Multiple Cisco VPN clients thru Cable router

Posted on 2004-08-12
Last Modified: 2008-03-17
I am trying to allow three people to access a Cisco PIX firewall via Cisco VPN client 4.02. They are connected to the internet via Charter Cable High Speed Internet and a Motorolla modem with a Dlink DI604 router. One person at a time can connect fine. Once the second user tries to connect the currently logged in user will be bumped off with a 433 error. I am trying to figure out if this is a limitation of the client or either of the routers or the ISP???? Any info would be greatly helpful. Thanks.
No one has been able to assist me with this problem and Cisco wants $420.00 to maybe or maybe not solve the problem.
Question by:obtech
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
LVL 36

Accepted Solution

grblades earned 500 total points
ID: 11785923
Hi obtech,
It is a limitation of the D-Link router. Most routers only support a single IPSEC passthru connection. Some of the newer D-Link VPN router support multiple sessions.
LVL 15

Expert Comment

ID: 11786259
You cannot do this, I had the same problem with a Watchguard SOHO firewall, you can only connect one client at a time. The way to fix this would be to buy a second vpn router on your side, and make a permanent tunnel between the 2 locations. After this, you would be able to have unlimited connection from 1 site to another.

Author Comment

ID: 11792581
Ok, I am getting conflicting reports from the two feedback recieved. Do you think I can use a different router to allow this??? I have tried a different VPN router (DI804HV). Still had same problem. The problem is that I am connecting to another companies router who does not want this company to create a tunnel. Would rather have them use the client instead of connecting all users on that comapnies network. Any insight???? Thanks for the comments.

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

LVL 36

Expert Comment

ID: 11792736
This D-Link product specifically states that it supports multiple VPN pasthru sessions

I don't understand what you mean by your last comment. The other comany wants you to setup lots of client to LAN VPN sessions instead of using LAN-LAN VPN?

Author Comment

ID: 11794655

Yes as messed up as this sounds they would like to have only the three clients on the remote network that need access to their software. They do not want the other 7 in the office to see their network. I am going to give the DI624 a try and see. Will let you know on Monday. Again, thanks so much for your help...

Expert Comment

ID: 11814069

I can assure you that this works fine, what you need to look at is the Pix does is support client vpn connection on port TCP 10000 (or any random TCP port) I think the latest version of software may support this. The main problem is usnig UDP behing a NAT service and you have one client connected, when you try to connect the second client the trafffic cannot determine where to go as it already has a connection going through and therefore the second client will not get the response back. I have installed this solution several times over the only difference is that the VPN at the head end is a concentrator which supports client connections on TCP as well as UDP.

Author Comment

ID: 11814285

Does this mean that I can have more than one a a time...need a total of three clients. Would guess I would setup the PIX to allow connections on TCP 10000, 10001, 10002??? Does this sound correct? Trying to understand your feedback.

Expert Comment

ID: 11818891
No if the Pix will support clients connections on TCP all you will have to do is configure your client to use TCP 10000 instead of udp 500. I have to admit having looked on the Cisco web site and I cannot find any details of the Pix supporting this. I have been told by another engineer that the new software on the Pix would support this. If I find anymore detail I will post hem on here.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question