Unsolved EdgeRouterX - Draytek - Draytek VPN issues
-
@Dashrender How do you mean "Allowing" all I've done with the "shop" network is set-up the VPN and it worked. Tried to do the same with the WHS Site and it doesn't
-
I haven't setup a VPN tunnel on my EdgeRouter stuff yet, but by default, when you setup tunnels, you have to explicitly say what traffic exists on the other side of the tunnel so it knows to route it over the tunnel, otherwise it routes the traffic to the internet interface.
Your Draytek's might have some type of autoconfig that takes care of that for you, some type of routing protocol. I'm guessing you could set that up on the EdgeRouter as well, but it's probably not there by default.
-
@Dashrender any idea how to check the config?
That was what I was hoping to happen when I added the subnet to the VPN on EdgeRouter like the DrayTek
-
Downloaded the Config file of the EdgeRouter and it has this :-
peer OFFICEIP{ authentication { mode pre-shared-secret pre-shared-secret MySecert } connection-type initiate description LSF ike-group FOO1 local-address WHS-IP tunnel 1 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 10.0.1.0/24 } } tunnel 2 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 172.20.0.0/24 } } } -
You should sanitize your post
-
@Dashrender is that better
-
From my driving on the road point of view that configuration looks correct
-
@JaredBusch stop reading your phone while driving!
-
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@JaredBusch stop reading your phone while driving!
Why?
-
I used to read books while driving
-
@hobbit666 He means change your pre-shared-secret in your config.
-
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
-
@Dashrender said in EdgeRouterX - Draytek - Draytek VPN issues:
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
12345
-
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anyway -
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anywayOk, at least there was an understanding to your post.
-
So what happens when you try to ping the main network VLAN? do a tracert and tell us the results.
-
Ping and tracert from the working Shop site
-
Ping and tracert from not working WHS Site
-
Did you set up the VPN in the GUI? Did you check the box to create the firewall rules?
-
@JaredBusch Yeah did it in the GUI and the "Automatically open firewall and exclude from NAT" was ticked. This is what i'm wondering maybe I should remove it and try adding it from the CLI instead in case something hasn't been applied correctly from the GUI.
I have posted this on UBNT site but got nothing from that.
