A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

Draytek v2760



 
 
Thread Tools Display Modes
  #11  
Old March 5th 18, 12:11 AM posted to uk.telecom.broadband
David Wade[_3_]
external usenet poster
 
Posts: 21
Default Draytek v2760

On 04/03/2018 18:56, Mark wrote:
On 02/03/2018 22:32, David Wade wrote:
On 02/03/2018 20:56, Mark wrote:

[snip]


Maybe consider putting a Raspberry Pi on each LAN and install OpenVPN
on each using pivpn:

http://www.pivpn.io/

It's very straightforward. Just setup portforwarding on each router.
The Android phone client is good, too.


One router is double natted...


Put a Pi on the one that isn't.

And..can you avoid the double NATting? Or insert a Pi in between, somehow?


Sadly no. Its delivered via WiFi so I can't see the external router....

Dave
  #12  
Old March 5th 18, 05:02 PM posted to uk.telecom.broadband
www.GymRatZ.co.uk
external usenet poster
 
Posts: 241
Default Draytek v2760

On 02/03/2018 11:12, David Wade wrote:
Folks,

*I was thinking of getting a couple of these, so I can build a VPN which
includes my Spanish an UK homes.

https://www.broadbandbuyer.com/produ...aytek-v2760-k/

Is this a good solution?


I run a work-home vpn via draytek routers.

There are several things to bear in mind depending on exactly what you
want to use it for. Obviously the link is as slow as the slowest
connection which for ADSL makes it of limited use as not only do you
have a small bandwidth but you reduce speeds with additional encryption,
firewalling etc etc. Also it's much easier to set up if you have static
IP addresses at each end, one less variable and the elimination of
another intermediate service provider for your Dynamic DNS thing.

Also you have to consider VPN (and general traffic) throughput of the
router. Yes they might have a gigabit WAN connection but you have a
maximum VPN throughput of just 25Mbps with the draytek v2760 so even if
you have Gigagit synchronous at one end the most you'll see is less than
25Mbps at the other.

How do I choose where my traffic appears on the internet?


Depends how you set it up but as you'll still need to pay a local ISP
and use said ISP's data and bandwidth; your fastest speeds will be
directly through the ISP of each location, no reason to jam up an
inefficient VPN and bog down a consumer grade router processing
additional packets for no reason.

Any other suggestions?


Use VPN but have a remote (headless) server/pc at each location then log
into that machine using one of the VNC products (UltraVNC etc) That way
if you're managing CCTV cameras etc, even on ADSL it's still almost
pain-free because all the commands are handled "locally" at the remote
site and you just get a fairly efficient, compressed "screen shot" from
your remote PC rather than a high bandwidth data stream. Doesn't need to
be a high spec. PC at the remote end either.

Others might have some more ideas and suggestions but the above is based
on my own findings and failings of having to have a VPN crippled by one
end being directly connected to local exchange (EO Line) in Fibre
connected area so 1Mbps being the weakest link.

  #13  
Old March 5th 18, 06:13 PM posted to uk.telecom.broadband
Graham J[_2_]
external usenet poster
 
Posts: 689
Default Draytek v2760

www.GymRatZ.co.uk wrote:
On 02/03/2018 11:12, David Wade wrote:
Folks,

I was thinking of getting a couple of these, so I can build a VPN which
includes my Spanish an UK homes.

https://www.broadbandbuyer.com/produ...aytek-v2760-k/

Is this a good solution?


I run a work-home vpn via draytek routers.

There are several things to bear in mind depending on exactly what you
want to use it for. Obviously the link is as slow as the slowest
connection which for ADSL makes it of limited use as not only do you
have a small bandwidth but you reduce speeds with additional encryption,
firewalling etc etc. Also it's much easier to set up if you have static
IP addresses at each end, one less variable and the elimination of
another intermediate service provider for your Dynamic DNS thing.

Also you have to consider VPN (and general traffic) throughput of the
router. Yes they might have a gigabit WAN connection but you have a
maximum VPN throughput of just 25Mbps with the draytek v2760 so even if
you have Gigagit synchronous at one end the most you'll see is less than
25Mbps at the other.

How do I choose where my traffic appears on the internet?


Depends how you set it up but as you'll still need to pay a local ISP
and use said ISP's data and bandwidth; your fastest speeds will be
directly through the ISP of each location, no reason to jam up an
inefficient VPN and bog down a consumer grade router processing
additional packets for no reason.

Any other suggestions?


