Hi, > From behind NAT only one client is able to connect at a time. If one remote > access vpn in up second vpn connection is failed connect.
The Windows L2TP/IPsec client uses transport mode to secure L2TP. A gateway can't distinguish two clients behind the same NAT without some tricks, as they both have the same external IP address. Given that Windows 7 supports IKEv2 and real IPsec, I highly recommend to consider switching to that superior protocol [1]. If that is not an option for you, you might have a look at the connmark plugin [2], which allows you to use Conntrack and Netfilter marks to bind connections to specific SAs. This is all not that trivial, though. Regards Martin [1]https://wiki.strongswan.org/projects/strongswan/wiki/Windows7 [2]https://wiki.strongswan.org/projects/strongswan/wiki/Connmark _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
