silsuba
asked on
Multiple VPN clients behind on public IP
I have a very general question I am looking to get input on. Not sure there is one solution to the problem, but am looking for input from the experts.
I have a remote site with two users. This site has a DSL connection to the internet. The site has a single static public IP and the carriers modem is handeling the firewall and NAT operations. Each of the computers has VPN client software that connects back to our central office.
The VPN clients drop connection consistantly.
This is the same VPN client setup I have used numerous times in different locations. The only difference here is that at the other sites there is normally one user behind a public IP. In this case there are now multiples.
My question is, would this cause a problem for the clients of a single public IP has requested mutliple VPN terminations? I am thinking once the connection makes it back to the remote site and passes the carriers routers NAT translation it may lose something when passing packets to the end host.
True? Not True? Am I TOTALLY off base and should go back and relearn networking basics?
Thanks for any input
I have a remote site with two users. This site has a DSL connection to the internet. The site has a single static public IP and the carriers modem is handeling the firewall and NAT operations. Each of the computers has VPN client software that connects back to our central office.
The VPN clients drop connection consistantly.
This is the same VPN client setup I have used numerous times in different locations. The only difference here is that at the other sites there is normally one user behind a public IP. In this case there are now multiples.
My question is, would this cause a problem for the clients of a single public IP has requested mutliple VPN terminations? I am thinking once the connection makes it back to the remote site and passes the carriers routers NAT translation it may lose something when passing packets to the end host.
True? Not True? Am I TOTALLY off base and should go back and relearn networking basics?
Thanks for any input
Irwin W.
What VPN client server solution are you using? Are the VPN client software or hardware based?
ASKER
The VPN end point at the central office is a Sonicwall Pro 330 appliance and the clients are using the Sonicwall VPN software.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, each client behind the router is assigned thier own private IP address.
Hmm.. so if this should be no problem then I have to look elsewhere as to why the VPN connection drops so often.
Hmm.. so if this should be no problem then I have to look elsewhere as to why the VPN connection drops so often.
Do you have enough licenses covering concurrent users?
Also, do a test(if you can) try and replicate the issue with one of your other sites. Setup two VPN clients and see if you get the same issue occurring.
Also, do a test(if you can) try and replicate the issue with one of your other sites. Setup two VPN clients and see if you get the same issue occurring.
ASKER
Yes, enough licenses.
I actually tried it from home last night. Configured two laptops with the VPN clients and connect one after the other. No dropped connections. Interesting.
I'm going to remoce the client software from the users computer and reinstall, just as a starting point.
I actually tried it from home last night. Configured two laptops with the VPN clients and connect one after the other. No dropped connections. Interesting.
I'm going to remoce the client software from the users computer and reinstall, just as a starting point.
Yeah that all sounds fishy..maybe it's the router too or just that site...
If you run seperate, but concurrent VPN sessions you should considering setting up a alternate (VPN) ports and fwdg that those to the other VPN client (PCs). Alternately, I believe you can terminate the VPN tunnel inside the Linksys and run it as "VPN server".
Not sure how your network is configured... is the DSL router running PPP (possible double nat) or is it bridged & the Sonicwall is running the PPP connection? P2E
Not sure how your network is configured... is the DSL router running PPP (possible double nat) or is it bridged & the Sonicwall is running the PPP connection? P2E
ASKER
P2E;
There is no Linksys device present. It is simply the DSL router provided by the ISP. The DSL router is running PPP.
There is no Linksys device present. It is simply the DSL router provided by the ISP. The DSL router is running PPP.
Hmmm, my bad - not sure where the Linksys popped in... I any case, are you able to have 2 separate VPN sessions running simultaneously? Are both vpn clients able to access the tunnel separately? What kind of DSL router are you using?
ASKER
Well.. time to close this question. I ended up going another route.
I deployed a Sonicwall TZ170 at the site to handle the VPN connection between there and the central office. Users are now happy as the connection appears transparent to them.
Thanks all for comments
I deployed a Sonicwall TZ170 at the site to handle the VPN connection between there and the central office. Users are now happy as the connection appears transparent to them.
Thanks all for comments