Use VPN but have a remote (headless) server/pc at each location then log
into that machine using one of the VNC products (UltraVNC etc) That way
if you're managing CCTV cameras etc, even on ADSL it's still almost
pain-free because all the commands are handled "locally" at the remote
site and you just get a fairly efficient, compressed "screen shot" from
your remote PC rather than a high bandwidth data stream. Doesn't need to
be a high spec. PC at the remote end either.

Others might have some more ideas and suggestions but the above is based
on my own findings and failings of having to have a VPN crippled by one
end being directly connected to local exchange (EO Line) in Fibre
connected area so 1Mbps being the weakest link.


This looks like generally good advice.

However the headless PC at the remote destination isn't really necessary
where you have a LAN-to-LAN VPN and only want to work with remote
devices such as managed network switches, NAS boxes, IP cameras, and the
like. This is because such devices don't use much bandwidth anyway.

The LAN-to-LAN VPN fails where you try to connect a database client at
one location to the database file at the other - a simple example would
be to run Sage or Quickbooks from home but connecting to a shared file
system at work. The database traffic will overwhelm the VPN. The
solution here is to use VNC from home to a headless PC at work; and that
headless PC communicates across the fast LAN at work with the machine
hosting the data file. The "proper" solution to this is a cloud-based
accounts (or whatever) program that is designed to work across the internet.

The only traffic that passes across the VPN is that which is intended
for the remote end of the VPN. Anything not destined for the VPN uses
the local ISP.

But the OP's problem (as I understand it) is the double NAT because his
ISP (in Spain) provides his connection via WiFi; and he doesn't have
control of the router that generates the WiFi connection.

So his only option is a headless PC (or Rasberry Pi) running a VPN
client or a connection program such as TeamViewer or Go-To-My-PC
configured for an "always on" connection to the "home" PC.

--
Graham J

  #14  
Old March 5th 18, 09:57 PM posted to uk.telecom.broadband
David Wade[_3_]
external usenet poster
 
Posts: 21
Default Draytek v2760

On 05/03/2018 18:13, Graham J wrote:
www.GymRatZ.co.uk wrote:
On 02/03/2018 11:12, David Wade wrote:
Folks,

*I was thinking of getting a couple of these, so I can build a VPN which
includes my Spanish an UK homes.

https://www.broadbandbuyer.com/produ...aytek-v2760-k/

Is this a good solution?


I run a work-home vpn via draytek routers.

There are several things to bear in mind depending on exactly what you
want to use it for. Obviously the link is as slow as the slowest
connection which for ADSL makes it of limited use as not only do you
have a small bandwidth but you reduce speeds with additional encryption,
firewalling etc etc.* Also it's much easier to set up if you have static
IP addresses at each end, one less variable and the elimination of
another intermediate service provider for your Dynamic DNS thing.

Also you have to consider VPN (and general traffic) throughput of the
router. Yes they might have a gigabit WAN connection but you have a
maximum VPN throughput of just 25Mbps with the draytek v2760 so even if
you have Gigagit synchronous at one end the most you'll see is less than
25Mbps at the other.

How do I choose where my traffic appears on the internet?


Depends how you set it up but as you'll still need to pay a local ISP
and use said ISP's data and bandwidth; your fastest speeds will be
directly through the ISP of each location, no reason to jam up an
inefficient VPN and bog down a consumer grade router processing
additional packets for no reason.

Any other suggestions?


Use VPN but have a remote (headless) server/pc at each location then log
into that machine using one of the VNC products (UltraVNC etc) That way
if you're managing CCTV cameras etc, even on ADSL it's still almost
pain-free because all the commands are handled "locally" at the remote
site and you just get a fairly efficient, compressed "screen shot" from
your remote PC rather than a high bandwidth data stream. Doesn't need to
be a high spec. PC at the remote end either.

Others might have some more ideas and suggestions but the above is based
on my own findings and failings of having to have a VPN crippled by one
end being directly connected to local exchange (EO Line) in* Fibre
connected area so 1Mbps being the weakest link.


This looks like generally good advice.

However the headless PC at the remote destination isn't really necessary
where you have a LAN-to-LAN VPN and only want to work with remote
devices such as managed network switches, NAS boxes, IP cameras, and the
like.* This is because such devices don't use much bandwidth anyway.

The LAN-to-LAN VPN fails where you try to connect a database client at
one location to the database file at the other - a simple example would
be to run Sage or Quickbooks from home but connecting to a shared file
system at work.* The database traffic will overwhelm the VPN.* The
solution here is to use VNC from home to a headless PC at work; and that
headless PC communicates across the fast LAN at work with the machine
hosting the data file.* The "proper" solution to this is a cloud-based
accounts (or whatever) program that is designed to work across the
internet.

