Multiple IPSec Mobile Clients
-
Afternoon all,
I'm sure this question has been asked before but I'm obviously not searching for the right keywords on the forum, hoping someone can point me in the right direction.
Have thankfully been able to replace a customers Draytek with a Netgate appliance. Performance of their line is unbelievably better and it's solved so many issues with SIP and VPN connectivity for them.
That being said their is one issue with the L2TP/IPSec Mobile VPN setup - it currently only allows one connection per remote site. For example, there are often 2-3 staff dialing in from the same remote site and therefore from the same external IP. Each staff member is using a different username and password, but obviously the same PSK.
I am sure it is just a tickbox somewhere, but how do we allow multiple connections from one IP?
Thanks in advance
Ade
-
That wouldn't ever work with L2TP/IPsec as the IPsec portion of L2TP/IPsec requires transport mode which only works with unique remote addresses.
If you use a regular IKEv2 (e.g. EAP-MSCHAPv2) setup it should work fine.
Or if you have multiple users at the same remote site that need to connect, consider a site-to-site VPN instead of relying on mobile connections.