RE: [fw-wiz] (no subject)
From: Sloane, David (DSloane_at_vfa.com)
To: "DeMoss, Scott" <firstname.lastname@example.org>, <email@example.com> Date: Thu, 23 Oct 2003 18:28:58 -0400
Your router does Network Address Translation - NAT. It has one real,
routable, on-the-internet IP address. Your two computers, when
connecting to anything on the internet, appear to have that
one-real-routable IP address.
Your VPN server/firewall/device sees the first connection from Computer
A using IP address X - the one-real-routable IP address. The session is
set up and humming along.
When Computer B tries to set up a session, it also shows up as IP
address X. The VPN server, depending on that address to be unique,
drops the Computer A session and sets up a new one.
As far as I can tell, you need a different kind of solution.
Some possibilities, in order of increasing complexity:
1. Set up the VPN connection from the Netopia router (if it supports
such a function). Then your two machines can talk over the same tunnel
to your VPN server.
2. Take the Netopia router out of the picture, buy a second IP address
from your ISP, secure your two computers with host-based firewalls, and
away you go.
3. Deploy a second VPN device at the network to which you're connecting
(conceivably, you could just add an IP address to the VPN server, who
knows). Connect one client to each VPN device or address using your
current home network setup.
4. Deploy a different VPN technology which can accept multiple sessions
from the same remote IP address.
[mailto:firstname.lastname@example.org] On Behalf Of DeMoss,
Sent: October 23, 2003 4:54 PM
Subject: [fw-wiz] (no subject)
I happened apon your e-mail address while searching for an answer to a
VPN problem I am having... So, I am sending a question in hopes that
you are the Genie in the bottle that I have been looking for.
I run my VPN through a Cisco Client to my main office. It worked fine
going through enternet 300 and then through a Netopia Cayman 3546 ADSL
router. I put the router in place to access the VPN through two
computers. I get the internet with both computers but I get kicked off
the VPN at one computer when I try to log on at the other? But it
works fine while I am on. So, can I not log on from two locations,
even though I have internet from both locations? Or is there something
else I need to do? I was told that the router was the answer..... so
far it is not. I am on DSL, if it makes a difference. Any reply
would be great..... even "get lost" :)
But the cure would be great?
Scott A. De Moss
Doble Engineering Company - Midwest Lab
5335 West Minnesota Street
Indianapolis, Indiana 46241
firewall-wizards mailing list email@example.com
firewall-wizards mailing list