Make sure that your IPSec VPN server/concentrator supports NAT-T.
This should sidestep issues of ESP directly over IP don't play well
with NAT since it has the option of supporting ESP encapsulation over
UDP.
Also, depending on which VPN server you're using, you may have to
apply a registry update from Microsoft to get NAT-T working properly
on XP SP2:
http://support.microsoft.com/default.aspx?kbid=885407
--Mike
On Jan 7, 2008, at 3:16 PM, Lee H Badman wrote:
Not your typical WLAN question…
We use L2TP/IPSec VPN for remote access into campus for home users,
travelers, vendors, etc. Other than secure remote access, we also
like to tout this as a way to secure home wireless network sessions
for those who don’t otherwise turn on their security options. Here’s
the problem: we have a growing number of cases where multiple
(usually 2, like spouses or roommates) users attempt to VPN through
the consumer class SOHO routers (wired and/or wireless). When more
than one session is attempted, either the first is the only one that
works, or the first gets bumped.
We have done some research on units that promise multiple session
pass-through (like DLink’s WGT624, for example) but are not having
luck. So- wondering if others have the same problem with remote
users and multiple VPN sessions through the SOHO boxes, and if you
have found a model or two that are friendly to multiple sessions
(without fixing IP addresses and doing port forwarding/triggering).
Thanks much-
Lee
Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/
.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
