HHLiisborg
asked on
How to connect 2 VPN-Client (safeNet) from same subnet, to Office..
Hi there Gents...
Spend long time browsing through topics, but none of them seems to give any hints...
I have 1 Office with a Zywall 35. - Support up to 35 simultaneous IPSec connections.
Connections from different single locations works just fine.
Now.. from another office... I want to have 2 clients from the same subnet, connected via Safenet VPN-clients to the Zywall at the same time.
The problem is that, one client connects and works fine,
but when the other client connects, the first gets disconnected.
I know something about not having the same ip-range or subnet.
But here´s the deal.
Client 1= 192.168.1.10 /24
Client 2= 192.168.1.20 /24
They share one DSL-modem with dynamic IP to internet.
At the Office - from internet to lan.
DSLmodem->CiscoRouter(WAN: static public IP.. InsideLAN: 192.168.1.1) ->
Zywall(WAN:192.168.1.4.. LanInside:10.0.0.1)->
Lan nodes : 10.0.0.10 - 10.0.0.50
I know the best solution would be to install VPNbox ->VPNbox..
but that´s not an issue for the company.
Any help would be great.
Spend long time browsing through topics, but none of them seems to give any hints...
I have 1 Office with a Zywall 35. - Support up to 35 simultaneous IPSec connections.
Connections from different single locations works just fine.
Now.. from another office... I want to have 2 clients from the same subnet, connected via Safenet VPN-clients to the Zywall at the same time.
The problem is that, one client connects and works fine,
but when the other client connects, the first gets disconnected.
I know something about not having the same ip-range or subnet.
But here´s the deal.
Client 1= 192.168.1.10 /24
Client 2= 192.168.1.20 /24
They share one DSL-modem with dynamic IP to internet.
At the Office - from internet to lan.
DSLmodem->CiscoRouter(WAN:
Zywall(WAN:192.168.1.4.. LanInside:10.0.0.1)->
Lan nodes : 10.0.0.10 - 10.0.0.50
I know the best solution would be to install VPNbox ->VPNbox..
but that´s not an issue for the company.
Any help would be great.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>>"PS.. If I want VPN-client access as well on the MainOffice Zywall, I just have to create
one more Gateway / Netpolicy right?"
I am not familiar with the Zywall units but that is the way it would normally be done. 1 policy for software clients and 1 for each site-to-site hardware tunnel.
Glad to hear you were able to resolve.
Thanks,
--Rob
one more Gateway / Netpolicy right?"
I am not familiar with the Zywall units but that is the way it would normally be done. 1 policy for software clients and 1 for each site-to-site hardware tunnel.
Glad to hear you were able to resolve.
Thanks,
--Rob
ASKER
It might have been the ISP-router ( Efficient Speedstreem). It´s gone by now.
It´s also a VPN-enabled device, but I couldn´t get access, cause of missing passwords ect.
So I installed a new vpn-router. Site-to-Site.
What I also noticed, was at the Main-office 1, they had another nat-router !! between internet an firewall.
So i had to change IP-(content) from Main-office public IP, to include the WAN-IP of the Zywall and nat-traversal on both routers.
Main-Office
> Internet - Nat-roter - Zywall - LAN
Satelite Office
> Internet - Zywall - LAN
So.. thanks for the clue, we r up an running.
PS.. If I want VPN-client access as well on the MainOffice Zywall, I just have to create
one more Gateway / Netpolicy right?