Traditional Chinese Simplified Chinese
 
   Support Center Application Notes VPN Application Notes
 
  
Example 1: Creating L2TP over IPSec connection

Refer to the following scenario.



VPN Client: Windows XP running Smart VPN Client version 3.2.5.
VPN Gateway: Vigor2800.

Note: The Smart VPN Client supports NAT-T since version 3.2.5. So you should uninstall the old version and install the latest version. You may download it from http://www.draytek.com/support/download.php. The Smart VPN Client uses Windows-based IPSec Security Policy and the NAT-T update is offered by Microsoft. According to what mentioned in the following link the only supported and recommended scenario is when the VPN server is not located behind a NAT device.

Creating a profile on Vigor 2800 for the VPN client.

1. Go to VPN and Remote Access >> Remote Dial-in User and click the Index x to enter one profile setup page.



2. Click Enable this account.
    Set the Idle Timeout. 0 means no timeout setting and the connection won't be dropped even if there is no traffic.
    Make sure L2TP with IPSec is enabled and select either "Nice to Have" or "Must" as the Policy.
    Enter a Username/Password. Make sure it is different to any other profile. Enable Specify Remote Node and enter 218.242.130.18.
    Then press the IKE Pre-shared Key button and enter the key in the popped-up window. Press the OK button.



3. When the VPN client is connected, you may check the status in the VPN and Remote Access >> Connection Management page.


Configuring the Smart VPN Client version 3.2.5

1. Open the Smart VPN Client. Make sure the Configure button is grayed.



2. Create a new profile by pressing the Insert button.
    Create a name for this profile.
    Enter the VPN server's IP address or DDNS.
    Enter the Username/Password, which should be the same as that set in the Vigor?™s VPN profile.
    Select L2TP over IPSec as the Type of VPN.
    Press the OK button.



3. In the popped-up window enter the following settings.
    If your PC has multiple NICs and multiple IP addresses, select the IP address that you use to connect to the VPN server as My IP
    The Type of IPSec field will be grayed and unconfigurable.
    In the Security Method field you MUST select High(ESP). DO NOT select Medium(AH).
    Enter the Pre-shared Key, which should be the same as that set in the Vigor's VPN profile.
    Press the OK button.



4. Press the Connect button. If the L2TP over IPSec connection can be successfully established, the Status in left below will show Connected.



Go to NAT-T Application.


Page last modified : 13 October 2008   
Corporate  |   Products Center  |   Information Center  |   Support Center  |   Contact us  |   Register form  |   Customer Survey  |   SiteMap  |   Legal Announcement
Please use IE 5.0 or above ( resolution 1024 * 768 ) for best display.     Copyright © 1997~2008 by DrayTek Corp.