2 VPN client users connecting from home to company PIX only 1 can connect

Unanswered Question
Mar 21st, 2007
User Badges:

I have a husband wife combo that is trying to connect to our office 515PIX using VPN client 4.8 and only 1 can be connected at a time. 1 user is connected and when the other one connects the other user gets disconnected. Is the problem their home d-link router or a setting on the pix that will only allow 1 NAT'ed address? I have also tried a Zyxel router and the same thing happens. Any suggestions?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
ggilbert Wed, 03/21/2007 - 09:34
User Badges:
  • Cisco Employee,

On the PIX firewall do you have NAT-T enabled.


The command would be


isakmp nat-traversal [natkeepalive]


Eg:

isakmp nat-traversal 20


If it is not enabled, try to enable that and see if it fixes the problem.

Make sure they have IPSEc over UDP option enabled on the VPN client in the Transparent tunneling tab.


Let me know, if that helps.


Cheers

Gilbert

dhargrave Wed, 03/21/2007 - 11:05
User Badges:

Thanks, that worked! What difference does changing the number from 20 to 10-3600 do?

ggilbert Wed, 03/21/2007 - 11:33
User Badges:
  • Cisco Employee,

Glad to know that it worked.


Its a keepalive interval. Every so many seconds - a keepalive is sent.


Rate this post if it helped.


Thanks

Gilbert

Actions

This Discussion