Multiple L2TP-IPsec clients behind same NAT.

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
Oooo1
Posts: 17
Joined: Sun Jun 08, 2014 9:59 pm

Multiple L2TP-IPsec clients behind same NAT.

Post by Oooo1 » Sat Jun 14, 2014 11:21 am

Do SoftEther support multiple L2TP/IPsec clients behind the same NAT configuration ?
That is some different clients with different Win OSes is behind one NAT with one external IP and is it possible multiple connections from such clients when only one IP - NAT external IP will be as IP of incoming connection.

dnobori
Posts: 228
Joined: Tue Mar 05, 2013 10:04 am

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by dnobori » Sun Jun 15, 2014 1:42 am

Unfortunately, that is impossible by the design of IPsec protocol.

When using IPsec, the server port is fixed to UDP 500/4500. This cannot be changed.

Therefore, the NAT cannot switch the client's requests to multiple appropriate VPN servers behind the NAT.

Oooo1
Posts: 17
Joined: Sun Jun 08, 2014 9:59 pm

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by Oooo1 » Sun Jun 15, 2014 1:01 pm

Limitation of L2TP or IPSec ?
Look at this: http://wiki.strongswan.org/issues/365

Oooo1
Posts: 17
Joined: Sun Jun 08, 2014 9:59 pm

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by Oooo1 » Sun Jun 15, 2014 2:29 pm

It sound strange, but I have been able to establish connections from 2 cleints: Win XP and Win 7 sited behind one external IP NAT.
And the cliens has been got different IPs fron specified in SecureNAT dhcp pool.

dnobori
Posts: 228
Joined: Tue Mar 05, 2013 10:04 am

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by dnobori » Tue Jun 17, 2014 10:37 am

I mean that you cannot setup and run two different L2TP/IPsec servers behind a single NAT.

Oooo1
Posts: 17
Joined: Sun Jun 08, 2014 9:59 pm

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by Oooo1 » Fri Jun 27, 2014 10:17 pm

Ohh, no.
I need to connect 2+ clients sited behind the same nat on some subnet but on the same subnet (for both or more clients) to 1 the same l2tp/ipsec server sited on other net behind its nat also.
But 2 clients will have the same external source IP - their nat IP.
Do SoftEther support such mode ?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Multiple L2TP-IPsec clients behind same NAT.

Post by thisjun » Thu Jul 24, 2014 7:18 am

What error is occurring in such environment?

Post Reply