VPN ISSUES 1

[Serenitynow109]

Hey Everyone,

First, thanks in advance.

Here's my issue. We have a BCM50 that utilizes a built in router for DSL service. We have a static IP address for the WAN connection. The VPN from this satellite office to our main office's network completes without a hitch. Our problem is when a second person attempts a VPN connection, the first user is immediately dropped. Does it sound like there is a security policy in place blocking multiple VPN's from the same static????

 

[biv343]

Just want to make sure that I'm following you properly - there is a branch to branch VPN between the BCM 50 and the main office that works fine. I'm guessing that the issue is that a user at the BCM 50 site is trying to VPN out to another site? If that's the case, then the issue is due to the router not supporting NAT traversal (meaning only one device can use UDP port 500 at any given time). The router in the BCM 50 is essentially the same as a Contivity 221, which had the same issue. The router in the BCM 200/400 (when used as a VPN endpoint) has the same issue.

There may be some workarounds you can do, depending on what the device is that you are terminating the tunnels to. In a Contivity, you could have the branch office connections use UDP 500, and the client/user connections do NAT traversal to port 10000/10001 or something like that.

 

[Serenitynow109]

Biv343,

Thanks. Actually someone else mentioned NAT being an issue..

Actually both parties are VPN-ing back to the same location, but that doesn't seem to make a difference from what you are saying.