Mobile IPSEC - Multiple mobile clients with the same public ip
-
Hello,
We can't connect in IPSEC Mobile two devices that have the same public IP address.
Each device can connect but not at the same time.Is there an option to activate for this to work?
-
@yazur In case of IPsec+L2TP there is some issues with a client OS,
see https://redmine.pfsense.org/issues/6321
and https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-l2tp-ipsec-server-behind-nat-t-device -
Thank you for your answer, but I don't think it's relevant to the question.
In our case each device works when the other is not connected.
The problem is that pfsense does not accept to initiate an IPSEC link to a public IP address that is already used by another user.Let's imagine, we are in a telecommuting situation, a person wants to connect with two computers in IPSEC Mobile.
The first one can connect without any problem, but the second one cannot connect because a connection already exists with the same public IP.I saw that there was a "Gateway Duplicates" parameter on the netgate doc but I can't find it on pfsense.
https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html
-
UP
-
Hello,
The problem is still there, does anyone have an idea how to fix it?
I summarize:
We have a Pfsense with a public WAN address and VPN IPSEC Mobile configured.
Two Windows 10 clients on the same network with the same public IP out. The first one can connect without problem. The second one receives an error message because the first one has already initiated a connection with the same public IP.
How to allow two clients with the same public IP to connect to the Pfsense IPSEC VPN?
-
I noticed that both Windows clients under the same public IP are trying to initiate the VPN connection with the same NAT-T port.
The Windows client that is the second to connect should not use the same port.
-
up
