Layer 2 Tunneling Protocol is a secure method of creating a point to point user based VPN. It relies on the Internet Protocol Security standard of encryption which individually encrypts each packet. This is preferable to the main VPN alternative PPTP (Point-to-Point Tunneling Protocol) which has optional encryption which applies to the connection as a whole as opposed to each individual packet making it PPTP more vulnerable.
To configure L2TP on a DrayTek Router go to VPN and Remote Access >> Remote Access Control Setup and make sure that IPSec and L2TP are ticked.
Then go to VPN and Remote Access >> IPsec General Setup. Here we will setup a Pre Shared Key (PSK) to use alongside our L2TP User Name and Password, so type you desires PSK into the fields and make sure the Security Method boxes are ticked.
Finally go to VPN and Remote Access >> Remote Dial-in User and open a user to edit. Input a User Name and Password and make sure that the LT2P box is ticked, the the IPSec Policy is set to "Must".
That's the router configured now we need to set up the VPN connection on a remote computer. The following instructions are for Windows.
Then choose "Connect to a workplace" and click next.
Choose "No, create a new connection" and click next.
The choose "Use my Internet connection (VPN)".
Input the WAN IP or DynDNS details of the remote site in the Internet Address field and give the connection a name so that you can identify it in the Destination Name field. then Click create.
Before we can connect for the first time we must first set the security protocols to be used and input our IPSec PSK.
To do this open "Network Connections" by pressing "Windows+X" (Windows 8) or by clicking "Change Adapter Settings" from the "Network and Sharing Center" (Windows 7). Right Click on your new VPN connection and choose properties. You will need administrator privileges to do this.
Click on the "Security" tab and from the "Type of VPN" menu choose L2TP/IPSec, then Click "Advanced settings".
In the "Advanced Properties" window choose the "Use pre-shared key for authentication" radial button and type your IPSec PSK into the Key field then click OK to all of the property windows.
.png)
Now you're ready to connect. Simply click the network icon in the bottom right of the screen and choose your remote site from the list. The first time you connect you will be asked for your L2TP User Name and Password. You can choose to save these for future connections or input then each time depending on you security policy.
