I have a Vigor2865ac here in the UK connected to a Vigor2860 in Finland via a LAN-LAN VPN connection. Devices connected to the Vigor2860 in Finland have all their internet data routed through the Vigor2865ac in the UK and so get a UK IP address. This works great but is there a way to have some devices on the Vigor2860 in Finland keep a Finnish IP address and some get a UK IP address? Maybe this is achievable via two different sub-nets or a VLAN or something?

I'm not a networking expert, so I'm a bit lost as to what I need to do or if it's even possible without using two routers. Any hits or tips would be most welcome.

Route policy allows you to set certain IP's to use a VPN connection I believe.

Thanks, using your hint I've found an article on the Draytek UK site called Policy Routing Guide - Load Balancing, Address Mapping and VPN Routing

https://www.draytek.co.uk/support/guides/kb-policy-routing-guide?highlight=WyJyb3V0ZSIsInBvbGljeSJd&return=9224280

I'll have a play with the settings and see if I can make something work.

Hi,

There are a couple of ways you could achieve your goal here.

It sounds like you have chosen the “Change default route to this VPN tunnel ( Only active if one single WAN is up )” option in your LAN-to-LAN setup; wording as displayed on a dual-WAN Vigor router, but will be similar wording on other models.

You could actually turn this option off and then create an “IP Group” for all the Finland nodes you want to route through the UK ISP via the LAN-to-LAN tunnel using a ‘Load balancing policy’ as mentioned above.

First create the IP Objects (nodes) then add that/those IP Objects to an IP Group, then setup the load balancing policy for that IP Group to be routed through the VPN connection. Do this all at the Finland end.

Therefore, any additional nodes freshly added to the Finland end will default to the normal Finland ISP and you can then cherry-pick the nodes you want to route through the UK ISP by adding them to the IP Group you have just created.


This totally depends on how many IP Objects you want/need to route and where, it could be more work for you but also less work; based on the number of nodes you want routed.

This can also be done at the UK end for a reverse setup, if so desired, and all with the same LAN-to-LAN connection.
With the VPN tunnel established, you can assign nodes at the UK end to route through the Finland ISP too. Just setup the IP Objects at the UK end and route their traffic through the VPN to the Finland end.

Thanks so much for this, I think I'm now starting to grasp the concept of routing devices between the various routers.

Now I just need to get CityFibre to light up their network at the UK end so I can get off FTTC...