Lan to Lan has a strange issue.
Hi - I have a BOVPN - Lan to Lan between a Draytek 2865ax and Watchguard T40. Draytek does the dial out to the Watchguard. I have several other Lan to Lans working fine on this watchguard. I can only get the link to work if in the tunnel I put the external WAN IP of the Drayek in as a HOST IP - where usually and with all other connections I would have Network IPv4 (eg 192.168.50.0/24 ) set with Bi-Directional. The problem with the HOST IP is that from the remote site the connection works to the watchguard, but reverse pings only can see the Draytek Router and nothing inside the network. So when I do change it to the Network IPv4 address it does not connect at all and throws up an error Gateway Statistics Error No matching tunnel route for peer proposed local:192.168.10.0/24 remote:170.39.152.32 (10:13:31 3/28/2025 - so I'm stumped !! Can anyone help me please ?
Comments
Have you selected Route Mode on the Draytek VPN setup?
Hi Bruce - If its on the Lan to Lan page this is what it shows -
Select the Routing option.
From a Vigor2865 User Guide I found on the Internet:
https://www.draytek.co.uk/support/downloads/vigor-2865?task=download.send&id=3571:ug-v2865-v20&catid=928
It says:
Note:
1 Please use Route Mode for a typical LAN to LAN tunnel
Route Mode – All traffic between the local network and the remote network bear the originating IP addresses. Select this if the VPN server can establish routes to handle inter-LAN traffic routing.
NAT Mode – The VPN client (local router) uses a single IP address assigned by the VPN server (remote router) and uses NAT to keep track of the connections. Select this if the VPN server expects only one IP address on the local network to communicate with the remote network.
Bruce the information you have provided has worked perfectly for me....thank you so much for your help. I appreciate it !!