Knowledge Base  >   VPN  > 

PPTP VPN between DrayTek Routers

This note will explain how to establish a PPTP LAN-to-LAN VPN between two DrayTek Vigor Routers.

VPN server (Dial-In) Setup

1. Go to VPN and Remote Access >> LAN to LAN, edit a profile as follows:

  1. Enter Profile Name
  2. Check Enable this profile
  3. Set Call Direction to "Dail-In".
  4. In Dial-In settings, enter Username and Password.
  5. In TCP/IP Network Settings, enter Remote Network IP as the LAN network of the peer router. 
a screenshot of DrayOS PPTP LAN-to-LAN profile

VPN Client (Dial-out) Setup

2. Go to VPN and Remote Access >> LAN to LAN, edit a profile as follows:

  1. Enter Profile name
  2. Check Enable this profile
  3. Set Call Direction to "Dial-Out".
  4. Enable PPTP in the Dial-out settings
  5. Enter Server IP as the WAN IP of the peer router
  6. Enter Username and Password as the same as the one set on the peer router
  7. Enter Remote Network IP as the LAN Network of the peer router
another screenshot of DrayOS PPTP LAN-to-LAN profile

3. Go to VPN and Remote Access >> Connection Management to dial the VPN and check the VPN connectivity.

a screenshot of DrayOS VPN connection management page

 

 

Vigor3900 in Headquarter 

1. Go to User Management >> User Profile, click Add to create a new profile:

  1. Enter Username 
  2. Check Enable
  3. Enter Password
  4. (Optional) Enter 0 for Idle Timeout to avoid VPN disconnecting when there's no traffic
  5. Select a LAN interface for the peer router at DHCP from
  6. Select "Enable" for PPTP Dial-in
  7. Click Apply to save the profile.
a screenshoto of Vigor3900 User profile

2. Go to VPN and Remote Access >> VPN Profile >> PPTP Dial-In, click Add to create a new profile:

  1. Enter a Profile name
  2. Check Enable
  3. Select the PPTP profile created for the Branch office to dial in at PPTP User Name
  4. Enter Local IP / Subnet Mask as the LAN network of Vigor3900 in Headquarter you'd like to link to the branch office
  5. Click Add in Remote IP / Subnet Mask and enter the LAN network of Vigor3900 in Branch Office
  6. Click Apply to save the profile.
a screenshot of PPTP Dial-In profile at the headquarter

Vigor3900 in Branch Office

3. Go to VPN and Remote Access >> VPN Profile >> PPTP Dial-Out click Add to create a new profile:

  1. Enter a Profile name
  2. Check Enable
  3. Select "Enable" for Always On
  4. Select wan1 for Dial-Out Through (the primary WAN to build the VPN)
  5. (Optional) Select wan2 for Failover to (the backup WAN to build the VPN)
  6. Enter PPTP User Name and PPTP Password as the same as step 1.
  7. Enter Local IP / Subnet Mask as the LAN network of Vigor3900 in Branch Office (must be the same as step 2-e)
  8. Click Add in Remote IP / Subnet Mask and enter the LAN network of Vigor3900 in Headquarter  (must be the same as step 2-d)
  9. Click Apply to save the profile.
a screenshot of Vigor3900 PPTP Dial-Out profile

4. After finishing the above configurations, the PPTP VPN between the Vigor3900s is up. We may go to VPN and Remote Access >> Connection Management to check the status.

a screenshot of Vigor3900 showing VPN established successfully

5. Because the Failover To settings in step 3, When WAN1 of Vigor3900 in the branch office goes down, Vigor3900 will dial out the PPTP tunnel through its WAN2 interface to the Vigor3900 in the headquarter.

a screenshot of Vigor3900 showing the Backup VPN established successfully in the event of WAN1 failure

Published On: 2017-08-01 

Was this helpful?   

book icon

Related Articles