Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
741
Views
0
Helpful
5
Replies

Multiple VPN Client Session Problem

vincentm
Level 1
Level 1

‎03-24-2005 10:23 AM - edited ‎02-21-2020 01:41 PM

I have a facility that communicates to our Corp Concentrator 3030 by the use of a Cable Internet connection. There is currently 1 pc on an active connection without any problems, however when we bring the secondary machine up and try to supply the login credentials, the second machine will disconnect the active computer off the VPN tunnel. After troubleshooting the setup at the facility, I found out that they had a D-Link 604 in between the Cable Modem and the PC's running the VPN client. After extensive troubleshooting, we found out that the D-Link Wireless router supported multiple sessions, but not to 1 End Point. It is only supported going to Multiple End Points. With that we decided to take the router out, and replace it with a device that would support multiple sessions going to 1 end point. I recommended a Cisco 3002 Hardware Client, however I am not sure if they are going to have the budget to purchase. Are you aware of anything else we could use to fix the problem? Or will they need to purchase new hardware.

Labels:
0 Helpful
5 Replies 5

mhussein
Level 4
Level 4

‎03-24-2005 06:04 PM

Hello,

Try enabling NAT transparency and see if that fixes the problem:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_tech_note09186a00800946af.shtml

Regards,

Mustafa

0 Helpful

vincentm
Level 1
Level 1
In response to mhussein

‎03-24-2005 06:59 PM

mhussein,

I have UDP of IPSEC NAT/PAP enabled on the client on both machines. I also tried to set one of the pc's to use IPSEC over TCP, and specify a seperate port but that did not work either.

0 Helpful

mhussein
Level 4
Level 4
In response to vincentm

‎03-24-2005 08:04 PM

Since you have NAT-T enabled, is there a way to disable IPSec pass-through altogether on the D-Link router?

A while back, before 3002 NEM support, we were researching a similar scenario. We were looking at using a cheap Linksys BEFSR41 with updated firmware, the idea was to try the "Linksys mulitple IPsec VPN pass-through" feature first, and if it doesn't work, then disable ipsec pass-through and use NAT-T on the concentrator without the Linksys manipulating the IPSec traffic. Unfortunately we didn't follow through.

Regards,

Mustafa

0 Helpful

vincentm
Level 1
Level 1
In response to mhussein

‎03-25-2005 08:15 PM

On Monday, they will be trying out a Linksys that they have onsite. I will see how it goes. If that does not work, I am going to suggest that they move to the 3002 Hardware Client VPN box.

0 Helpful

bminahan
Level 1
Level 1

‎07-06-2005 11:46 AM

I am having the same / similar issue with a Linksys WRT54G.

One client (XP sp2) will connect just fine (Using the Cisco VPN Client 4.3.06.0021) but when the other system tries to connect, the first PC gets "Reason 427" and disconnects.

I have tried to disable/enable IPSec Passthrough - no luck.

When I spoke to Linksys, they stated the device will only support one. But, it will work some of the time (maybe 40% of the time when the users connect simultaneously).. The Router is set for DHCP on the WAN port with a NAT IP of 192.168.1.159, I set the LAN port IP's for DHCP starting at 192.168.2.100 (192.168.2.1 as the router IP).

I have even tried to do one PC wireless and one wired. No Change.

I was advised about the Cisco 871W Router, but I can not find proof it will work for multiple sessions.

0 Helpful
Customers Also Viewed These Support Documents