Maybe someone can clear this up for me... Scenario: We have a temporary remote site with xDSL connection. We are using a DLINK DSL router to offer an internet connection to two staff with laptops. Each laptop needs to connect back to the business network using Cisco VPN IPSEC client and they both connect back in via a common 515e Pix on the edge of W.A.N. We have what appears to be a common issue, where only one IPSEC tunnel can operate through the Pix 515e at a time, so the first vpn connection is always kicked off by the second vpn connection. I have been looking for solutions and one would appear to be using a smarter DSL router at the remote site that can do multiple VPN Pass- through. I get the impression thought that even with such a router in place the Pix 515e may still see them as the same source IP address (due to NAT on remote router) and only allow VPN connection at a time still anyway.
Question 1: So if I purchase a multiple pass through router for the remote site do I need to sort out a NAT traversal solution at the PIX
515e?Question 2: How is it that we have other users who travel together who manage to both VPN through to our PIX when using public Wifi networks in Airports or in a star bucks etc... and they can connect back to our PIX at the same time quite happily? Surely those public networks would also use some form of NAT for fire walling? Does this indicate that these public networks commonly use multiple VPN pass through routers?
No... a site to site VPN is not really an option in this case due to $ restrictions and the tempoary nature of the remote office (3 months).
Any assistance appreciated as we will likely have this scenario to deal with again later in the year. Cheers