Simultaneous Cisco Client VPN Connections

Posted on 2004-08-05
Last Modified: 2013-11-16

I have an office using a pix 506 configured to accept Cisco VPN client connections.

I have another office with 5 users.  They are on a workgroup LAN and use DSL service for Internet access.

Is it possible for multiple users in the 5 person office to establish a simultaneous vpn connection to the pix using the Cisco vpn client?

So user 1 connects to the pix via Cisco vpn client, then user 2, and so on.

Or is a vpn concentrator required?
Question by:jimm123
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
LVL 36

Expert Comment

ID: 11730227
Hi jimm123,
Yes it is possible. It will however depend what equipment the other office is using the share the DSL between users. If you are using a normal home (netgear , linksys etc...) DSL router then many of these dont support more that one VPN connection at a time through them.

Author Comment

ID: 11730255
Not sure on the equipment.  Is there any particular router setting or service that would enable / disable multiple vpn connections?
LVL 36

Expert Comment

ID: 11730256
If the router at the other office cannot support multiple VPN sessions then you might want to replace it with a PIX 501. Even if the DSL is PPOE or dynamic IP address you can still have a site-to-site VPN by configuring the remote site to work as an easyvpn client
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

LVL 36

Accepted Solution

grblades earned 125 total points
ID: 11730280
If the router supports VPN sessions then there will typically be an option for 'IPSEC passthru' which you need to turn on. You will need to look at the manual to see if it supports multiple sessions. Alternativly just try it. If it does not support multiple sessions the 1st user will be kicked off the VPN when the second user connects.

Author Comment

ID: 11730345
grblades, thanks for the info.
I was hoping to avoid using a pix for a 5 person office (cost reasons)
When discussing this option with the DSL provider I should inquire if the provided router supports multiple VPN connections and/or IPSEC pasthru?
LVL 36

Expert Comment

ID: 11730782
It will have to support IPSEC passthru. It is a case if whether it supports a single passthru connection only or multiple ones.
I know that some of the D-Link support multiple passthru and Linksys normally only support one.
LVL 79

Expert Comment

ID: 11731487
Generally, the lower end broadband routers only support one VPN tunnel at a time with the Passthrough option.

You can get a Linksys VPN broadband router for ~$100 and setup a lan-lan VPn tunnel to the PIX and none of them have to use the VPN client.
LVL 36

Expert Comment

ID: 11737081
Personally I would not use one of these home products in a commercial enviroment. My first home router was a SMC Barricade 7004br and this would repeatedly crash if you had lots of connections going through it. My second is a Linksys BEFSX41 and the initial release of firmware would not connect to a ftp server if the last octet of the ip address was over 127. It took them a few revisions and over 6 months to get VPN working.
There is not much profit in most of these home routers so the companies don't spend a lot of time and money testing them and so if you get a newly released model be prepared for software bugs.

Featured Post

Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question