The only traffic that passes across the VPN is that which is intended
for the remote end of the VPN.* Anything not destined for the VPN uses
the local ISP.

But the OP's problem (as I understand it) is the double NAT because his
ISP (in Spain) provides his connection via WiFi; and he doesn't have
control of the router that generates the WiFi connection.


I can replace the "on premises" router so I can connect out, but it
gets a 192.168.1.x WAN address so. At present I have 192.168.0.x LAN
address.

So his only option is a headless PC (or Rasberry Pi) running a VPN
client or a connection program such as TeamViewer or Go-To-My-PC
configured for an "always on" connection to the "home" PC.


I didn't really want to leave a switched on PC. Wont the router connect?

Dave
  #15  
Old March 5th 18, 10:37 PM posted to uk.telecom.broadband
Graham J[_2_]
external usenet poster
 
Posts: 689
Default Draytek v2760

David Wade wrote:


[snip]

I didn't really want to leave a switched on PC. Won't the router
connect?


Probably it will, if you configure it correctly. Would be worthwhile
testing in advance with an equivalent setup locally to your home.

Looking at my (old) notes for a Vigor 2910 at the remote site behind a
router provided by a satellite company I configured the LAN-LAN VPN for
dial-out only, always on, and PPTP to the public static IP address of my
office.

This means that the router at my office was configured to receive PPTP.
This is fairly insecure because authentication is by username &
password, I don't think the traffic is encrypted, and the remote
connection can come from anywhere because there is no way to identify
the public IP address of the remote internet connection.

But despite the latency of the satellite link this did work, but only
sufficiently well for emergency maintenance.

It would be better to talk to the Spanish ISP to get a routed connection
via their router - I would expect them to have a block of public IP
address, one of which they could allocate to you. Probably they have a
Cisco router and somebody who knows how to configure it!

Where in the UK are you? If you are in Norfolk or Suffolk I could
perhaps help you test the configuration. I have a handful of spare
routers which might be useful, and two separate ADSL internet connections.

--
Graham J


  #16  
Old March 6th 18, 04:12 PM posted to uk.telecom.broadband
David Wade[_3_]
external usenet poster
 
Posts: 21
Default Draytek v2760

On 05/03/2018 22:37, Graham J wrote:
David Wade wrote:


[snip]

I didn't really want to leave a switched on PC. Won't the router
connect?


Probably it will, if you configure it correctly.* Would be worthwhile
testing in advance with an equivalent setup locally to your home.


yes I can do that..

Looking at my (old) notes for a Vigor 2910 at the remote site behind a
router provided by a satellite company I configured the LAN-LAN VPN for
dial-out only, always on, and PPTP to the public static IP address of my
office.

This means that the router at my office was configured to receive PPTP.
This is fairly insecure because authentication is by username &
password, I don't think the traffic is encrypted, and the remote
connection can come from anywhere because there is no way to identify
the public IP address of the remote internet connection.

But despite the latency of the satellite link this did work, but only
sufficiently well for emergency maintenance.


thats about all I need

It would be better to talk to the Spanish ISP to get a routed connection
via their router - I would expect them to have a block of public IP
address, one of which they could allocate to you.* Probably they have a
Cisco router and somebody who knows how to configure it!


The guy I buy from is basically a reseller and I am "pin money to him".
I pay €100/year I really don't expect much. The street has just been
"fibred up" so I might look at upgrading, but pretty sure it will pop a
"0" on the bill.

Where in the UK are you?* If you are in Norfolk or Suffolk I could
perhaps help you test the configuration.* I have a handful of spare
routers which might be useful, and two separate ADSL internet connections.


In Greater Manchester but I have plenty of test options...
  #17  
Old March 6th 18, 04:16 PM posted to uk.telecom.broadband
Graham J[_2_]
external usenet poster
 
Posts: 689
Default Draytek v2760

David Wade wrote:

[snip]



In Greater Manchester but I have plenty of test options...


OK let us know how you get on.

--
Graham J


  #18  
Old March 13th 18, 12:32 AM posted to uk.telecom.broadband
David Wade[_3_]
external usenet poster
 
Posts: 21
Default Draytek v2760

On 06/03/2018 16:16, Graham J wrote:
David Wade wrote:

[snip]



In Greater Manchester but I have plenty of test options...


OK let us know how you get on.


