Hi,
Here's one for the crypto buffs....
I have a setup of three Cisco 837s terminating IPSEC tunnels in a hub/spoke router-to-router config. The VPN router that acts as the "hub" also has EZVpn set up for remote access from WinXP clients that are on the road.
My question is this: can one of those WinXP laptops be located within the network subnet of another one of the "spoke" routers and still be able to init a VPN tunnel by itself? I've tried it and it doesn't work so I'm assuming the answer is no, since UDP port 500 is already in use by the "spoke" router's VPN tunnel (and we can't set up another one at the same time from within the same network, right?)
If anyone knows any ways to hack it so it works please let me know, though I doubt there area any.
Thanks for the screen space,