Re: Multiple VPN Client connection to Cisco PIX

abdul.kokumo · ‎02-05-2003

I am having problem connecting multiple VPN clients from the same remote location to the central office. The remote location has cisco 2621 router doing NAT and providing internet access to remote host. The central Office has a Cisco PIX configured to allow VPN Clients network access.

If I initiate the VPN Client from the first host, it connects and any other host that try to connect thereafter comes with "Remote peer no longer responding". If I drop the connected host, then another host will connect. Only one host at a time.

Any fix?

wolfrikk · ‎02-05-2003

What model PIX is the central office using?

abdul.kokumo · ‎02-05-2003

PIX 515 with latest IOS.

gfullage · ‎02-10-2003

This is not really the PIX's problem, but more the routers inability to NAT the IPSec packets properly.

You can upgrade the router to 12.2(13)T which supports IPSEc thru NAT (http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t13/ftnatesp.htm). Note the command reference on this is pretty bad, you really don't need to configure anything to make this happen, it just works if you have NAT configured and the router detects IPSec packets.

Or you can wait till v6.3 code on the PIX comes out (hopefully next month), which will support NAT-T and then everything'll work also.

abdul.kokumo · ‎07-15-2003

I upgraded the router to 12.2(13)T and 12.2(15)T5. Also the PIX was upgraded to V6.31, still multiple VPN connections cannot be made. One connection drop after the other is made.