VPN connection between Vigor Router and Vigor3900 - SSL VPN

Support Model :
  • Tags :

This article demonstrates LAN to LAN SSL VPN between Vigor router and Vigor3900/2960 by following topology. Vigor Router and Vigor3900/2960 can both be the VPN server and client, therefore, we separate this article into two parts, to demonstrate how to establish the SSL VPN connection between Vigor Router and Vigor3900/2960, when using one of them as VPN server respectively.

   

Before constructing the VPN configuration, please make sure SSL VPN service is enabled on VPN and Remote Access >> Remote Access Control page on the router takes up the role as the VPN server.

   

Note: If you are using Vigor3900/2960 as SSL VPN server, it is necessary to allow HTTPS access on System Maintenance >> Access Control page, due to SSL VPN and HTTPS are both using port 443 as the default port.

   

Alternatively, you can change either HTTPS or SSL VPN port, then will be able to disable the HTTPS access without affecting the SSL VPN connection.

   

SSL VPN port is configurable on SSL VPN >> General Setup page of Vigor router.

   

 

 

Part A: Take Vigor Router as VPN server

Vigor Router Setting (Dial-in)

Go to VPN and Remote Access Control >> LAN to LAN and click an available index,

1. Common Settings

  1. Give a Profile Name
  2. Enable this profile
  3. Select Dial-in as Call Direction
   

2. Dial-In Settings

  1. Allow SSL dial-in
  2. Enter Username and Password
   

3. TCP/IP Network Settings

  1. Enter Vigor3900's LAN in Remote Network IP/Mask
  2. Click OK
   

Vigor3900 Setting (Dial-out)

4. Go to VPN and Remote Access >> VPN Profiles, and click Add in SSL Dial-out tab,

  1. Give Profile name and Enable the profile
  2. Select the WAN interface to dial out
  3. Enter Vigor router's WAN IP or domain name and SSL VPN port in Server IP/Host Name
  4. Enter SSL Username and Password
  5. Enter Vigor3900's LAN in Local IP/Subnet Mask
  6. Enter Vigor Router's LAN in Remote IP/Subnet Mask
  7. Click Apply
   

Now we can go to VPN and Remote Access >> Connection Management to dial the VPN.

   

After VPN is connected successfully, we can see the status below.

   

 

 

Part B: Take Vigor3900 as VPN server

1. Go to User Management >> User Profiles, and click Add,

  1. Enable the profile
  2. Enter Username and Password
  3. Enable SSL Dial-in in PPTP/L2TP/SSL Server section
  4. Click Apply
   

2. Go to VPN and Remote Access >> VPN Profiles, and click Add in SSL Dial-in tab,

  1. Give Profile name and Enable the profile
  2. Select the user profile in SSL User Name options for SSL VPN connection
  3. Enter Vigor3900's LAN in Local IP/Subnet Mask
  4. Enter Vigor Router's LAN in Remote IP/Subnet Mask
  5. Click Apply
   

Vigor Router Setting (Dial-out)

Go to VPN and Remote Access Control >> LAN to LAN and click an available index

3. Common Settings

  1. Give a Profile Name
  2. Enable this profile
  3. Select Dial-out as Call Direction

4. Dial-Out Settings

  1. Select SSL Tunnel as dial-out type
  2. Enter Vigor3900's WAN IP or domain name in Server IP/Host Name
  3. Enter Username and Password
   

5. TCP/IP Network Settings

  1. Enter Vigor3900's LAN in Remote Network IP/Mask
  2. Click OK
   

Now we can go to VPN and Remote Access >> Connection Management to dial the VPN.

   

After VPN is connected successfully, we can see the status below.

   

 

 

See also:

Was this article helpful ?
43VPN connection between Vigor Router and Vigor3900 - SSL VPN has been viewed------ 43 ------times.