Setup Draytek to Draytek VPN

In this example I am setting up a site to site VPN between 2 Draytek 2710 routers. Both routers will need to have static IPs on their WAN interface.

The network in this example is setup with one router on 192.168.1.1 and the other on 192.168.2.1 as shown below.The router in Site B is the initiator and will be responsible for setting up the VPN.

Note – On older Drayteks you would set the router in Site B to “dial out” and the router in site A to “dial in”.

Configuring the router in site A

 

Logon to the routers web management interface (i.e. http://192.168.1.1)

Select option “1” as shown below

Configure the settings as shown below

  • Enable this profile
  • Always on
  • L2TP with IPSec (nice to have)
  • IKE Pre-Shared Key – choose a password for the VPN. This must be the same on both routers.

  • Remote Gateway IP – Enter the WAN IP of the remote router
  • Remote Network IP – Enter the subnet of the site B (in this example 192.168.2.0)
  • Remote Network Mask – the subnet mask of the remote site.
  • Click ok to save

 

Configuring the router in Site B

 

This is the same procedure as above but you enter in the details for site A. As this router is the VPN initiator we specify the server IP address

Choose the options specified below

  • Enable this profile
  • Always On
  • L2TP with IPsec Policy – nice to have
  • Server IP – i.e. the IP address of the other router in site A
  • IKE preshared key – choose a password to use for the VPN

  • Remote Gateway IP – Enter the WAN IP of the remote router
  • Remote Network IP – Enter the subnet of the site A (in this example 192.168.1.0)
  • Remote Network Mask – the subnet mask of the remote site.

Click ok.

Verify Connection

To check that your connection is working go to “connection management”. You should see a tunnel has formed as shown below:

Leave a Reply

Your email address will not be published. Required fields are marked *