Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
682
Views
0
Helpful
2
Replies

Multiple VPN Client sessions from behind a Cisco router

rajesh444
Level 1
Level 1

‎03-14-2005 12:30 PM

Hi,

Is anyone aware of the limit on number of

outbound VPN Client[Cisco or Nortel] sessions from

behind a Cisco 2800 series router[running IOS release 12.3T].

Thanks,

Rajesh

Labels:
0 Helpful
2 Replies 2

d-garnett
Level 3
Level 3

‎03-14-2005 03:02 PM

depends on the type of transport method used on the VPN Client; Pure IPSec, Transparent Tunneling, or NAT-T

**Transparent Tunneling, or NAT-T**

outbound VPN sessions should only be restricted by the NAT table limitations if UDP over IPSec (Transparent Tunneling or NAT-T) is used.

Your Cisco 2800 should just see the sessions as typical client/server sessions (UDP) as all the "VPN (IPSec)" packets will be encapsulated in UDP (per NAT-T or TT). All of the actual processing will take place on

A - the workstation with VPN Client

B - the headend VPN Gateway being accessed

Your limitations will be the NAT Table (memory consumption) on the Cisco 2800 (pass-through for outbound) and the amount of VPN Tunnels on whatever head-end VPN Gateway is being accessed (remote device-inbound).

**Pure IPSec**

If you are trying to source multiple pure IPSec tunnels from behind the router, then you may run into problems (mainly with NAT/PAT).

0 Helpful

rajesh444
Level 1
Level 1
In response to d-garnett

‎03-14-2005 03:28 PM

Yes, I am trying NAT-Transversal[UDP:10,000]. Is there a specific IOS version required for this function? In the past, a second VPN Client session from behind a 2600 router would terminate the first session.

Thanks,

Rajesh

0 Helpful
Customers Also Viewed These Support Documents