and there is nothing that seems to do this?

Can you explain this a little more ?
Because, I do not know of any method that the 2955 is able to manage more then 1 network connected a LAN port (with the exeption of the routing network used to map external IP adresses to internal workstations).

Sorry, I'm connecting from the Draytek to a Sonicwall. On every other firewall I have ever worked with (including the Sonicwall) part of setting up a vpn connection involves specifying the remote gateway, remote network and ip address/range, as well as the local ip address/range.

So for instance I would say this VPN connects to x local IP address / range, and y remote IP Address / range.

On the Draytek, I can't see any way of specifying a local address / range for the VPN, only the remote.

So on the Sonicwall I have specified the remote address range as 192.168.10.x 255.255.255.0, but the Draytek keeps responding with 10.2.x.x 255.255.0.0 and we get "Peer's local network does not match VPN policy's Destination Network" (on the sonicwall).

What I am trying to do is force the vpn on the draytek to only see the 192 address range because the 10.2.x.x range is too wide and clashes with existing vpn's on the sonicwall (and I can't reduce the subnet on the Draytek side unfortunately).

I hope this makes it a bit clearer.

You can specify a different local address, network mask, local subnet under 5) in the Lan2Lan profile.
Draytek Live Web Demo of a 2950, FW 3.3.x:
http://www.draytek.com/.upload/Demo/Vigor2950%20V3.3.0/

But, if this does not match at least a part of the local subnet, I dont think, that packets are forwarded to the local subnet.

That might work if your PCs have two IP Adresses.

Have you tried this ?
I have a 2950, but, never checked if this will work if the local subnet address under 5) is not a subnet of the local subnet.