I have recently moved to BT digital voice and so need to use BT (actually EE) smarthub 2 (SH2) as pimary router in order to use the digital phone line. 
I want to keep using my draytek 2866 as main router for firewall and DHCP behibd the SH2.  Using guidance on this forum I have SH2 as router (IP 192.168.30.1) this is in DMZ mode and forwards all traffic to my draytek (IP 192.168.3.10 - static).  The draytek 2866 then handles all LAN DHCP and firewall on subnet 192.168.1.XX (gateway 192.162.1.1); with this setup all my existing devices are working fine and can access internet as needed.

I don't have fixed IP so using drayDDNS to get dynamic address, this is working fine and as I have my router set to find the internet IP address - which it is doing. 

My main issue external access, in particular Dial-in VPN (L2TP/IPSec) is not working now and not connecting.

Any suggestions welcome!.