Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Simultaneous VPN connection

Reply
Thread Tools

Simultaneous VPN connection

 
 
navcole
Guest
Posts: n/a
 
      09-16-2005
I have a remote office with 2 people that make VPN connection back to
corporate office through a DSL line. The problem is that only one
person can make VPN connection at a time. As soon as the next person
try to connect, the first person got disconnected. I have IPSEC over
UDP configured on the concentrator at corporate. Please help.

 
Reply With Quote
 
 
 
 
AM
Guest
Posts: n/a
 
      09-16-2005
navcole wrote:
> I have a remote office with 2 people that make VPN connection back to
> corporate office through a DSL line. The problem is that only one
> person can make VPN connection at a time. As soon as the next person
> try to connect, the first person got disconnected. I have IPSEC over
> UDP configured on the concentrator at corporate. Please help.


I don't if what I tell you is correct but do those employees uses vpnclient and they present themsel to the concetrator
with the same public IP address? If this the case you shoul consider to build a LAN to LAN tunnel.

Let me know.

Alex.
 
Reply With Quote
 
 
 
 
navcole
Guest
Posts: n/a
 
      09-16-2005
Yes..they come out of the router there as 1 single IP. I know the
problem is that when they come out, the router assign a UDP port 500
for all connection. So there is a conflict if the second connection
comes up. The Netgear box that we have there doesn't have a feature
that assign different port for differnet computer. I am not sure
others commercial router/dsl router out there have this feature.

 
Reply With Quote
 
AM
Guest
Posts: n/a
 
      09-16-2005
navcole wrote:
> Yes..they come out of the router there as 1 single IP. I know the
> problem is that when they come out, the router assign a UDP port 500
> for all connection. So there is a conflict if the second connection
> comes up. The Netgear box that we have there doesn't have a feature
> that assign different port for differnet computer. I am not sure
> others commercial router/dsl router out there have this feature.
>

I'm quite sure that there is not PAT (Port Address Translation) for UDP protocol or IPsec requires that both
transmitting and receiving port must be UDP 500 on the same port, but the server should discard incoming ones as
"malformed" or something like that.
Having more than one PC that must connect safely with devices behind the "VPNserver" should tell you that you need LAN
to LAN configuration.

Alex.
 
Reply With Quote
 
Walter Roberson
Guest
Posts: n/a
 
      09-16-2005
In article <(E-Mail Removed) .com>,
navcole <(E-Mail Removed)> wrote:
:I have a remote office with 2 people that make VPN connection back to
:corporate office through a DSL line. The problem is that only one
erson can make VPN connection at a time. As soon as the next person
:try to connect, the first person got disconnected. I have IPSEC over
:UDP configured on the concentrator at corporate. Please help.

You do not indicate what your VPN termination device is, nor what
your VPN client is.

If you are using Cisco's VPN software client, and you are using
recent (within last year or so) software versions of a PIX, VPN3000,
or IOS router, as the termination point, then all you should need
to do is enable isakmp nat-traversal on the termination point.

If your Netgear box at the remote office proves not to be able to
cope with two different internal hosts using the same internal source port,
then it needs to be replaced anyhow, even without VPNs.
--
Oh, to be a Blobel!
 
Reply With Quote
 
Nick
Guest
Posts: n/a
 
      09-16-2005
I know that Linksys supports this but I don't know if its a certain
version of their broadband router or not.

navcole wrote:
> Yes..they come out of the router there as 1 single IP. I know the
> problem is that when they come out, the router assign a UDP port 500
> for all connection. So there is a conflict if the second connection
> comes up. The Netgear box that we have there doesn't have a feature
> that assign different port for differnet computer. I am not sure
> others commercial router/dsl router out there have this feature.
>

 
Reply With Quote
 
smoove
Guest
Posts: n/a
 
      09-16-2005
The answer below is correct, you need 2 real IP's. Or a Lan to Lan tunnel.
You can only have one IPSEC tunnel per IP.


"AM" <(E-Mail Removed)> wrote in message
news:R1vWe.3312$(E-Mail Removed)...
> navcole wrote:
>> I have a remote office with 2 people that make VPN connection back to
>> corporate office through a DSL line. The problem is that only one
>> person can make VPN connection at a time. As soon as the next person
>> try to connect, the first person got disconnected. I have IPSEC over
>> UDP configured on the concentrator at corporate. Please help.

>
> I don't if what I tell you is correct but do those employees uses
> vpnclient and they present themsel to the concetrator with the same public
> IP address? If this the case you shoul consider to build a LAN to LAN
> tunnel.
>
> Let me know.
>
> Alex.



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: XP SP3: Simultaneous dual-band wireless connection supported? Pavel A. Wireless Networking 0 08-08-2009 09:27 PM
2 simultaneous connection Frank Wireless Networking 1 07-31-2009 07:36 PM
How many simultaneous VPN connections WinXP & Win2K3 Server Jack B. Pollack Computer Support 1 08-24-2007 05:50 PM
2 simultaneous site to site VPN tunnels with 3 PIX maction555@gmail.com Cisco 4 08-15-2007 03:23 AM
Connection to two simultaneous wireless networks, ICS Main User Wireless Networking 0 11-17-2005 05:22 PM



Advertisments