GEN
Search Downloads Cloud Contact Status

DrayTek Level 1 – Routing and WAN Essentials

This is a compact engineer-focused DrayTek course for technical staff who already understand IP addressing, subnetting and basic routing. It explains how DrayTek routers are commonly deployed, how traffic enters and leaves the platform, and how to work confidently with core edge-routing functions.

The session concentrates on practical operational understanding: PPPoE and PPPoA, WAN setup, routing, NAT and port forwarding, load balancing, firewalling, point-to-point VPNs, VLANs, policy routing and diagnostics. It is designed as a high-value 4-hour technical module rather than a long beginner course.

DrayTek Routing Training

Course purpose

Give network staff a practical mental model for DrayTek routing so they can configure common WAN and LAN functions more confidently, understand how features interact, and troubleshoot routing, NAT, firewall and VPN behaviour with better accuracy.

Duration

  • 4 hours
  • Best suited to technically experienced learners who already know IP basics

Target audience

  • network engineers
  • technical support and escalation staff
  • MSP and field engineers deploying branch routers
  • infrastructure teams supporting WAN edge devices
  • administrators who need practical DrayTek routing knowledge rather than deep vendor certification theory

Prerequisites

Learners should already be comfortable with:

  • IPv4 addressing and subnet masks
  • default gateway concepts
  • basic LAN vs WAN terminology
  • common troubleshooting ideas such as ping, traceroute and DNS checks

The course assumes networking foundations and focuses on applying them to DrayTek platforms.

Learning outcomes

  • explain where a DrayTek router sits in a branch or SME network design
  • distinguish between common WAN handoff models including PPPoE, PPPoA, static IP and DHCP-based access
  • reason about interfaces, subnets, gateways and route selection on a DrayTek router
  • configure and troubleshoot NAT and port forwarding at a practical level
  • explain how load balancing, failover and policy decisions affect traffic path selection
  • understand firewall rule behaviour and the importance of rule order and direction
  • describe common point-to-point VPN use cases and the basic parameters involved
  • understand static routes, dynamic routing awareness and policy routes in a DrayTek context
  • apply VLAN concepts to segmentation, inter-VLAN routing and service separation
  • use built-in diagnostic tools to troubleshoot WAN, routing, NAT and VPN issues more methodically

Detailed module structure

Unit 1: DrayTek platform context and traffic flow

Topics:

  • where DrayTek routers typically sit in a branch or SME design
  • LAN side vs WAN side thinking
  • interfaces, zones and service roles
  • how packets move from client to router to upstream service
  • what features interact in the forwarding path:
    • routing
    • NAT
    • firewall rules
    • VPN policies
Core framing: most troubleshooting becomes easier once learners can visualise the packet path through interface, route, NAT and policy decisions.

Unit 2: WAN setup and access methods

Topics:

  • typical WAN handoff models on DrayTek routers
  • PPPoE:
    • what it is
    • where it is commonly used
    • username, password and MTU considerations
  • PPPoA at a practical awareness level and where it historically appears
  • static IP WAN configuration
  • DHCP-assigned WAN configuration
  • DNS, gateway and service reachability checks

Unit 3: Routing, subnets and path selection

Topics:

  • subnet boundaries and directly connected networks
  • default route and next-hop logic
  • static routes and common branch-office use cases
  • policy routes and why traffic may need different treatment by source, destination or service
  • dynamic routing awareness:
    • what dynamic routing solves
    • where it may appear in larger environments
    • why it is kept high-level in a 4-hour session
Operational message: if the wrong route is chosen, NAT, firewall and VPN changes often appear broken even when they are configured correctly.

Unit 4: NAT and port forwarding

Topics:

  • why NAT exists at the edge
  • source NAT for outbound traffic
  • destination NAT and port forwarding for inbound services
  • one-to-one thinking vs many-to-one thinking
  • common mistakes:
    • wrong internal host
    • wrong WAN interface
    • missing firewall allowance
    • double NAT confusion
  • how to verify whether the issue is routing, NAT or service-side

Unit 5: Multi-WAN, load balancing and policy decisions

Topics:

  • why organisations use multiple WAN connections
  • load balancing vs failover
  • session persistence and why some applications dislike path changes
  • link preference and service steering
  • using policy logic to pin traffic to the right WAN
  • practical examples:
    • voice traffic preferring one WAN
    • guest traffic preferring a cheaper link
    • backup VPN traffic avoiding the primary path

Unit 6: Firewall behaviour and rule logic

Topics:

  • firewall purpose at the WAN edge
  • permit vs deny thinking
  • source, destination, service and schedule matching
  • rule order and why top-down evaluation matters
  • inbound service exposure and least-privilege design
  • relationship between firewall rules, NAT and VPN traffic
Key idea: a correct port forward alone does not make a service reachable if firewall policy, route choice or return path is wrong.

Unit 7: Point-to-point VPN essentials

Topics:

  • what a site-to-site or point-to-point VPN solves
  • LAN-to-LAN tunnel concepts
  • peer addressing, local and remote networks, and authentication
  • tunnel establishment at a high level
  • routing over the tunnel
  • common failure causes:
    • mismatched subnets
    • overlapping address space
    • policy mismatch
    • incorrect WAN binding

Unit 8: VLANs and segmented networks

Topics:

  • why VLANs are used for segmentation
  • separating staff, guest, voice and management networks
  • tagged vs untagged traffic at a practical level
  • router-on-a-stick style thinking and inter-VLAN routing awareness
  • where firewall policy fits between VLANs
  • how VLAN design affects DHCP, DNS, routing and security policy

Unit 9: Diagnostics and structured troubleshooting

Topics:

  • link state and interface checks
  • routing table inspection
  • ARP, gateway and DNS validation
  • ping and traceroute in context
  • checking whether traffic fails at WAN, route, NAT, firewall or VPN stage
  • using logs and counters to confirm rule matches
  • building a fault-finding sequence instead of guessing
Recommended method: test one layer at a time: interface, addressing, route, translation, policy, then application reachability.

Labs

  • review a PPPoE WAN configuration and identify the critical settings
  • trace the expected packet path for a user browsing out to the Internet
  • analyse a failed port-forwarding scenario and identify whether the issue is NAT, firewall or return routing
  • compare failover vs load balancing behaviour for two WAN links
  • review a point-to-point VPN scenario with mismatched local and remote networks
  • interpret a simple VLAN and inter-VLAN policy design
  • follow a structured troubleshooting sequence using ping, route checks and rule/log inspection

Assessment

Practical routing exercise

  • identify the correct WAN method for a scenario
  • explain the route and NAT path for a service flow
  • spot the likely cause of a broken port forward or VPN path
  • describe the next safe troubleshooting step

Engineering knowledge check

Explain how a DrayTek router would handle a packet from LAN host to WAN service, then describe how routing, NAT, firewall rules, VPN policy and diagnostics would be used to confirm where a failure occurs.

Practical DrayTek routing knowledge - Better WAN decisions - Faster troubleshooting

Built for engineers who need concise edge-routing, NAT, VPN and diagnostics capability in a single focused session

Index v1.053 Standard v1.135   Copyright © 2026 GEN Partnership. All Rights Reserved, Content Policy, E&OE.   ^sales^  0115 933 9000  Privacy Notice   2886 Current Users, 2 Hits