Community discussions

 
pablo77
just joined
Topic Author
Posts: 7
Joined: Tue Oct 11, 2016 6:20 pm

L2TP/IPsec multiple client connections problem

Thu Nov 02, 2017 12:13 pm

Hi,
we have some problems with vpn l2tp/ipsec: when more clients connect vpn from same network to the same remote network, 1 client at time can work. The other cannot reach the remote network. One client at a time can work for a while, then another client starts to work for a while, then another and so on.
1) It's a configuration problem?
2) Or it's a problem with the structure of the protocol (so we can not do anything ...)?
3) Or a problem with RouterOS? In this case do you think it can be resolved shortly in the next releases?

Thank you.
Paolo.
 
pablo77
just joined
Topic Author
Posts: 7
Joined: Tue Oct 11, 2016 6:20 pm

Re: L2TP/IPsec multiple client connections problem

Thu Nov 02, 2017 8:09 pm

only with l2tp client of windows.
With smartphone it's ok
 
pe1chl
Forum Guru
Forum Guru
Posts: 5810
Joined: Mon Jun 08, 2015 12:09 pm

Re: L2TP/IPsec multiple client connections problem

Thu Nov 02, 2017 8:36 pm

It is a limitation of the protocol. You cannot have multiple L2TP/IPsec connections from the same source address, which includes "from systems behind the same NAT".
It can be solved by using IKEv2 but that is a relatively new technology that is more complicated to setup.
You can also solve it by putting a router on the remote network that does the VPN (one time) and routes for all users at that network.
 
pablo77
just joined
Topic Author
Posts: 7
Joined: Tue Oct 11, 2016 6:20 pm

Re: L2TP/IPsec multiple client connections problem

Mon Nov 06, 2017 5:12 pm

I would not like to add other network devices.
What is another good solution to have vpn remote access?
I try to config openvpn but I think it's not easy to teach to the customers....

I can not believe there is such a great flaw in equipment that really does so many things...
 
pe1chl
Forum Guru
Forum Guru
Posts: 5810
Joined: Mon Jun 08, 2015 12:09 pm

Re: L2TP/IPsec multiple client connections problem

Mon Nov 06, 2017 5:58 pm

The flaw is not in the equipment, Pablo.
The flaw is on the protocols, or more correct: the flaw is in the concept of NAT that makes more than one client have the same external IP address, which those protocols were not designed for.
 
User avatar
pothi
just joined
Posts: 9
Joined: Fri Sep 14, 2018 7:48 pm
Location: Srivilliputhur, Tamil Nadu, India
Contact:

Re: L2TP/IPsec multiple client connections problem

Sun Feb 10, 2019 1:49 pm

Thanks pe1chl for clarifying. I wish there is a way to like a reply when someone provides a solution or the correct answer.

Anyway, I've been banging my head with what's going on when I connect more than one client to a VPN server based on l2tp / ipsec. I didn't know it was due to protocol. Time to learn newer technologies.
Love breaking things and start over!
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1392
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: L2TP/IPsec multiple client connections problem

Sun Feb 10, 2019 2:21 pm

Thanks pe1chl for clarifying. I wish there is a way to like a reply when someone provides a solution or the correct answer.
..

There is, click the "Accept this answer" (green tick) on post that provided solution
MTCNA, MTCTCE, MTCRE & MTCINE
 
pe1chl
Forum Guru
Forum Guru
Posts: 5810
Joined: Mon Jun 08, 2015 12:09 pm

Re: L2TP/IPsec multiple client connections problem

Sun Feb 10, 2019 3:18 pm

Actually, forum user sindy found a way to work around this problem.
It is complicated but it can be made to work.

See here: viewtopic.php?f=2&t=132823

Who is online

Users browsing this forum: Google [Bot] and 88 guests