[Guide] Draytek router LAN to LAN PIA VPN
How to configure a Draytek router to perform LAN to LAN VPN
with Private Internet Access and protect your whole network.
These steps were performed with a Vigor2850n Firmware Version 126.96.36.199_2471201
which has a built in VDSL modem but should work on other Draytek models.
First you need to log into your Client Control Panel at IPA
and generate a PPTP/L2TP/SOCKS Username and Password.
In your router go
into WAN >> General Setup. You have to disable any other interfaces
leaving just your ISP’s connection. It’s not enough to just have them not
Now go into VPN and Remote Access >> LAN to LAN and
click on the profile you want to configure.
Give it a name and click enable.
VPN Dial-Out Through WAN 1
Only ( or whatever your ISP is on )
Call Direction – Dial Out only and always on
Section 2: Dial Out Settings
Leave only L2TP with IPsec selected and change Policy to “Nice
In Server IP/Host Name for VPN enter the IPA hostname e.g uk-london.privateinternetaccess.com
Under Username and password enter details from you IPA
control panel (username should start
with x NOT p )
IKE Authentication Method click the Pre-Shared Key button
and enter mysafety as the key.
Section 5: TCP/IP Network Settings
Change “From first subnet to remote network, you have to do”
Click on “Change default
route to this VPN tunnel ( Only single WAN supports this )”
Click OK to save.
Under VPN and Remote
Access >> Connection Management you should be able to dial IPA and after
a short delay see the VPN status.
I found the speed on my
connected machines was very slow until I changed the DNS settings to be those
at IPA under LAN >> General Setup.
Now check your IP address
from a machine on your LAN. It should match IPA and not your ISP ( you can see
your ISP in the online status page ).