Draytek IPsec VPN tunnel
Posted on 2010-11-25
I have a following problem, and would like to know if anybody can point me into a right direction to get a solutions for this.
I have a Draytek 2820 Vigor modem/router that I use as a VPN gateway to a LAN that consists of Windows 2008 R2 server which is a DC and a file server and DNS and DHCP server. The rest of the LAN is couple of PCs that are part of the domain. All the other users, some 10 laptops, are very mobile and are not part of the domain, as these are usually personal laptops. They connect to the network once they are in the office, and there is no problem accessing shares on the fileserver, as the DNS server IP address is given to each laptop as it connects.
The problem arises when these mobile user connect via Draytek Smart VPN client (Ver 220.127.116.11). If the user connects via “IPsec Tunnel” option, I can ping the file server, or any other PC on the LAN, but I cannot actually connect to the share via its name (or to any PC via its name). Basically the client does not know about the LANs DNS server.
Is there some way to let the client connected via the VPN IPsec Tunnel know the IP of the LAN’s DNS server so that the client can resolve the share names? The only way around it I found, that is quite cumbersome is to map all the shares into the HOST file, but I would rather not do that.
The reason I do not want to use the PPTP option is that I do not want to know the users passwords for the VPN connections.
Another problem that I have found with the Draytek’s Smart VPN Client (sVPNc) is that even if you put in wrong credentials and IP address (while connecting as IPsec Tunnel), the client will tell you that it is connected even though there is no connection (you might not even have internet access and the sVPNc will happily tell you that you are connected) . Not very useful for the clients, as they believe to be connected, but cannot access anything as obviously there is not connection what so ever.