This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple RW IPSec clients from differt host?

I'm trying (without success) to estabilish multiple concurrent IPsec Roadwarrior client connection.
The clients uses SSH Sentinel, with NAT-T and Virtual-IP, each one different from others.
It seems that only one connection can be activated, otherwise any clients can't connect.
The diagnostics of Sentinel stops on Phase 1 test (sometimes without completing it).
Any opinions?
Thanks

This thread was automatically locked due to age.

Parents

0 JensM over 22 years ago

Hi,

is it possible that your clients are behind a NAT-Device (e.g. DSL-Router)? If this is the case only one Tunnel will work at a time for NAT is able to differentiate between various TCP/UDP sessions targetting the same service, but that does not work for ESP (the IP-Protocol used for IPSec tunneling). So setting up phase one works for this is running on port 500/UDP, but phase two needs ESP and then you have trouble.

Kind regards,

Jens
Cancel
Vote Up 0 Vote Down

Cancel
0 connect over 22 years ago in reply to JensM

My clients try to connect from different site, one client per site, so the problem couldn't be that you suppose.
I suspect a problem on astaro, has any one realized the same scenario ? Does it works?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 connect over 22 years ago in reply to JensM

My clients try to connect from different site, one client per site, so the problem couldn't be that you suppose.
I suspect a problem on astaro, has any one realized the same scenario ? Does it works?
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data