I have a strange issue where an ASA 5510 that is configured for IPSEC-over-udp RAS VPN is only allowing one (1) vpn client to pass traffic.
The other clients can connect successfully (obtain IP/DNS etc, auth using LDAP)but only the client that connected first is able to browse internal resources. The others show 0 packets decrypted when I check the statistics. I have confirmed that it is not an issue with the license as the default ipsec license allows up to 250 clients I believe. Has anyone had this problem in the past?
This is usually a problem with the translations that are occuring on the NAT/PAT device in front of these multiple machines:
Check that the translations look correct on that device first. There should be a translation for each VPN.
There were also a few bugs about multiple clients behind the same PAT, such as CSCse03299, but these had to do with IPSec over TCP connections.