In this example I am setting up a site to site VPN between 2 Draytek 2710 routers. Both routers will need to have static IPs on their WAN interface.
The network in this example is setup with one router on 192.168.1.1 and the other on 192.168.2.1 as shown below.The router in Site B is the initiator and will be responsible for setting up the VPN.
Note – On older Drayteks you would set the router in Site B to dial out and the router in site A to dial in.
Configuring the router in site A
Logon to the routers web management interface (i.e. http://192.168.1.1)
Select option “1” as shown below
Configure the settings as shown below
- Enable this profile
- Always on
- L2TP with IPSec (nice to have)
- IKE Pre-Shared Key choose a password for the VPN. This must be the same on both routers.
- Remote Gateway IP Enter the WAN IP of the remote router
- Remote Network IP Enter the subnet of the site B (in this example 192.168.2.0)
- Remote Network Mask the subnet mask of the remote site.
- Click ok to save
Configuring the router in Site B
This is the same procedure as above but you enter in the details for site A. As this router is the VPN initiator we specify the server IP address
Choose the options specified below
- Enable this profile
- Always On
- L2TP with IPsec Policy nice to have
- Server IP i.e. the IP address of the other router in site A
- IKE preshared key choose a password to use for the VPN
- Remote Gateway IP Enter the WAN IP of the remote router
- Remote Network IP Enter the subnet of the site A (in this example 192.168.1.0)
- Remote Network Mask the subnet mask of the remote site.
Click ok.
Verify Connection
To check that your connection is working go to “connection management”. You should see a tunnel has formed as shown below: