Solved

DrayTek Vigor 2820n

Posted on 2011-09-06
11
2,747 Views
Last Modified: 2012-05-12
Hi EE,

Does anyone has experienced setting up the VPN on DrayTek Vigor 2820n?

I've setup the VPN and Remote Access>Remote Dial In User with dial in type below then setup a VPN connection from my notebook with pre-shared key using protocol L2TP with IPSec BUT it ain't connecting:

PPTP
IPsec Tunnel
L2TP with IPSec Policy (None)

Do I need to enable the below also:
Specify Remote Node
Remote Client IP
Assign Static IP Address

Appreciate your time and help.
0
Comment
Question by:mcse2007
  • 6
  • 5
11 Comments
 
LVL 7

Author Comment

by:mcse2007
ID: 36488451
What I discovered was, I can connect to the VPN from my phone using its network data carrier BUT I cannot connect to VPN when connected to the internet access point which is the DrayTek Vigor 2820n?

Is it normal that you cannot connect to VPN while you are connected to the internet via your own internet access point which is also the VPN appliance/ DSL router/ firewall?
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 250 total points
ID: 36492784
Have you followed their FAQ guide:

http://www.draytek.co.uk/support/vpn_setup2.html
0
 
LVL 7

Author Closing Comment

by:mcse2007
ID: 36494769
cheers
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36494786
Glad you got it working - they can be "fun" to configure, but once done, they work like a charm.

I was setting two 2830n's yesterday and creating a site-to-site VPN between the two.  Once it was up and running, the link was solid, fast and reliable.

Thanks for the points.

Alan
0
 
LVL 7

Author Comment

by:mcse2007
ID: 36495955
excellent...didnt even such router existed until few day ago.

my issue at the moment is cannot ping the router ip address once I managed to connect using ipsec tunnel protocol...my vpn client ip is the same subnet as my router.

I have two sites to roll out such router and one with remote off site backup
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36495996
You need different Subnet's for VPN to work happily.

If they are the same - you can't communicate properly as your local netowrk will look locally for resources that are remote and won't find them.

If you can change your IP Addessing so that one site is something like 192.168.0.0/24 and the other 192.168.1.0/24 then it will work happily.
0
 
LVL 7

Author Comment

by:mcse2007
ID: 36498950
will the router takes care of the routing if the remote user has diffirent iip address when you ping the router remotely? or you need to add route manually imside the router?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36499119
Router should take care of it.

Make sure you enable the router to be pinged (System Maintenance> Management) - it is disabled by default so the lack of ping might be simply a tick box that needs to be unchecked.
0
 
LVL 7

Author Comment

by:mcse2007
ID: 36501810
I managed to connect to Vigor 2820n using IPsec Tunnel with preshared key by following your link using DrayTek Smart VPN client. The Smart VPN client has settings identical with those of the DrayTek Vigor 2820n. BUT, when I ping from my notebook, I get the below reply,

Negotiating IP security.
Negotiating IP security.
Negotiating IP security.
Negotiating IP security.

The smart VPN client from my notebook connects to the VPN router using  IPsec Tunnel  but I cannot reach any of the servers from the LAN either by ping or RDP etc.

Do I have to create some filter etc, so I can allow incoming traffic to reach the LAN?

Isn't the VPN setup will takes care of the routing without needing to create filter policy?

DrayTek 2820n is easy to setup the VPN but it is harder to make it work properly???

How do you normally do your VPN client to VPN router set up?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 36514495
Do you have the same internal IP Range where you are connecting from as the Office LAN IP Range?
0
 
LVL 7

Author Comment

by:mcse2007
ID: 36514693
is it on different subnet of my LAN
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now