OpenVPN between DrayTek Routers

OpenVPN is the popular open-source software that can be run on different operating systems. For having better compatibility with the 3rd party VPN servers, Vigor Router starts supporting the OpenVPN Dial-Out function since firmware version 4.2.1. Of course, it is also possible to establish Open VPN LAN to LAN connection between Vigor Routers. This article demonstrates how to create an OpenVPN between two Vigor2765.

VPN Server (Dial-In) Settings

Go to VPN and Remote Access>>LAN to LAN and click an index available,

  • Check Enable this profile
  • Select Dial-In for Call Direction
  • Change the Idle Timeout to 0 second
  • Allow OpenVPN Tunnel in Dial-In Settings
  • Enter the username and password
  • set up vpn server vpn dial in settings
  • For Remote Network IP and Mask, input the IP subnet used by the remote VPN client router.
  • Click OK
  • set up vpn server vpn tcpip settings

    2. Go to VPN and Remote Access >> Remote Access Control and ensure the OpenVPN Service is enabled.

    ensure openvpn service is enabled

    3.Confirm the current system time of the router is correct via System Maintenance >> Time and Date.

    ensure the system time is correct

    4. Go to VPN and Remote Access >> OpenVPN >> OpenVPN Server Setup:

    setup openvpn general settings

    5. Set up certificates

    use router to generate certificate files for openvpn
  • Wait for dozens of seconds until seeing the certificate files be listed on the page.
  • certificates are generated successfully

    6. Go to the OpenVPN Client Configuration page:

  • Choose the WAN IP or Domain that allows OpenVPN connection to dial in.
  • Select the Protocol you would like to use
  • Enable Auto Dial-Out if you need the OpenVPN client router to dial up the VPN connection automatically.
  • Enable Set VPN as Default Gateway if you would like the OpenVPN client router to use the VPN connection as the default route.
  • Give a Config filename
  • Click Export to save the VPN configuration file. The configuration file should be imported in VPN Client router later.
  • Compatibility with stateful firewalls. The periodic ping will ensure that a stateful firewall rule which allows OpenVPN UDP packets to pass will not time out.

     To provide a basis for the remote to test the existence of its peer.


    7. Go to VPN and Remote Access >> SSL General Setup and select openvpn server as server certificate.

    select the openvpn server certificate as the used certificate

    VPN Client (Dial-Out) Settings

    8. Similarly, create a profile at VPN and Remote Access >> LAN to LAN

    import the openvpn config to the client router

    9. Vigor Router will pop up a message to notify the configuration import is successful. Click the VPN profile Index to continue setting up the VPN configurations.

    the config was imported successfully

    10. Select Dial-Out for Call Direction, and enter the username and password.

    set up vpn dial up settings on the client router

    11. For Remote Network IP and Mask, input the IP subnet used by the VPN Server and select the Mode as Routing.

    set up remote tcpip setting on the client router

    12. Go to VPN and Remote Access >> Connection Management to check the Connection Status.

    check the vpn status

    Published On:2020-11-04 

    Was this helpful?