I recently finished setting up remote access for a client who did not previously have broadband Internet. He wanted connectivity between his two offices on demand. I had used the D-Link DFL-700 router in three of my offices for the past few years as well as setting up these routers at three other offices. They have been very reliable and the VPN access has worked with little hassle after the initial setup. Unfortunately, these routers are no longer available, so I was back to finding a good VPN router. After checking D-Link’s current products, I stumbled upon the DFL-210. I had read some reviews which spoke highly of it, so I figured I’d give it a shot.
The DFL-210 is a lot more complicated than the DFL-700 was to setup. It does have a nice wizard when you first access it to setup a router password and Internet connection. On the first router, I messed up the Internet connection setup, and I couldn’t figure it out manually so I ended up resetting the router so I could run the wizard again since I saw no other way to access the wizard. On try two, I got it right, so the second router’s Internet setup went much more smoothly.
The second part of the setup was to get the VPN server working and be able to connect to remote PCs. I found some nice How-To documents on the router CD, including one to setup a VPN server. I followed the thorough instructions and after was able to connect to the router. Unfortunately, I was not able to access the network or any PCs. I first looked for help on the Internet and found a page at My Digital Life which had users asking for help and others giving some advice. The first suggestion that proved relevant was adding the WAN IP address and WAN Gateway address to the router. By default, these addresses show up as 0.0.0.0 in the web interface. The second suggestion was to add a rule to allow outbound PPTP client connectivity to a remote PPTP server. Finally, I had to call D-Link support for the final piece of the puzzle. I called during the day, got through fairly quickly, got a tech who I explained the problem to, was put on hold for a few minutes, then he had me check a setting which was not on which pertained to routing. With the setting checked, everything was working.
To make it easy for others to setup the PPTP server and allow VPN client passthrough, let me give you the steps you need (my configuration was with a DSL conenction with Static IP addresses):
1) On the router CD, print the scenario: How to configure L2TP and PPTP servers for remote users when firewall is using PPOE.
2) Assuming your Internet connection is working, make the following changes to the instructions: In step 1, your lan_ip and lannet should already be set, but set your WAN IP and WAN Gateway IP. In the second part of step 1, in the IPPools Address Folder you just added, you will add a new IP Address (there’s no selection for a new IP4 Host/Network on the DFL-210).
3) Skip step 2. In step 3, under Server IP, I selected wan_ip since I skipped step 2. Also in step 3, when you go to the Add Route tab, you also need to check Always select All Interfaces, including new ones.
4) Step 4 remains the same. In step 5, under Terminator IP, I used wan_ip again instead of ip_PPOEClient (which was not a choice). I did not do the Per-user IP Configuration.
5) I skipped step 6 because I used the IP address of the router to connect and didn’t require Dynamic DNS.
6) I followed step 7, but when you are in the Rules section, add a new rule in the LANToWan folder called PPTP_Pass_Through. For Action choose NAT, for Service choose PPTP-SUITE. On Address Filter, source interface is LAN, destination interface is WAN, source network is LANNET, destination network is ALLNETS.
I hope these instructions help anyone who is trying to setup a PPTP server on the DFL-210. It seems to be a great router, if a tad complex to configure for novice firewall admins.