Simultaneous VPN connection

Discussion in 'Cisco' started by navcole, Sep 16, 2005.

  1. navcole

    navcole Guest

    I have a remote office with 2 people that make VPN connection back to
    corporate office through a DSL line. The problem is that only one
    person can make VPN connection at a time. As soon as the next person
    try to connect, the first person got disconnected. I have IPSEC over
    UDP configured on the concentrator at corporate. Please help.
     
    navcole, Sep 16, 2005
    #1
    1. Advertising

  2. navcole

    AM Guest

    navcole wrote:
    > I have a remote office with 2 people that make VPN connection back to
    > corporate office through a DSL line. The problem is that only one
    > person can make VPN connection at a time. As soon as the next person
    > try to connect, the first person got disconnected. I have IPSEC over
    > UDP configured on the concentrator at corporate. Please help.


    I don't if what I tell you is correct but do those employees uses vpnclient and they present themsel to the concetrator
    with the same public IP address? If this the case you shoul consider to build a LAN to LAN tunnel.

    Let me know.

    Alex.
     
    AM, Sep 16, 2005
    #2
    1. Advertising

  3. navcole

    navcole Guest

    Yes..they come out of the router there as 1 single IP. I know the
    problem is that when they come out, the router assign a UDP port 500
    for all connection. So there is a conflict if the second connection
    comes up. The Netgear box that we have there doesn't have a feature
    that assign different port for differnet computer. I am not sure
    others commercial router/dsl router out there have this feature.
     
    navcole, Sep 16, 2005
    #3
  4. navcole

    AM Guest

    navcole wrote:
    > Yes..they come out of the router there as 1 single IP. I know the
    > problem is that when they come out, the router assign a UDP port 500
    > for all connection. So there is a conflict if the second connection
    > comes up. The Netgear box that we have there doesn't have a feature
    > that assign different port for differnet computer. I am not sure
    > others commercial router/dsl router out there have this feature.
    >

    I'm quite sure that there is not PAT (Port Address Translation) for UDP protocol or IPsec requires that both
    transmitting and receiving port must be UDP 500 on the same port, but the server should discard incoming ones as
    "malformed" or something like that.
    Having more than one PC that must connect safely with devices behind the "VPNserver" should tell you that you need LAN
    to LAN configuration.

    Alex.
     
    AM, Sep 16, 2005
    #4
  5. In article <>,
    navcole <> wrote:
    :I have a remote office with 2 people that make VPN connection back to
    :corporate office through a DSL line. The problem is that only one
    :person can make VPN connection at a time. As soon as the next person
    :try to connect, the first person got disconnected. I have IPSEC over
    :UDP configured on the concentrator at corporate. Please help.

    You do not indicate what your VPN termination device is, nor what
    your VPN client is.

    If you are using Cisco's VPN software client, and you are using
    recent (within last year or so) software versions of a PIX, VPN3000,
    or IOS router, as the termination point, then all you should need
    to do is enable isakmp nat-traversal on the termination point.

    If your Netgear box at the remote office proves not to be able to
    cope with two different internal hosts using the same internal source port,
    then it needs to be replaced anyhow, even without VPNs.
    --
    Oh, to be a Blobel!
     
    Walter Roberson, Sep 16, 2005
    #5
  6. navcole

    Nick Guest

    I know that Linksys supports this but I don't know if its a certain
    version of their broadband router or not.

    navcole wrote:
    > Yes..they come out of the router there as 1 single IP. I know the
    > problem is that when they come out, the router assign a UDP port 500
    > for all connection. So there is a conflict if the second connection
    > comes up. The Netgear box that we have there doesn't have a feature
    > that assign different port for differnet computer. I am not sure
    > others commercial router/dsl router out there have this feature.
    >
     
    Nick, Sep 16, 2005
    #6
  7. navcole

    smoove Guest

    The answer below is correct, you need 2 real IP's. Or a Lan to Lan tunnel.
    You can only have one IPSEC tunnel per IP.


    "AM" <> wrote in message
    news:R1vWe.3312$...
    > navcole wrote:
    >> I have a remote office with 2 people that make VPN connection back to
    >> corporate office through a DSL line. The problem is that only one
    >> person can make VPN connection at a time. As soon as the next person
    >> try to connect, the first person got disconnected. I have IPSEC over
    >> UDP configured on the concentrator at corporate. Please help.

    >
    > I don't if what I tell you is correct but do those employees uses
    > vpnclient and they present themsel to the concetrator with the same public
    > IP address? If this the case you shoul consider to build a LAN to LAN
    > tunnel.
    >
    > Let me know.
    >
    > Alex.
     
    smoove, Sep 16, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Main User

    Connection to two simultaneous wireless networks, ICS

    Main User, Nov 17, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    1,025
    Main User
    Nov 17, 2005
  2. Frank

    2 simultaneous connection

    Frank, Jul 31, 2009, in forum: Wireless Networking
    Replies:
    1
    Views:
    471
    Steve Winograd [MS-MVP]
    Jul 31, 2009
  3. Pavel A.
    Replies:
    0
    Views:
    594
    Pavel A.
    Aug 8, 2009
  4. Jack [MVP-Networking]

    Re: XP SP3: Simultaneous dual-band wireless connection supported?

    Jack [MVP-Networking], Aug 9, 2009, in forum: Wireless Networking
    Replies:
    1
    Views:
    698
    Philip Doragh
    Aug 9, 2009
  5. smlunatick
    Replies:
    0
    Views:
    580
    smlunatick
    Aug 11, 2009
Loading...

Share This Page