Configuring a Draytek-to-Smoothwall VPN

Article #: Product Castle
1852 Unified Threat Management All


The following guide is provided by our Service Support Engineers to help you configure your Draytek-to-Smoothwall VPN. However if you are unsure of how to configure your Draytek router, we recommend you contact your Draytek Support service.


You are having problems configuring a working Draytek-to-Smoothwall VPN.


  1. From your router's interface, go to VPN-remote access control.
  2. Ensure IPSec VPN is selected but the other options are not.
  3. VPN-LAN to LAN should now be selected.
  4. You will need to configure a profile with the IP or FQDN of the domain your Smoothwall is on. Make sure this profile is enabled and dial-out is always on:
    • Dial-out settings should be set to IPSec tunnel
    • IKE authentication method should be pre-shared key. Type in an agreed pre-shared key. This must then be entered on the Smoothwall as well. Check advanced has IKE phase1 and phase2 are set to AES128_MD5_G2
    • Set IPSec security method to high – AES with authentication. Also, add server IP/hostname..
  5. On your Smoothwall interface:
    1. Browse to Network > VPN > IPSec subnets.
    2. Click Advanced.

    In this example case the external IP is and the internal IP is

    This will obviously be different in each case but your Smoothwall set-up should look like this:

  6. On the Draytek Router:
    1. In the case of this test example, in LAN-to-LAN under section 4, remote network IP would be and remote network mask would be
    2. Local network IP (in this case) is with mask of These will obviously be different when configuring your own settings.
    3. Now go to System Maintenance > Management and make sure under Allow management from the internet only that HTTPS Server is selected. Also, clear the selection for Disable ping from internet.
    4. Under management port setup change the user defined ports as follows:
      • Telnet9023
      • HTTP9080
      • HTTPS9443
      • FTP9021
      • SSH9022


Last updated: Author: Contributions by:
23 August 2016   DMT