Remote access VPNs from remote location to ASA

Remote access VPNs from remote location to ASA

NewsGroups | Search | Tools
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Remote access VPNs from remote location to ASA ikkemij 06-30-2006
Posted by on June 30, 2006, 6:02 am
If you were  Registered and logged in, you could reply and use other advanced thread options
On a ASA 5520 we have configured several remote access IP-Sec VPN Group
policies en usernames.

On the group policies we have set the number of simultaneous logins to
5 and on the individual users to 1.

username Ikke-Mij password xxxxxxxx encrypted privilege 0
username Ikke-Mij attributes
vpn-group-policy Company
vpn-simultaneous-logins 1
vpn-tunnel-protocol IPSec
group-lock value Company

group-policy Company attributes
dns-server value 10.142.18.32
vpn-simultaneous-logins 5
vpn-filter none
vpn-tunnel-protocol IPSec
group-lock value Company
pfs enable
address-pools value Company


This works fine, until two users try to connect from behind the same IP
address. Tthe already connected user gets bumped. When he tries to
connect again, the other user gets bumped. There are more then enough
IP addresses in the Pool, so that shouldn't be the problem.

Is there a way to allow simultaneous logins from the same IP address?


Ikke


Posted by delgrun...@gmail.com on June 30, 2006, 5:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
This is probably the single biggest reason for SSL VPN over traditional
ipsec clients.

-mike

ikkemij@xs4all.nl wrote:
> On a ASA 5520 we have configured several remote access IP-Sec VPN Group
> policies en usernames.
>
> On the group policies we have set the number of simultaneous logins to
> 5 and on the individual users to 1.
>
> username Ikke-Mij password xxxxxxxx encrypted privilege 0
> username Ikke-Mij attributes
> vpn-group-policy Company
> vpn-simultaneous-logins 1
> vpn-tunnel-protocol IPSec
> group-lock value Company
>
> group-policy Company attributes
> dns-server value 10.142.18.32
> vpn-simultaneous-logins 5
> vpn-filter none
> vpn-tunnel-protocol IPSec
> group-lock value Company
> pfs enable
> address-pools value Company
>
>
> This works fine, until two users try to connect from behind the same IP
> address. Tthe already connected user gets bumped. When he tries to
> connect again, the other user gets bumped. There are more then enough
> IP addresses in the Pool, so that shouldn't be the problem.
>
> Is there a way to allow simultaneous logins from the same IP address?
>
>
> Ikke


Posted by Walter Roberson on July 1, 2006, 3:18 am
If you were  Registered and logged in, you could reply and use other advanced thread options
>On a ASA 5520 we have configured several remote access IP-Sec VPN Group
>policies en usernames.

>On the group policies we have set the number of simultaneous logins to
>5 and on the individual users to 1.

>This works fine, until two users try to connect from behind the same IP
>address. Tthe already connected user gets bumped. When he tries to
>connect again, the other user gets bumped. There are more then enough
>IP addresses in the Pool, so that shouldn't be the problem.

>Is there a way to allow simultaneous logins from the same IP address?

Is isakmp nat-traversal enabled?

Similar ThreadsPosted
3 remote location. March 15, 2007, 10:21 pm
Cisco 506e - remote-access vpn, split tunnel, client has no internet access. November 28, 2006, 11:12 am
Cannot access remote VPN via PIX April 7, 2005, 10:39 am
Remote Access August 9, 2006, 2:51 pm
Remote Access VPN October 27, 2006, 6:47 pm
Remote access vpn February 29, 2008, 11:44 am
bandwidth for remote access December 29, 2004, 8:37 pm
Remote access routing ? June 30, 2005, 2:34 pm
Mixed Pix-to-Pix and Remote Access August 16, 2005, 10:20 am
Open up ssh for remote access on PIX 501 January 8, 2006, 4:55 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map