But see my more recent post - configure the firewall with the same identity for both VPN profiles (and change the client accordingly) and you should get round the problem
-- Graham > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Mike Burden > Sent: 17 September 2001 14:35 > To: GNAT Box Users Group (E-mail) > Cc: GNAT Box Support (E-mail) > Subject: RE: You can't take it with you... > > > --------------------- Attention ----------------------------- > A digest version of this list is now available. > Send email to [EMAIL PROTECTED], with the following message: > subscribe gb-users-digest your_email_address > Then unsubscribe from this list. > ------------------------------------------------------------- > GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi > Send postings to: [EMAIL PROTECTED] > Access the list archives at: http://www.gnatbox.com/gb-users/ > ------------------------------------------------------------- > Ah! > > What Graham said solved a mystery for me - I have a Customer > where each VPN client has two VPN connections defined, one > to each of two networks behind the same GNAT Box. > > The Customer is, of course, running into licensing problems > because each VPN client is taking two licenses rather than > one. > > The problem is that on the VPN Client there is no way to > specify that one VPN connection can be used for multiple > networks. On the GNAT Box end this can be handled by > using Address Objects. > > It looks like what we need is some way to specify multiple > networks in the VPN Client configuration. > > Mike Burden > Lynk Systems > http://www.lynk.com > (616)532-4985 > [EMAIL PROTECTED] > > > > > -----Original Message----- > > From: Graham Jones [mailto:[EMAIL PROTECTED]] > > Sent: Saturday, September 15, 2001 8:01 AM > > To: GNAT Box Users Group (E-mail) > > Cc: ADG > > Subject: RE: You can't take it with you... > > > > > > --------------------- Attention ----------------------------- > > A digest version of this list is now available. > > Send email to [EMAIL PROTECTED], with the following message: > > subscribe gb-users-digest your_email_address > > Then unsubscribe from this list. > > ------------------------------------------------------------- > > GNAT Box User Forum http://www.gnatbox.com/cgi-bin/Ultimate.cgi > > Send postings to: [EMAIL PROTECTED] > > Access the list archives at: http://www.gnatbox.com/gb-users/ > > ------------------------------------------------------------- > > > -----Original Message----- > > > From: Mike Burden [mailto:[EMAIL PROTECTED]] > > > Sent: 14 September 2001 23:42 > > > To: [EMAIL PROTECTED]; GNAT Box Users Group (E-mail) > > > Subject: RE: You can't take it with you... > > > > > > > > > > -----Original Message----- > > > > From: Graham Jones [mailto:[EMAIL PROTECTED]] > > > > Sent: Friday, September 14, 2001 9:47 AM > > > > To: GNAT Box Users Group (E-mail); ADG > > > > Cc: ADG > > > > Subject: RE: You can't take it with you... > > > > [...] > > > > "5. VPN - VPN client licensing is now enforced on the > > firewall. > > > > Previously licensing was enforced on the workstation. > > > > > > > > 6. VPN - Systems that support mobile VPN clients > > (GB-100, GB-1000, > > > > and GB-Flash) now support one mobile VPN client > > connection by > > > > default. Additional concurrent connections require > > > > the purchase > > > > of activation codes." > > > > > > > > I don't understand how 5 works, but I can see that 6 will be > > > > relevant for > > > > users wanting more than two or more concurrent VPN > > > > connections - and that > > > > each GB-1000 of a HA pair will require an activation code. > > > > Is this what > > > > Mike Burden meant? > > > > > > > > > That's exactly right. If you have an HA pair and need 10 concurrent > > > VPN users, then you actually have to purchase two 10 user > > VPN licenses, > > > one for each GB-1000. > > > > > > Mike Burden > > > Lynk Systems > > > http://www.lynk.com > > > (616)532-4985 > > > [EMAIL PROTECTED] > > > > It's even more restrictive. For our customer with version > > 3.1.3 the GB-1000 > > is configured with 4 VPN authorisation profiles all relating > > to the same VPN > > client. Each profile allows a connection to a separate > > internal network at > > the customer. The VPN client has 4 connections, one relating > > to each of the > > four networks at our customer. > > > > If we have just one VPN authorisation profile on the GB-1000 > > it is possible > > to connect to each of these networks - but not simultaneously > > - and changing > > from one to another means waiting for the secure connection > > to renegotiate. > > But with four profiles and v3.1.3 it was possible to have > > four simultaneous > > connections, one to each network. > > > > Now we have upgraded this customer to v3.2.1 it is clear that > > only one VPN > > authorisation profile can be active at a time; an attempt to > > access a second > > network fails. This despite the fact that the same VPN > > client is being used > > to attempt the connection to the second network. > > > > I cannot see that this is a reasonable restriction - because > > the VPN client > > is the same for each connection. It therefore appears that > > the licence is > > for the number of conncurrent VPN connections, not the number > > of concurrent > > VPN clients. > > > > Regards, > > � > > -- Graham Jones > > Linnet Solutions Ltd. > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > 01953 717605 or > > 077 74 894200 > > � > > > > ---------------------------------------------- > > To Unsubscribe: send mail to [EMAIL PROTECTED] > > with "unsubscribe gb-users your_email_address > > in the body of the message > > > ---------------------------------------------- > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe gb-users your_email_address > in the body of the message >
