VPN Error 721

Diakatarnis

Diakatarnis

Diakatarnis

Associate
Joined
30 Jul 2003
Posts
442
Hi Guys, quick confirmation really i think i know what the problem is.

I have a client whos in spain with an employee, they are both trying to connect to the same 2003 Standard Server using the same vpn address through the same router.

Am i correct that if 1 laptop dials out and connects to the vpn, then another one tried from the same location through the same router, as they are coming from the same address the server does not like it and doesnt allow them to connect?

after checking the servers lots of times, I just remembered this small thing and im pretty sure im right .... well i hope i am otherwise im a bit stumped :S

Many thanks
 
Correct - an IPSEC site to site VPN or multiple public IPs would be the answer here

I've come across this a few times
 
Yea, its the only thing that makes sense.

The employee never had a laptop when she went to spain before, now im getting emails saying the vpn isnt working, yet when i test it here, it works straight away....

now the company they are connecting to, does have 2 routers one 2 different addresses, and 2 servers (which are linked)

now if user 1 connects to server 1 through router 1 and user 2 connects to server 2 through router 2, still both connecting from the same site using the same router local to them.

Will this solve the problem?

I'm pretty sure its a netgear home route their using in spain, so it may well be that the router cant handle multiple vpn passthrough as well.

Thoughts?

oh and its pptp
 
I dont know about that situation - it may or may not work. My understanding was that the PPTP server couldnt differentiate between traffic destined for multiple tunnels on the same IP so it couldnt establish them. 2 users behind the same public IP should be able to connect to different PPTP servers, but there may be a good reason why it wont work.

A lot of Netgear routers (like the DG834 range) support IPSEC tunnels, you'd either need an ISA server or another firewall that supports them at the other end, but is definitely the way to go for multiple users - more secure too.

Never tried it Netgear to ISA but I've done Netgear - Netgear, Netgear - Watchguard, Netgear - Cisco and Netgear - Fortigate.
 
You can have multiple PPTP sessions to the same IP, I've done it from home multiple times. From what i remember its an issue with the routers not supporting mutli pptp passthrough sessions. Some do, some dont. May be best to check the manufacturers site to see if they have any f/w updates that solve it?
 
Just buy 2 Netgear DGFV338 (great router, cable and ADSL, plus 8 port switch built in) and put one at each end with an IPSEC VPN to connect the sites.
 
i always thought that Drayteks looked good on the box but then the software only ever delivered half of the features that it offered. Have they sorted that out recently then?
 
Andyt_uk said:
i always thought that Drayteks looked good on the box but then the software only ever delivered half of the features that it offered. Have they sorted that out recently then?
Click to expand...

Have to say I've never had that problem, even on the older 2600 units. Admitedly, the web interface on the older ones is pretty poor but its all in there.
 
iaind said:
Have to say I've never had that problem, even on the older 2600 units. Admitedly, the web interface on the older ones is pretty poor but its all in there.
Click to expand...

Must say i do like the drayteks even my home network is using one, the interface is a bit clunky, but generally they perform excellent, and have all the features small businesses could ever need.
 
You must log in or register to reply here.
Back
Top Bottom