Hướng dẫn cấu hình site to site VPN giữa Draytek và Mikrotik

Các bạn cấu hình từng bước theo guide dưới đây

1. Enter Name
2. Select Auth. Algorithms as md5
3. Select Encr. Algorithms as 3des.
4. Click OK to save the configuration.

1. Enter Address as Draytek's WAN IP.
2. Select Auth. Method as pre shared key, and enter Secret.
3. Select Hash Algorithm as md5, Encryption Algorithm as 3ces.
4. Click OK to save the configuration.

1. Enter Src. Address as Mikrotik's LAN IP.
2. Enter Dst. Address as DrayTek's LAN IP.

1. Enable Tunnel.
2. Set SA Src. Address as Mikrotik's WAN IP.
3. Set SA Dst. Address as Draytek's WAN IP.
4. As for Proposal, select the Proposal we just created.
5. Click OK to save the configuration.

1. Select Chain as srcnat.
2. Set Dst. Address as the range of your destination network.
3. Select Out. Interface as a WAN interface, here we use ether1.

4. Select Action as accept.
5. Click OK to save the configuration.

1. Enter Profile Name and Enable this profile.
2. Select Call Direction as Dial-out.

1. Select Type of Sever I am calling as IPsec Tunnel.
2. Enter Mikrotik's Server IP or Host Name.
3. For IKE Authentication Method, choose Pre-Shared Key and enter the key.
4. For IPSEC Security Method, choose High(ESP), and select 3DES with Authentication.
5. Click on Advanced for advanced setting.

In IKE advances setttings: Select IKE phase 2 proposal as 3DES_MD5, and click OK

1. Enter Remote Network IP as Mikrotik's LAN IP.
2. Click OK to save the configuration.

2. To check VPN connection status, Go to Advanced >> VPN and Remote Access >> Connection Management

(Theo draytek)