Hello, I have a query, in my work we use l2tp / ipsec for VPNs, the problem that is presenting itself to me is when 2 users want to enter the VPN and they are on the same internet connection.
For example, if 2 or more operators go to a cybercafe, my l2tp / ipsec server only allows one to validate, the others are rejected.
I have a profile configured for users where I give my local IP and I give the users an IP from a pool. Then each user is assigned his password (secret) and would dial from wherever he is, up to here everything works perfectly; the big problem is if 2 or more want to access the VPN from the same internet provider, what can I do?
I tell you that this did not happen to me before, after these last updates it no longer allows me to do what I need. I currently have version 6.47.4 installed on my computers, I thank you for what you can recommend me
That’s a limitation of L2TP/IPSec as the VPN Server cannot tell which client to serve if both clients has the same source IP.
The recommendation is to go with IKEv2 using Digital Certificates in which client gets its own client certificate and with that the server will use the certificate to identify the source client
Sent from my iPhone using Tapatalk
Thanks for your help, I am surprised because before it was possible, at least I already know what to do …
Consider that many ISPs are now stretching IPv4 addresses using CGNAT so this issue will become a more recurrent one. I am looking OVPN and WireGuard that uses SSL once the new ROS v7 becomes a Stable Release as an alternative to IKEv2