03-21-2003 03:49 PM - edited 02-21-2020 12:25 PM
With UDP encapsulation, is it possible to have multiple VPN clients behind a router that PATs to a single public IP address. IE: A DSL site with a Linksys router, can I have multiple client on the LAN side concurrently connect to the VPN Concentor. I know this is not possible without UDP encapsulation and I think it is not possible with UDP encapsulation but wanted confirmation one way or the other.
Thanks
Solved! Go to Solution.
03-21-2003 08:49 PM
Hi,
your understanding is right, its not possible either ways in this scenario.
reason why, bcoz when you use IPSec/UDP, your IKE traffic is still sent using UDP500, and PAT device can't use same port for more than one machine, thas why you would see 2nd client disconnecting the first person, when you try/launch 2nd session from behind the same device.
solution is ipsec/tcp, vpn3000 v3.5+ (client/concentrator) support it.
my .02
Thx
Afaq
03-21-2003 08:49 PM
Hi,
your understanding is right, its not possible either ways in this scenario.
reason why, bcoz when you use IPSec/UDP, your IKE traffic is still sent using UDP500, and PAT device can't use same port for more than one machine, thas why you would see 2nd client disconnecting the first person, when you try/launch 2nd session from behind the same device.
solution is ipsec/tcp, vpn3000 v3.5+ (client/concentrator) support it.
my .02
Thx
Afaq
03-22-2003 03:36 PM
thank you
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: