Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Multiple VPN Connections to single Cisco PIX from a single IP address

Posted on 2004-11-02
Medium Priority
Last Modified: 2010-04-12
We are running a Cisco PIX 515 with VPN at my office.  I have upgraded the IOS to version 6.3(4), and updated the VPN Client to 4.0.5(c).  At my home, I am connected to the internet using high-speed cable modem, which is connected to a Linksys Wireless Router and Access Point.  The internet connection has a single public IP address, and the linksys serves as a dhcp server for my home computers.  When I connect to the VPN from my laptop and my desktop at the same time, I do receive 2 different IP addresses from the PIX for the units.  However, I can only stay connected for 10 - 20 minutes with multiple connections.  If I only have one computer connected to the VPN from home, I can stay on for as long  as the maximum set in the PIX (about 8 hours).  I have a NAT-traversal statement "isakmp nat-traversal 20" coded in the PIX, at the suggestion of a friend.  Prior to putting that statement in, I could not have multiple connections at all.  Will changing the 20 value help?  Is there a way that I can have more than one connection simultaneously?  This is needed with the directors of my company have meetings off-site, but need to connect via the convention centers broadband connection.
Question by:chrishornembg
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Expert Comment

ID: 12490270
you may want to use one computer as IPSec to connect to the PIX, and setup the second computer access the remote through the IPSec connection. for the more and other information, check the http://www.chicagotech.net.

Accepted Solution

martap earned 1000 total points
ID: 12513123

This is more a problem with your local router than your PIX. I've seen this hundreds of times, one user complains that it is not working the other says it works just fine. You might see that when the directors try to do this is it just works. I think it has something to do with how these low budget routers implement IPsec awareness into their firmware.

Author Comment

ID: 12514622
To martap - We are using a LinkSys BEFW11S4.  Do you have any suggestions regarding another device that may work better for this?  I need something fairly portable, so that we can take it to different places for this type of application.

Expert Comment

ID: 12515087

I know for a fact that this works with a PIX 501. Don't have very much experience with the low budget home routers.

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question