Hi

Im having problems with a LAN-LAN between an ASA and Draytek router. The VPN phase1 and 2 complete successfully, but then Im unable to pass traffic, from either end.
Both ends send and encryp traffic but the traffic is not decrypted at the other side. I have made this work between a Cisco router and 2820, with no problems.
Has anyone seen this issue with ASA's and Draytek routers before?

Maybe perfect forward secret is enabled on one of the routers?

Also you need to make sure that both phases match. In addition if you are using a host name in place of an IP address (DDNS for example) then you need to ensure that the VPN is set to aggressive mode.

Using the Draytek Syslog utility what entries do you have when the connection is being established? I usually find this very helpful in determining what needs tweaking.