Well I in the end I replaced my BT HomeHub5 with a Draytek 2862.
Expensive but impressive. Set up the client VPN and my phone seems to
connect ok, laptop VPN connects via built-in gsm card over Vodafone, so
i think I am good to go..

... lots more useful features on the Draytek to explore. Multiple subnets
looks interesting


Hardest bit was getting the Dynamic DNS client to update the Mythic
Beasts Dynamic DNS server, but once I had added a couple of "%20"
characters it worked fine.

I have now powered down my old XP box that I had VPN serving and the
Windows/10 box that was updating the Dynamic DNS but I don't think I
will save the cost of the box in electricity...


Dave
  #19  
Old March 13th 18, 07:53 AM posted to uk.telecom.broadband
Graham J[_2_]
external usenet poster
 
Posts: 689
Default Draytek v2760

David Wade wrote:
On 06/03/2018 16:16, Graham J wrote:
David Wade wrote:

[snip]



In Greater Manchester but I have plenty of test options...


OK let us know how you get on.


Well I in the end I replaced my BT HomeHub5 with a Draytek 2862.
Expensive but impressive. Set up the client VPN and my phone seems to
connect ok, laptop VPN connects via built-in gsm card over Vodafone, so
i think I am good to go..

.. lots more useful features on the Draytek to explore. Multiple subnets
looks interesting


Hardest bit was getting the Dynamic DNS client to update the Mythic
Beasts Dynamic DNS server, but once I had added a couple of "%20"
characters it worked fine.


[snip]

I've found DDNS to be a little unreliable.

So it's probably worth getting a static IP from your ISP, if necessary
by changing ISP. The monitoring then available from the likes of Zen
Internet or Andrews & Arnold really does make it worthwhile. Plusnet
will charge you 5 one-off to allocate you a static IP, and you can use
it with F8Lure (see: https://f8lure.mouselike.org/auth.asp).

Have you been able to test the equivalent client configuration to that
which you have in Spain - i.e. with the double NAT?

--
Graham J




  #20  
Old March 13th 18, 08:44 AM posted to uk.telecom.broadband
David Wade[_3_]
external usenet poster
 
Posts: 21
Default Draytek v2760

On 13/03/2018 07:53, Graham J wrote:
David Wade wrote:
On 06/03/2018 16:16, Graham J wrote:
David Wade wrote:

[snip]



In Greater Manchester but I have plenty of test options...

OK let us know how you get on.


Well I in the end I replaced my BT HomeHub5 with a Draytek 2862.
Expensive but impressive. Set up the client VPN and my phone seems to
connect ok, laptop VPN connects via built-in gsm card over Vodafone, so
i think I am good to go..

.. lots more useful features on the Draytek to explore. Multiple subnets
looks interesting


Hardest bit was getting the Dynamic DNS client to update the Mythic
Beasts Dynamic DNS server, but once I had added a couple of "%20"
characters it worked fine.


[snip]

I've found DDNS to be a little unreliable.

So it's probably worth getting a static IP from your ISP, if necessary
by changing ISP.* The monitoring then available from the likes of Zen
Internet or Andrews & Arnold really does make it worthwhile.* Plusnet
will charge you 5 one-off to allocate you a static IP, and you can use
it with F8Lure (see: https://f8lure.mouselike.org/auth.asp).

Have you been able to test the equivalent client configuration to that
which you have in Spain - i.e. with the double NAT?


No, I am waiting for a second non-vdsl router to arrive. I can use that
with my laptops GSM card to simulate the network in Spain...

... BT won't do static IP on a non-business contract. I was thinking of
switching ISP, probably to PlusNet when my BT contract is up in the
Autumn. Now I have the Draytech router that process is much simpler and
the savings I would make over a normal BT contract might pay for the
router...

... it would also make joining HECNET (a DECNET network for non-business
users) simpler but I would lose access to BT wireless on the move...

Dave
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
draytek ap-800 Keith Barrett uk.comp.home-networking (UK home networking) 2 November 23rd 10 05:10 PM
Draytek VOIP as an ATA TheDragon uk.telecom.voip (UK VOIP) 4 July 20th 09 07:56 PM
draytek Vigor2600 stuart harmes uk.telecom.broadband (UK broadband) 9 October 8th 04 01:26 AM
Draytek 2600v Phil uk.telecom.broadband (UK broadband) 1 October 1st 04 08:33 AM
Draytek 2600 Glenn Clark uk.telecom.broadband (UK broadband) 2 December 24th 03 07:45 PM


All times are GMT +1. The time now is 09:23 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2018 BroadbanterBanter.
The comments are property of their posters.