2 Draytek 2600 Routers on Network, how to allow VPN access through both

Posted on 2006-06-05
Medium Priority
Last Modified: 2012-05-05
I have windows Network that Users connect to remotely via the Draytek VPN on Router 1, which works fine.

My problem is that if users connect via VPN on Router 2 they cannot see the network, and can only ping the second Router.

I 'think' I need to do something with Static Routes, but the Draytek manual seems a little thin on the logic behind configuring this.

Network information below....

DHCP is handled by the Windows SBS (

Network IP
Gateway :

Router 1

Router 2

Any ideas on what I need to do ?
Question by:ubiquitas
  • 4
  • 3
LVL 78

Expert Comment

by:Rob Williams
ID: 16833894
Pretty well guarantee the problem is the fact that both sites are using the same subnet. VPN's to allow for routing, require that both sites use a different subnet, or you will have results exactly as described. Assuming a subnet mask of can you change one or the other sites to 10.0.1.x or similar. If using a subnet mask other than please advise as you will have to choose a different subnet.
No static routes should be necessary unless you have multiple gateways at one or the other sites.

Author Comment

ID: 16834142
ok, just to clarify. All the details i posted are from Main Office which has 2 routers.

People are dialing in from the following remote offices IP's

Remote Office 1

Remote Office 2

If either office connects to Main Office (Router1) all is fine, they can see the network

If either office connects  to Main Office (Router12 )all is NOT fine, they can only ping the router (

So, which router do I configure the static router on, and what do I type in ?  I've tried a few things but the draytek Static Router pages shows everying as being empty - confused ?  I am !

LVL 78

Expert Comment

by:Rob Williams
ID: 16834246
Sorry, I misunderstood.
What is likely happening is the remote user connects to a PC/server through router #1 and the reply is sent back to the default gateway which is router #1, and it works fine. However, when they connect to router #2 the reply is still sent back to the default gateway, which is router #1, and the packet is lost. To remedy this on the PC/Server the clients are connecting to, you can add a static route:
route add -p <remote office subnet>  mask  <subnet mask>  <router's IP)
for example:
route  add  -p  mask
This will force all traffic for office 1 through router #2. However they will not be able to connect to router #1.
Note: you can delete the added route with " route  delete"    (-p  makes the route persistent upon reboots)
Your router likely has the option to be able to add a similar route command. Install it on router #1 (the default gateway) to advise it where to send the appropriate traffic.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.


Author Comment

ID: 16892642
hmm, ok thanks for that.  Ideally I want users to be able to connect to the network via either router, not forcing office 1 to use router 1 and office 2 to use router 2....
LVL 78

Accepted Solution

Rob Williams earned 1500 total points
ID: 16893373
The only real solution to that, would be to add a dual WAN port router and insert it in the network between the Draytek units and the local LAN. It will look after the necessary routing . The Linksys RV042 is one such unit:

Author Comment

ID: 16893474
ok , thanks bud
LVL 78

Expert Comment

by:Rob Williams
ID: 16893556
You are welcome.
Thank you.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month14 days, 5 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question