Hosted by:   


ReadAllAboutIT Up a Level




Office 365 for SMEs
Berkshire and Oxfordshire Business Computer Support
Henley-on-Thames Computer Support
IT Computer Support
Computer Support Services
Insolvency Practitioner Data Recovery and Extraction Services


We are today looking at an example of how to construct a large VPN hub/spoke structure for a modest budget.

We are going to be using the Billion 7560 router which is a fabulous little device with excellent content management capability and can be obtained as a wireless model (the 7560G) for less than 40 GBPs. One of the many features I really like about this router (apart from great QoS, A brilliant interface and sound design) is that it supports 256-bit AES IPSec encryption with SHA1 group 5. This means we can use the full encryption capability of the DrayTek Vigor 3300 to each and every satellite office.

Each system will require access to the server at the head office but not access to any other site. Email will be routed from an Exchange server at head office and each office will use the files and permissions from a DC at the head office.

The Billion will support just a few VPNs but the Vigor (depending on what you are reading) can support either 128 or 200. We will just quickly go through the setup for a single instance of a Draytek-Billion VPN.

Firstly on the Draytek:

Open the IPSec policy page:

Then edit an IPSec Policy:

The following values need to be filled:


  • Profile: Status: Enabled or Disabled - whether the profile is active or not

  • Name: Any name you want to choose to describe the policy and this has no effect on the other devices at all

  • Authentication: Pre-shared key or RSA Signature where you choose how each end will be identified. If you have a certificate generated for the domain at each end you may use certificates, otherwise stick to pre-shared keys.

  • Pre-Shared Key: This is where you type the pre-shared key which is essentially a pass key just like you might use in WPA-PSK

  • Security Protocol: ESP or AH with AH just having Authentication and ESP having Encryption also

Local Gateway

WAN Interface - which of the four WAN interfaces the VPN will connect through. Be careful here you are using the correct WAN with the correct endpoint IP or domain name as this can make or break a connection.

Local Certificate: Choose the correct cert here

Security Gateway:



Hosted Microsoft Exchange Server 

Provided by:


Email Hosting UK

In the modern business, the choice to host your own email or move in to the cloud is pretty much a 'no-brainer.' Email Hosting UK servers allow for all of the services that your in-house Exchange Server provides.

Call on +44 844 880 1618 to discuss your migration.

Provided by:
Security Audit
Our consultancy service is designed for SMEs who would like some help to get moving toward a streamlined & reliable computer system.

 We analyse your network and workflow and tell you what we think you should be doing with NO obligation. We want to set an example for quality of service and we want to help YOU to prove it. IT Solutions and Support

ReadAllAboutIT | Up a Level | Information Pages | About Us | Enter the Forum


   website promotion

Questions or problems regarding this Computer Help Forum should be directed to
Copyright 2016 Limited. Company Number: 05561848. 7 Winnersh Fields, Gazelle Close, Winnersh Triangle, Berkshire RG41 5QS. All rights reserved
Last modified: 27-Dec-2015.