Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
263
Views
0
Helpful
1
Replies

Clients of 3002 cannot ping same server concurrently

3slaverty
Level 1
Level 1

‎07-15-2005 08:03 AM - edited ‎03-09-2019 11:51 AM

In our head office we have a cisco vpn concentrator.

In a satellite office we have a broadband network (a dedicated 2mb adsl connection)

When we connect 2 laptops in the satellite office to this network(both with cisco vpn software 4.6) we can vpn in to the head office and do concurrent pings to any machine.

However when we connect the same laptops in the satellite office to a cisco 3002 vpn hardware device (did tests running both vpn3002-4.1.5.Rel-k9.bin as well as running 4.7 - the newest version) we find everything seems to work but that only one laptop can ping any machine concurrently.

IE If you have 2 persistent pings to one target machine in the head office, only one will return a reply, interrupt that and the other starts to work. These clients get their ips from the 3002 box via dhcp.

Is this normal ?

It might seem small beer but the guys on the network are seeing some services take an hour to start when they should really take about a minute at most. This is the only problem that we can point to and say "something might be wrong here" ...

I know that on the HO concentrator each individual is assigned a unique ip whereas for the 3002 is only given one ip no matter how many clients are hooked up to it. Is this the area I should be looking at ? Would have thought the concentrator would handle traffic more intelligently.

I can send on more details ...

Any help appreciated.

Regards,

Steven

Labels:
0 Helpful
1 Reply 1

b.hsu
Level 5
Level 5

‎07-21-2005 06:40 AM

Which mode are you running the VPN 3002 Concentrator, if you Statically mapping IP addresses you should run it in Network Extension mode(NEM). If you have only 1 IP address you should use PAT. PAT has a known history wherein applications that use dynamic port numbers do not work well.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents