DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2 simultaneous VPNs between same two hosts?

  • mikehughesc
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
02 Nov 2021 15:13 #100062 by mikehughesc
2 simultaneous VPNs between same two hosts? was created by mikehughesc
I have a Vigor 2862Ln which has active connections via both ADSL and LTE. The LTE is faster but expensive if I overrun a monthly bandwidth limit.

I have a remote site which has an AVM Fritz!Box router, not Draytek. This site has a static IP address which is on the allowed list for various servers I need to access. My local site (where the Draytek is) cannot have a static IP, so I have a VPN connection to the remote site, via the ADSL line, and I use Draytek routing policies to route all traffic destined for those servers via the VPN. So far so good: all works well.

But I want to be able to send some of this traffic via LTE instead of ADSL, so it can benefit from the LTE line speed, without putting everything through there and risking bandwidth surcharges.

I've set up a second VPN over the LTE connection to the same remote site. This works fine too, but only when the first VPN is inactive. If I have both VPNs running at the same time, I get weird things happening - not surprisingly, since the remote IP range is the same for both connections (and yes, the Draytek gives me a warning in the VPN setup page about this).

I don't need access via the VPN to any other devices on the remote network: everything going there will just go straight out to the internet, but benefitting from the static IP of the remote site.

So my question is: is there a way of configuring my two VPNs so that they can both run simultaneously?

Please Log in or Create an account to join the conversation.

More
03 Nov 2021 04:12 #100067 by hornbyp

Please Log in or Create an account to join the conversation.

  • mikehughesc
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
03 Nov 2021 11:43 #100071 by mikehughesc
Replied by mikehughesc on topic Re: 2 simultaneous VPNs between same two hosts?
Many thanks for that link. It looks like that would work perfectly - except that the remote site doesn't have a Draytek, just a Fritz!Box 7530. The VPN setup options on the Fritz are decidedly limited and don't include GRE.

I don't really understand the technical details of how this all works, but reading between the lines of that article, it seems unlikely that I'm going to be able to do what I want without GRE. So I may have to look into using a Draytek on the remote site too. I do have an old 2830 hanging around somewhere ...

Please Log in or Create an account to join the conversation.

More
03 Nov 2021 16:44 #100075 by hornbyp
I have to admit, I only speed-read the article and didn't appreciate the "GRE" requirement.

Back in the mists-of-time I came across another Draytek article (now A.W.O.L) that described setting up GRE on a single VPN connection, which I duly did on my 2830n <--> 2860n VPN. Syslog shows the GRE part being established, but it does nothing useful. I can't remember what problem Draytek were fixing - but I'd hoped it would allow uPNP/DLNA between sites.

I think the 2830 is possibly too old for the GRE part to be working properly - I've come across other features that are described as 'for all Vigors', that don't work on the ancient 2830.

I have to also admit to not realising that the 7530 had any VPN functionality. (Zen sent me one, but the only feature that caught my eye, was the DECT interface). Maybe I'll read the manual and fire it up!

Please Log in or Create an account to join the conversation.

  • mikehughesc
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
03 Nov 2021 17:19 #100079 by mikehughesc
Replied by mikehughesc on topic Re: 2 simultaneous VPNs between same two hosts?
Yes, I got my 7530 from Zen too. I really like it - it's lightyears ahead of most ISP-provided routers. The DECT interface is a bit clunky, and only works for VOIP lines, not the connected landline, which strikes me as a bit pointless. The 7590 has a DECT interface which also works for the landline - but you don't get those free from Zen!

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami