Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to allow multiple users in a hotel, using Cisco VPN client software, to connect to the company Cisco VPN Concentrator

Posted on 2010-09-21
6
Medium Priority
?
585 Views
Last Modified: 2012-05-10
I have 10 users at a hotel all using a cisco vpn software client to connnect to the corporate vpn concentrator. The problem is that the concentrator will only allow 1 connection from the same source IP so that means only 1 of the 10 can connect to the corporate network at any given time. How can I set this up so that they can all connect at the same time
0
Comment
Question by:jffisher
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 33727098
If you enable nat-traversal, it may fix that problem.
It also may be a limitation of the router at the hotel that it can only support only 1 VPN connection to any one endpoint
0
 
LVL 17

Accepted Solution

by:
Kvistofta earned 1000 total points
ID: 33727766
If you with "concentrator" mean Cisco 3000-series VPN-concentrator I would suggest you to upgrade to a Cisco ASA-box because the VPN3000 is end of life and end of support. With an ASA you can use SSL-VPN with Cisco Anyconnect client were you wont have problems like these, which exists because of limitations within ipsec in conjunction with nat.

/Kvistofta
0
 

Author Comment

by:jffisher
ID: 33727847
Thanks Guys, I will consider the ASA.
LRmoore's solution seams to be dependent on the Hotel network admin which as we know in most cases is not very supportive.
Any other suggestions, ??
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 1000 total points
ID: 33727964
Allow NAT-Traversal over TCP as well as over UDP on the concentrator.
It may still be a limitation of the hardware at the hotel.
Agree that SSL based solution such as with the ASA will fix the problem permanently.
0
 
LVL 5

Expert Comment

by:Markus Braun
ID: 33749821
I dont think the hotel network has anything to do with that. If the concentrator only allows 1 IP per VPN Client then that is it. There is not anything you can do on the hotel side.

Technically, if you would have alot of public IP's at the hotel available you could nat each client to a different outside address, but it is unlikely the hotel has that and it would mean alot of configuration on the hotels router.

For the ASA its the same (instead of the concentrator) if you set it up to only allow 1 IP per client (although i am not sure if the ASA can do that) the result is the same. Effectively its the endpoint that needs to allow more than 1 IP.
0
 

Author Closing Comment

by:jffisher
ID: 33844720
Both good answers.
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question