DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

IPSec passthrough with two DrayTek devices

  • crazzyfool
  • Topic Author
  • User
  • User
More
15 Jun 2018 15:58 #7 by crazzyfool
Replied by crazzyfool on topic Re: IPSec passthrough with two DrayTek devices
Both good suggestions - I'll give them a go and post back. Thanks.

Please Log in or Create an account to join the conversation.

  • crazzyfool
  • Topic Author
  • User
  • User
More
16 Jun 2018 14:52 #8 by crazzyfool
Replied by crazzyfool on topic Re: IPSec passthrough with two DrayTek devices
I haven't had a chance to try the 2830 directly yet but making it the DMZ host made no difference sadly :cry:

Please Log in or Create an account to join the conversation.

  • prushmere
  • User
  • User
More
16 Jun 2018 17:22 #9 by prushmere
Replied by prushmere on topic Re: IPSec passthrough with two DrayTek devices
I needed to do this for a company issued Watchguard behind my 2925 at home.

On the 2860, either via telnet or using the web console window, issue the command:

Code:
srv nat ipsecpass on

The 2830 still needs to be set as a DMZ host in the 2860 though.

Edit: Oh, and make sure "Enable IPSec VPN Service" and "Enable L2TP VPN Service" are disabled under "VPN and Remote Access >> Remote Access Control Setup" in the 2860 too.

Please Log in or Create an account to join the conversation.

  • crazzyfool
  • Topic Author
  • User
  • User
More
16 Jun 2018 22:21 #10 by crazzyfool
Replied by crazzyfool on topic Re: IPSec passthrough with two DrayTek devices

prushmere wrote: I needed to do this for a company issued Watchguard behind my 2925 at home.

On the 2860, either via telnet or using the web console window, issue the command:

Code:
srv nat ipsecpass on

The 2830 still needs to be set as a DMZ host in the 2860 though.

Edit: Oh, and make sure "Enable IPSec VPN Service" and "Enable L2TP VPN Service" are disabled under "VPN and Remote Access >> Remote Access Control Setup" in the 2860 too.



Thanks for the suggestion. I gave it a go but still nothing :cry:

Please Log in or Create an account to join the conversation.

  • crazzyfool
  • Topic Author
  • User
  • User
More
16 Jun 2018 22:23 #11 by crazzyfool
Replied by crazzyfool on topic Re: IPSec passthrough with two DrayTek devices

hornbyp wrote: Some suggestions...

Is it possible to temporarily connect the 2830 directly to the internet and prove you can establish your L2TP/IPSec connection to it.? (Just to eliminate configuration (or compatibility) problems on the 2830)

or

Perhaps configuring the 2830 as the "DMZ Host" on the 2860 would do the trick?
( https://www.draytek.com/en/faq/faq-connectivity/connectivity.nat/how-to-set-dmz-host/ )



Unfortunately I can not test this directly with the 2830 as its not a VDSL modem.

Please Log in or Create an account to join the conversation.

  • hornbyp
  • User
  • User
More
17 Jun 2018 00:54 #12 by hornbyp
Replied by hornbyp on topic Re: IPSec passthrough with two DrayTek devices

crazzyfool wrote: Unfortunately I can not test this directly with the 2830 as its not a VDSL modem.



Any old (ISP-supplied) VDSL-router in Bridge Mode could be used to temporarily connect the 2830 to the Internet...if you have one to hand.

Please Log in or Create an account to join the conversation.