10-05-2001 11:46 AM - edited 02-21-2020 11:26 AM
I'm trying to establish multiple VPN connections to the same vpn server. One PC is using Cisco's 4.26 client, the other is using 4.27. We're using a cable modem with a gateway router. We're able to establish one connection, but when the second connection is attempted the first connection hangs. When the first connection is re-established the second connection hangs. I've contacted the vendor for the router and they have been no help. HELP!!!
10-11-2001 07:02 AM
Ciscos client versions 4.26 and 4.27? Im not familiar with those, are they Betas?
10-16-2001 04:17 PM
Have you had any luck figuring this out yet? I had the same problem with a DSL modem and a Linksys router, and a Cisco wireless basestation. My two wireless laptops would kick eachother off as you described. The problem disappeared once I enabled NAT on both the Linksys and the basestation.
Does anyone have another solution?
10-17-2001 03:00 PM
Do you have a seperate VPN tunnel programmed on the gateway router for each client PC? Sounds like you are coming in with the same IP address on both client PCs.
http://www.cisco.com/univercd/cc/td/doc/product/core/7100/swcg/6342gre.htm#28216
10-17-2001 03:22 PM
I'm assuming you mean the Cisco 3.X clients. The release notes (or it was a bug traq) for this Client states that some cheap cable/DSL routers will not handle mulitple VPN connections. I've seen the same thing with both D-Link and Linksys devices. Only thing I know is to use a low end router, which is going to run ~$500.
10-18-2001 12:05 AM
The bug id is: CSCdt96500
Reported on version 3.0.
Problem:
"Multiple simultaneous connections from users behind a PAT (Port Address
Translation) device can work, but only if the PAT device uses a unique
source port for each simultaneous user. (IKE and IPSec/UDP port for IPSec/UDP)
Some PAT devices use UDP source = 500 for all IKE sessions even if there
are multiple simultaneous. This will only allow 1 simultaneous session to work,
the second connection brought up from behind this PAT device will cause the
first session to be torn down.
This is unrelated to whether or not a PAT device supports "ESP" PAT or if you
are using the IPSec/UDP (NAT) functionality.
Workaround:
Use a PAT device that maps each additional simultaneous session to use unique
UDP source ports
Connect to different destination Concentrators from behind the PAT device
for additional users."
All sesssion use udp 500 as source. The vpn server will not be able distinguish.
Your DSL or whatever must support assigning different ports. Most don't.
The problem has the status Assigned, which could indicate that Cisco is working on a solution.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide