[ale] OT:VPN experts...

James P. Kinney III jkinney at localnetsolutions.com
Wed Jun 18 10:17:25 EDT 2003


Actually, this connection should be pretty well supported. The router is
keeping track of the NAT behind it and since all the other end sees is
lots of VPN traffic coming in, it's no problem. The VPN port is attached
to a single socket at each end. 

When I have had to set up VPN's to multiple locations, it has always
involved multiple device (of some form) to make it happen. Each VPN
connection requires a unique set of endpoints. If there is a common
endpoint (i.e. your router) AND the VPN 's are both using the same port
address, it just won't work without some fancy IP:PORT redirection.
Linux box and some really slick iptables can do it. Mass market dumb
outer can't.

See! Another reason to always use an old PII box for a router  ;)

On Wed, 2003-06-18 at 09:54, Matt Smith wrote:
> Well, this is probably a total fluke, but we used a DLink DI-614+ at a trade
> show recently and several of the laptops were able to VPN in back to the
> office simultaneously.  Now, this is several tunnels back to the same
> firewall, so kind of a unique situation, but it did work.  There were a few
> problems if multiple people tried to connect the tunnels at the same time.
> As long as they did it staggered, it worked.
> 
> There was no explanation, of course - I was just pleasantly surprised.
> 
> 
> --Matt
> 
> 
> -----Original Message-----
> From: Geoffrey [mailto:esoteric at 3times25.net]
> Sent: Wednesday, June 18, 2003 8:44 AM
> To: ale at ale.org
> Subject: Re: [ale] OT:VPN experts...
> 
> 
> Zyman, Andy wrote:
> > not an expert on VPN at all. But I'm a "proud owner of " wireless SMC
> > Barracuda, plus I have to use VP ( Nortel ) pretty often. So before i
> bought
> > this router i did a little bit of reading - from what i understand u can
> not
> > ( please correct) have multiple vpn connections via one router of this
> > class. I think i read this either on specs or on forums.
> 
> Back when I was connecting to a nortel vpn when I was with AT&T, this 
> was the case.  Again, I believe it was because the connections must be 
> made from different ips.  If you're trying to connect from two machines 
> that are natted through the same firewall, you'll both appear to be 
> coming from the same ip, causing confusion on the part of the vpn server.
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics) <jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 

 This is a digitally signed message part




More information about the Ale mailing list