Switch Systems Blog

On site the other day, had a very strange problem where DNS requests from windows server boxes were not working. No firewall rules in the router, and nslookup still fails, but it would work absolutely fine from my laptop on the same network.

Moving away from the idea that the servers were at fault, I decided that DNS requests were being silently dropped by the router. I temporarily replaced the Draytek 2820 router with another, and bang – instantly DNS started working again.

I reset the draytek router to factory defaults, reconfigured the DSL connection and DNS was still working fine – so there must be something in the router’s configuration which was breaking it. Sadly, the ‘download backup configuration’ in the router produces an encrypted and compressed config file, so I couldn’t determine what exactly the problem was. I expect that a router firmware upgrade was done with an existing configuration file, and something got messed up internally.

Anyway, to cut a long story short, I found some ways to get access to an unencrypted config – which I needed to restore the VPN access accounts and other configuration settings from a backup of the broken config.

Ammonium has published DrayTools, a collection of Python scripts which can decrypt config files and download firmware data for all DrayTek Vigor 2xxx series routers.

Ammonium also noted that you can get an unencrypted config file by using FTP:

220 FTP version 1.0
User (ROUTER_IP:(none)): admin
331 Enter PASS command
Password:
230 Logged in
ftp> ls
200 Port command okay
150 Opening data connection for NLST
v2820_3.3.4.1_232201.cfg
v2820_3.3.4.1_232201.all
226 File sent OK
ftp: 52 bytes received in 0.60Seconds 0.09Kbytes/sec.