Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Two VPN clients on one machine?

Posted on 2006-04-03
16
Medium Priority
?
540 Views
Last Modified: 2008-02-01
I read somewhere that two VPN clients could not be installed on a single machine. We have clients using the SonicWall GVC and they need to connect to a site using the Cisco VPN client. Is there such thing as a universal vpn client?
0
Comment
Question by:mrlucio79
  • 5
  • 3
  • 2
  • +2
13 Comments
 
LVL 4

Expert Comment

by:chawcheskew
ID: 16364395
Windows has a built in VPN client, however it works with some VPNs and not others, I believe that cisco requires their vpn client and will not use another.

I have never heard of only being able to install only 1 vpn client.  However base on the security model of vpn, it is likely that you cannot be CONNECTED to both vpn's simultaniously.  Often times when you use a vpn client, it locks the connection so that all communicaion occurs across the vpn connection.

Have you tried installing both clients?
0
 
LVL 4

Expert Comment

by:chawcheskew
ID: 16364417
Also, are they PPTP vpns or IPSEC.  I assume both are IPSEC, you might check both to see if they are compatible with Windows standard implimentation of IPSEC.  Some VPNs require the client software to check AntiVirus signature stats, AntiSpyware stats and a plethora of other security concerns and might not be compatible with the Windows implimentation.

regards,
c
0
 

Author Comment

by:mrlucio79
ID: 16364602
I have not tried installing both clients. Didn't want to take risk and cause some kind of BSOD. Yes both clients are IPSEC. Contacted SonicWall support and they recommend to turn off the sonicwall service before kicking off the other vendor client. This would be too cumbersome for the end user. ANy other thoughts?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 4

Accepted Solution

by:
chawcheskew earned 300 total points
ID: 16364696
would it be possible to create a vpn between the two firewalls, and setup routing, so when the client connects to either of the vpns they have access to both networks?

I don't know what kind of budget you have for this, but maybe you could get a small firewall that has a vpn client on it, and use that when connecting to one vpn, and the software to connect to the other vpn...

Aside from that, possibly you could setup a couple of scripts that the end user could just double click, one for each vpn.  You could have those scripts start and stop the necessary services on the machine.

Aside from those options, I don't know and cleaner ways to provide the necessary service.

Possibly Remote Desktop or citrix could be used at one of the sites to eliminate the end user's need to use both vpns?
0
 
LVL 12

Expert Comment

by:Freya28
ID: 16365131
for cisco you dont need their client, but the device terminating the tunnel has to be configured to let PPTP clients.  Not Recommended to do.  One question, do these machines need to have both vpn clients connected simultaneously?
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16366603
I have successfully set up Cisco Client and WatchGuard's Safenet Client on the same machine with no problem. I believe SonicWall also uses the SafeNet client. However, as suggested earlier you can only run one or the other clients at a given time. On the other hand some clients such as the Linksys cannot be installed on the same machine as the SafeNet. I don't think you would get a  BSOD, but you may have to uninstall the clients and re-install if you had an issue.

Even if you can configure with the same client, there are security, routing, and multiple users of IPSec service that limit the use of two simultaneous connection.

When this is necessary it is usually best to set up your VPN using hardware, VPN routers. The routers can establish and maintain tunnels to multiple locations and for multiple users.
0
 
LVL 4

Expert Comment

by:chawcheskew
ID: 16366814
If you wanted to test and the machine is XP you   could always use the system restore feature.

0
 
LVL 5

Expert Comment

by:Dawilliams
ID: 16393066
Installing more than one vpn client is sort of hit and miss, some will sit together on a single machine just fine others prefer to be installed in a specific order the only way to tell if both clients will work is to install them both on a test machine and connect one at a time to test functionality.After that you could test running both at the same time and yes you can have multiple clients running at the same time but it would depend on the setups at the endpoint of the tunnels and if the clients will work together.I have had issues where cisco and the sonicwall client could not be installed on the same pc and others where they worked just fine.
0
 

Author Comment

by:mrlucio79
ID: 16403240
so sorry for the late repy. The client does not need to connect to the two different sites at the same time. But typically the user will not disconnect one connection before connecting with the other. I will go ahead and try to install both clients on one machine and see what happens. I would like to stick with IPSEC instead of using PPTP. I would rather not RDP or Citrix into my site, Or is there a safer method  of using these technologies.
0
 
LVL 5

Expert Comment

by:Dawilliams
ID: 16404227
I agree I would test them both first to get a better idea, another option is what Robwill stated if you could set up dedicated site to site tunnels and eliminate the clients all together.
0
 
LVL 78

Assisted Solution

by:Rob Williams
Rob Williams earned 300 total points
ID: 16404405
I think you will be OK with those 2 Clients. Cisco plays quite well with the others, however you will have to disconnect the one before the other will work , one will not force the other disconnect, at least not properly. I think the problem exists with some client that maintain 'hooks' to the IPSec service even when disconnected.
0
 
LVL 78

Expert Comment

by:Rob Williams
ID: 16571082
mrlucio79, how did you make out when you installed the 2 clients?
--Rob
0
 
LVL 4

Expert Comment

by:chawcheskew
ID: 16742841
As with any question there are multiple solutions available to meet the need...  The initial quesiton asked about the use of the multiple vpn clients.  When the fact was discussed about the not being able to use multiple clients simultaniously, he asked for another solution.  I was the first to make suggestions about running both clients, and also the first to suggest using hardware between sites to eliminate the need for multiple connections.  Robwill then went into further detail about using the hardware and gave further suggestions.  My suggestion for closing the question would be to accept My two answers to the Authors questions for 2/3rds pts, and give RobWill an assist for his further enlightening suggestions about the hardware solutions for the vpn and 1/3rd pts.

regards,
c
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Make the most of your online learning experience.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question