DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

LAN to LAN connection works one way OK but not the other

  • murraymr
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
28 Jan 2010 10:57 #60128 by murraymr
Following on from my last - having sorted out the anti-virus package I still have the same problem. I think that the defining fact is that setting Site B to dial out does not connect the link.

Murray

Please Log in or Create an account to join the conversation.

  • murraymr
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
29 Jan 2010 18:56 #60169 by murraymr
You were correct - I should have configured the IPSec tunnel. Having referred the problem to DrayTek Technical Support I was finally given a link to a description of how to do it: - http://draytek.com/user/SupportAppnotesDetail.php?ID=154

I think I will now pour myself a large glass! :D

Thank you again for all your efforts.

Murray

Please Log in or Create an account to join the conversation.

More
29 Jan 2010 19:41 #60171 by njh
A PPTP tunnel should still work but IPSec is better.

Also look at the FAQ's on the UK web site for setting up VPN's.

2900Gi/v2.5.6; 2900/v2.5.6

Please Log in or Create an account to join the conversation.

  • murraymr
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
03 Feb 2010 09:27 #60276 by murraymr
Now that the IPSec configuration is working, and both routers have been upgraded to the latest firmware, I am disappointed to find that I cannot create network connections to shared folders on the networks at either end. The IPSec configuration sets RIP direction to 'Disable' and uses 'Route'.

Should I be creating network drives for the folders I want to access?

I have another similar installation with Vigor 2600s, which is configured for PPTP. On this setup I am able to create network connections from one end but not the other. The RIP direction is 'TX/RX Both' Ver 2 using NAT.

I had never realised before how slow the LAN to LAN link is, compared with a VPN link to the router and using Remote Desktop Connection! Have I made some basic configuration error?

Any suggestion gratefully received

Murray

Please Log in or Create an account to join the conversation.

More
03 Feb 2010 12:55 #60282 by njh
You can share resources across the VPN but there are some issues:
- If you use Windoze firewall you cannot browse connections in My Network Places. Instead you need to use the IP address of the remote PC e.g. in Start > Run type \\192.168.2.45\sharename. The same goes for mapping network drives
- In Windoze firewall you will need to go into the File and Printer settings and allow a custom range for each port. This range should include the local and remote subnets - you could allow 192.168.1.0/255.255.255.0 and 192.168.2.0/255.255.255.0, or, if my subnetting calculations are right, just 192.168.0.0/253

It is totally up to you if you want to create network drives. If you often access them, it makes sense. If you have to create a lot you have a problem as there are not enough drive letters, but you can create a folder and put shortcuts in it to each drive.

Don't worry about RIP. I did not find it made any difference so I disabled it.

The speed of the VPN is governed by the upload speeds at each end of the connection. If you are displaying huge files or doing database work I would expect RDP could be quicker as processing is done on the far PC and the VPN only has to carry the results as a screen image. What speeds are you getting and what are your connection speeds?

2900Gi/v2.5.6; 2900/v2.5.6

Please Log in or Create an account to join the conversation.

  • murraymr
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
03 Feb 2010 15:09 #60297 by murraymr
I have tried the Start> Run approach without success - I am told to ask the network administrator for permission, even for SharedDocs.

The speeds are as follows: -

For the dial-out end - from Syslog WAN1 TX 4352 RX 768 - LAN to LAN from the router display TX 745 RX 134. For the dial-in end - from Syslog WAN1 TX 1589 RX 229 - LAN to LAN from the router display TX 3 RX 3.

The main purpose of the LAN to LAN link is ODBC connections to database servers, so (obviously!) the traffic depends on the number of tables involved in a query and the number of rows, BUT they do want access to shared folders on a PC in the dial-out end from the other location. The best way to provide that seems to me to be a teleworker VPN link to the router, which will allow the use of a network connection.

Murray

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami