Unsolved EdgeRouterX - Draytek - Draytek VPN issues
-
@Dashrender any idea how to check the config?
That was what I was hoping to happen when I added the subnet to the VPN on EdgeRouter like the DrayTek
-
Downloaded the Config file of the EdgeRouter and it has this :-
peer OFFICEIP{ authentication { mode pre-shared-secret pre-shared-secret MySecert } connection-type initiate description LSF ike-group FOO1 local-address WHS-IP tunnel 1 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 10.0.1.0/24 } } tunnel 2 { allow-nat-networks disable allow-public-networks disable esp-group FOO1 local { prefix 192.168.123.0/24 } remote { prefix 172.20.0.0/24 } } } -
You should sanitize your post
-
@Dashrender is that better
-
From my driving on the road point of view that configuration looks correct
-
@JaredBusch stop reading your phone while driving!
-
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@JaredBusch stop reading your phone while driving!
Why?
-
I used to read books while driving
-
@hobbit666 He means change your pre-shared-secret in your config.
-
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
-
@Dashrender said in EdgeRouterX - Draytek - Draytek VPN issues:
@Mike-Davis said in EdgeRouterX - Draytek - Draytek VPN issues:
@hobbit666 He means change your pre-shared-secret in your config.
Right - you don't want the world to know the password for your VPN.
12345
-
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anyway -
@hobbit666 said in EdgeRouterX - Draytek - Draytek VPN issues:
@Dashrender @Mike-Davis oops but that's not the final one it's only while I test it'll be a random one once I got it working
*Changed anywayOk, at least there was an understanding to your post.
-
So what happens when you try to ping the main network VLAN? do a tracert and tell us the results.
-
Ping and tracert from the working Shop site
-
Ping and tracert from not working WHS Site
-
Did you set up the VPN in the GUI? Did you check the box to create the firewall rules?
-
@JaredBusch Yeah did it in the GUI and the "Automatically open firewall and exclude from NAT" was ticked. This is what i'm wondering maybe I should remove it and try adding it from the CLI instead in case something hasn't been applied correctly from the GUI.
I have posted this on UBNT site but got nothing from that. -
As a quick fix could I install something like OpenVPN server on a VM in the 172.20.0.X (VLAN15) Network and make a separate tunnel to that while we play
-
can you show us your GUI config?
