Hi

I am working with several remote sites in a region remote to me. I have a local Draytek Vigor 2860 set up with an IPSEC VPN to a Draytek Vigor 2830 in our remote office. I also have several (about 20) IPSEC VPNs set up with 3G InHand routers at different remote locations for CCTV coverage. Is it possible to connect to the remote CCTV sites using my local IPSEC tunnel? I can see the back office machines attached directly to the 2830 but not the further CCTV devices. Any thoughts? Thanks for all your help in advance.

Topology unclear... how are these inhand routers connected.... to another WAN connection?

Sorry, here's a screenshot of what I am trying to do:



I am coming in on connection 32 and need to be able to connect to the CCTV equipment at the end of the other 24 tunnels. Any ideas?

So the inhand routers are at each site and are terminating the VPNs? I'd check that each tunnel profile at the remote ends is set correctly to know the subnet and mask at your LAN end. Then use ping for further diagnostic (see if you can ping the cameras).

admin wrote: So the inhand routers are at each site and are terminating the VPNs? I'd check that each tunnel profile at the remote ends is set correctly to know the subnet and mask at your LAN end. Then use ping for further diagnostic (see if you can ping the cameras).

Yes, they are the far end of the tunnels. I can ping the router and server in the middle but not any further. If I log into the server, I can ping the remote sites. I am just unsure of how to connect to the CCTV camera at the far end.

If there's an IPsec LAN to LAN VPN between the 2860 and the 2830 - one way to get that working would be to switch the tunnel type from Routing mode to "NAT" mode, so the 2860 and devices connecting through it, would appear to be a device on the 2830's network.

The reason it doesn't work is that the remote sites aren't aware of the 2860's LAN IP range being available through their VPN tunnel - that would need to be set up on the "More" ip settings of each LAN to LAN VPN on each of the 3G sites, with the 2860 having all of those IP ranges in the "More" section of its own VPN.