Dennis Wood
Senior Member
Free IPSEC VPN Solution for Draytek 2950G - works with 64bit Vista, Windows 7
I've posted a few thoughts on the Draytek 2950G in this thread.. The Draytek SSL VPN connection does not work with 64 bit Windows. Their IPSEC LTP2 does work with the built in VPN client in Vista Ultimate 64 with some tweaking ... but the configuration I got working did not have data encrypted on the connection. After messing with SHREW and the Netgear FVS336G, I was guessing SHREW would be able to handle the chores (lot's more options there) and maintain data encryption..and sure enough, it does. To make life simpler, I'd advise setting up SSL VPN as per the Draytek manual (very easy) for a remote dial in user in order to make the process easier....the easiest way to work with the installation is to be remote to the router, with a 32 bit client connected using SSL VPN (a laptop perhaps). This way you can configure the router remotely using SSL VPN on the 32bit machine, as well as test IPSEC VPN from the 64 bit client.
If you have a static IP, obviously you'll use that address on your remote client as the "server" address. If not, set up a dynamic DNS account (free) at http://www.dyndns.org. Use the Dynamic DNS settings page on your router to input the domain name, user name and password you chose at the Dynamic DNS website. This will ensure that if you're using a dynamic IP, you'll be able to find the router for either SSL VPN or IPSEC VPN access.
1. On your client machine, download and install the SHREW client appropriate to your operating system: http://www.shrew.net/download/vpn
2. Log in to the Draytek admin menu (do this from the 32 bit remote client with an SSL VPN session established...use the same IP as you normally would to access the admin interface internally).
3. Use these notes to configure both router and client: http://www.draytek.de/Beispiele/VPN/ShrewSoft_Client.pdf Note that all of the configuration (assuming you haven't messed with defaults) on the router side is done in Draytek's "VPN and Remote Acess >> Remote Dial-in User" screen. The guide is in German, but the config windows are english. Two things that I changed from the German guide:
a. On page 2, item 1 under General Tab,Local Host section, I used the "Use an existing adapter and current address" instead of the Virtual option.
b. On page 6, Item 7, I used the Draytek's LAN. So if your Draytek router was at 192.168.10.1, then you'd enter 192.168.10.0/255.255.255.0
Hope that helps a few folks
Cheers,
I've posted a few thoughts on the Draytek 2950G in this thread.. The Draytek SSL VPN connection does not work with 64 bit Windows. Their IPSEC LTP2 does work with the built in VPN client in Vista Ultimate 64 with some tweaking ... but the configuration I got working did not have data encrypted on the connection. After messing with SHREW and the Netgear FVS336G, I was guessing SHREW would be able to handle the chores (lot's more options there) and maintain data encryption..and sure enough, it does. To make life simpler, I'd advise setting up SSL VPN as per the Draytek manual (very easy) for a remote dial in user in order to make the process easier....the easiest way to work with the installation is to be remote to the router, with a 32 bit client connected using SSL VPN (a laptop perhaps). This way you can configure the router remotely using SSL VPN on the 32bit machine, as well as test IPSEC VPN from the 64 bit client.
If you have a static IP, obviously you'll use that address on your remote client as the "server" address. If not, set up a dynamic DNS account (free) at http://www.dyndns.org. Use the Dynamic DNS settings page on your router to input the domain name, user name and password you chose at the Dynamic DNS website. This will ensure that if you're using a dynamic IP, you'll be able to find the router for either SSL VPN or IPSEC VPN access.
1. On your client machine, download and install the SHREW client appropriate to your operating system: http://www.shrew.net/download/vpn
2. Log in to the Draytek admin menu (do this from the 32 bit remote client with an SSL VPN session established...use the same IP as you normally would to access the admin interface internally).
3. Use these notes to configure both router and client: http://www.draytek.de/Beispiele/VPN/ShrewSoft_Client.pdf Note that all of the configuration (assuming you haven't messed with defaults) on the router side is done in Draytek's "VPN and Remote Acess >> Remote Dial-in User" screen. The guide is in German, but the config windows are english. Two things that I changed from the German guide:
a. On page 2, item 1 under General Tab,Local Host section, I used the "Use an existing adapter and current address" instead of the Virtual option.
b. On page 6, Item 7, I used the Draytek's LAN. So if your Draytek router was at 192.168.10.1, then you'd enter 192.168.10.0/255.255.255.0
Hope that helps a few folks
Cheers,
Last edited:
