View Full Version : Draytek VPN issue

29-05-2013, 12:20 AM
2 Draytek 2710N setup with Lan to Lan VPN working fine. Have created a new Dial in user and can connect OK but no ping etc. I have had trouble with the DNS setting on these devices as it has been defaulting to the ISP DNS and of course this wouldn't allow access to the server. I enabled the option to force DNS setting and now get the correct DNS for the dial in user but still no ping etc.

Main Draytek is configured under LAN option with DHCP disabled as have server 2008 on the Lan as DHCP and DNS.

The manual doesn't give any other options that I can see that need configured.

Anyone had these working as a dial in? Configured Win 7 as per http://www.draytek.com/index.php?option=com_k2&view=item&id=2771:built-in-vpn-client--windows-7-to-vigor-router--l2tp-over-ipsec&Itemid=293&lang=en


29-05-2013, 12:47 AM
In the Maintenance, have you enabled "Respond to remote pings" or something to that effect? I don't recall off the top of my head...

29-05-2013, 11:00 AM
Thanks. The ping was being blocked but wasn't the issue as I couldn't browse the network or RDP to the server. But you pointing me to that location I found "allow from the Internet" option. I entered my local IP subnet and I could browse and connect to the server. Now I have to see if entering this info is what made the difference as my thinking says it shouldn't because this is VPN data and shouldn't be treated as "Internet traffic" and how would I know what to enter for other VPN users as there local IP address.

Thanks at least it's working.

29-05-2013, 01:50 PM
Great that you got it working. Router built in VPN can be interesting to setup sometimes :)

29-05-2013, 03:31 PM
Yeah those DrayTek routers are pretty damn sweet though, I'm a *huge* fan of them!

30-05-2013, 01:09 AM
I'm at a loss now! I had a connection and could RDP and now I can't. I get the right IP and DNS from the router, it shows I'm connected in the router but no data/ping etc. Have turned off the disable ping and can ping the router when not connected but not when connected. I have disabled all firewalls for testing. Seems strange it was working and now not. I will try from a different site incase the issue is site related but shouldn't be.

30-05-2013, 10:32 AM
Was using L2TP/IPsec as that is my prefered option but I found unrealiable. If I left the connect open sometimes it would allow data transfer straight away and other times jad to wait 5-10 minutes for it to sort itself out. Change to PPTP and away no problems.

30-05-2013, 11:06 AM
Yeah I prefer PPTP too. Supposedly not as secure but I'm not usually using a VPN for that reason...

30-05-2013, 12:40 PM
Using the VPN for mobile staff to access the LAN and mainly the Remote Access Server. I read PPTP can be hacked with some effort so will use a long auto generated password per user.

I have followed the documentation to configure L2TP/IPsec with Win 7 but and does connect. I have read there needs to be NAT or routes configured and with no documentation that I can find and with it being intermittent I cannot roll out to users. Support from the reseller is limited.

So PPTP it is for now.

19-06-2013, 10:49 PM
To follow up on this I have PPTP workinig OK but only one connection at a time. I cannot get concurrent connections at all. If a dial in user is connected then no one else can connect.
I have read the manual and cannot find anything related to limiting the number of concurrent dial in users. This is the Draytek 2710n - I have read they are limited to only one Lan to Lan connection but said nothing about dial in that I can remember. I can't find where I read about the Lan to Lan limit now to double check the dial in.
Anyone now if this model will work with concurrent users?

Alex B
20-06-2013, 11:17 AM
Ask snappernet. If it's anything like a Cisco, it may be a licensing thing.

20-06-2013, 04:21 PM
Yeah look up "VPN Passthrough" and "VPN ALG". As Alex B mentioned, give Ed from SnapperNet a buzz.

24-06-2013, 11:40 AM
I have been emailing Ed for the last 2 weeks but he doesn't respond. Rang them and got someone else and got the answer straight away. There is a 2 VPN limit on the 2710n and I need to change the the 2800 series to have up to 32 VPN connections.
Finally answered.

24-06-2013, 11:56 AM
Ah waddaya know :) Glad you've got it nailed.