EdgeRouterX - Draytek - Draytek VPN issues
-
Are you allowing both VPN tunnels access to both networks in the Main Network? Adding site names would make it easier to refer to them.
-
*Edited the original post to add Site names to referencing too
-
@Dashrender How do you mean "Allowing" all I've done with the "shop" network is set-up the VPN and it worked. Tried to do the same with the WHS Site and it doesn't
-
I haven't setup a VPN tunnel on my EdgeRouter stuff yet, but by default, when you setup tunnels, you have to explicitly say what traffic exists on the other side of the tunnel so it knows to route it over the tunnel, otherwise it routes the traffic to the internet interface.
Your Draytek's might have some type of autoconfig that takes care of that for you, some type of routing protocol. I'm guessing you could set that up on the EdgeRouter as well, but it's probably not there by default.
-
@Dashrender any idea how to check the config?
That was what I was hoping to happen when I added the subnet to the VPN on EdgeRouter like the DrayTek
-
Downloaded the Config file of the EdgeRouter and it has this :-
peer OFFICEIP{ authentication { mode pre-shared-secret pre-shared-secret MySecert } connection-type initiate description LSF ike-group FOO1 local-address WHS-IP tunnel 1 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 10.0.1.0/24 } } tunnel 2 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 172.20.0.0/24 } } } -
You should sanitize your post
-
@Dashrender is that better
-
From my driving on the road point of view that configuration looks correct
-
@JaredBusch stop reading your phone while driving!
-
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@JaredBusch stop reading your phone while driving!
Why?
-
I used to read books while driving
-
@hobbit666 He means change your pre-shared-secret in your config.
-
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
-
@Dashrender said in EdgeRouterX - Draytek - Draytek VPN issues:
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
12345
-
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anyway -
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anywayOk, at least there was an understanding to your post.
-
So what happens when you try to ping the main network VLAN? do a tracert and tell us the results.
-
Ping and tracert from the working Shop site
-
Ping and tracert from not working WHS Site
