Solved

Multiple Cisco VPN clients thru Cable router

Posted on 2004-08-12
8
924 Views
Last Modified: 2008-03-17
I am trying to allow three people to access a Cisco PIX firewall via Cisco VPN client 4.02. They are connected to the internet via Charter Cable High Speed Internet and a Motorolla modem with a Dlink DI604 router. One person at a time can connect fine. Once the second user tries to connect the currently logged in user will be bumped off with a 433 error. I am trying to figure out if this is a limitation of the client or either of the routers or the ISP???? Any info would be greatly helpful. Thanks.
No one has been able to assist me with this problem and Cisco wants $420.00 to maybe or maybe not solve the problem.
0
Comment
Question by:obtech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 11785923
Hi obtech,
It is a limitation of the D-Link router. Most routers only support a single IPSEC passthru connection. Some of the newer D-Link VPN router support multiple sessions.
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11786259
You cannot do this, I had the same problem with a Watchguard SOHO firewall, you can only connect one client at a time. The way to fix this would be to buy a second vpn router on your side, and make a permanent tunnel between the 2 locations. After this, you would be able to have unlimited connection from 1 site to another.
0
 

Author Comment

by:obtech
ID: 11792581
Ok, I am getting conflicting reports from the two feedback recieved. Do you think I can use a different router to allow this??? I have tried a different VPN router (DI804HV). Still had same problem. The problem is that I am connecting to another companies router who does not want this company to create a tunnel. Would rather have them use the client instead of connecting all users on that comapnies network. Any insight???? Thanks for the comments.

0
How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

 
LVL 36

Expert Comment

by:grblades
ID: 11792736
This D-Link product specifically states that it supports multiple VPN pasthru sessions
http://www.d-link.com/products/?pid=6

I don't understand what you mean by your last comment. The other comany wants you to setup lots of client to LAN VPN sessions instead of using LAN-LAN VPN?
0
 

Author Comment

by:obtech
ID: 11794655
grblades,

Yes as messed up as this sounds they would like to have only the three clients on the remote network that need access to their software. They do not want the other 7 in the office to see their network. I am going to give the DI624 a try and see. Will let you know on Monday. Again, thanks so much for your help...
0
 
LVL 3

Expert Comment

by:snoopy13
ID: 11814069
Hi,

I can assure you that this works fine, what you need to look at is the Pix does is support client vpn connection on port TCP 10000 (or any random TCP port) I think the latest version of software may support this. The main problem is usnig UDP behing a NAT service and you have one client connected, when you try to connect the second client the trafffic cannot determine where to go as it already has a connection going through and therefore the second client will not get the response back. I have installed this solution several times over the only difference is that the VPN at the head end is a concentrator which supports client connections on TCP as well as UDP.
0
 

Author Comment

by:obtech
ID: 11814285
Snoopy13,

Does this mean that I can have more than one a a time...need a total of three clients. Would guess I would setup the PIX to allow connections on TCP 10000, 10001, 10002??? Does this sound correct? Trying to understand your feedback.
Thanks
0
 
LVL 3

Expert Comment

by:snoopy13
ID: 11818891
No if the Pix will support clients connections on TCP all you will have to do is configure your client to use TCP 10000 instead of udp 500. I have to admit having looked on the Cisco web site and I cannot find any details of the Pix supporting this. I have been told by another engineer that the new software on the Pix would support this. If I find anymore detail I will post hem on here.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Static route question 6 62
Server 2012 L2TP VPN Windows client to server 10 58
VPN Server 5 75
Problem to VirtualBox Internet connection 1 47
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question