I have a scenario where 2 people WFH need vpn connectivity simultaneously. They’re setup with Global VPN. One user seems to always be disconnected.
This is my first time dealing with 2 connections from same location with the software client (not site to site).
Should these connections work…? If not what’s the recommended way to set them up?
Thanks for your input.
What happens when user #2 tries to connect?
This could entirely be a limitation of their home/ISP firewall.
Ah so both users are at the same location. That may be an issue on whatever is being used at that location for a firewall, router, etc.
In there router turn off strict NAT if it has an option. If that does not improve it you may have to change the port one is connecting to the VPN.
Wait, are both remote folks connecting to the SAME Sonicwall? I’d say getting a site-to-site tunnel setup with a SW at the remote location would be the bulletproof way. You can even use an off-license unit for this, plus it segregates the work computer traffic from the home computer traffic…
We had this same issue 10 years ago. We have also seen it with clients at tradeshows and staying in same hotel.
Switched everyone to sslvpn and never dealt with it again. I think the gvpn client has some hard limit of coming from same IP.
Won’t work. Either sslvpn for one of them or two isps at the house.
The 2nd isp could be a cellular Hotspot if speed isn’t an issue.
Is there a setting simultaneous connections per public IP? I know there is one on our SMA.
Switch them both to tailscale (or other ZTNA), and call it a day.
Free the plebs and yourself from the legacy vpn struggle sessions.
I dunno, check the license maybe? I think GVPN is licensed for 2 though.
Ok we have a few options to figure this one out. Looks like licensing is ok so we can ignore that. Did we clone these machines with GVC already installed? If so they will have the same MAC address and punt each other off. It may be the upstream device and strict NAT but that’s always a tough one to grind through. I’d recommend setting up user number 2 on sslvpn connectivity as a workaround until we can figure out our pain point. I don’t know what hardware you have. I’m guessing on what kind of machines they have because its GVC so Windows only. Don’t know what kind of firewall/firmware version. I’m extrapolating from incomplete data but,…
I’ve run into this issue before but not with Sonicwall. Some VPN standards just do not support this. L2TP for example does not. I haven’t used Global VPN but SSLVPN in SonicWall does work.
I had some funky setup from another company I was called into support and in that case I was able to forward a different port over to the VPN, then one user on one port and the other on the standard. In that case it worked but may not work everywhere.
If you can run another VPN server in tandem that would also work but not very clean and not very scalable.
End-all be-all is site to site, obviously not fun and depending on how strict your standards are maybe outside of security spec.
Having a second public IP client side would also fix, if you are extremely lucky their ISP may offer static IPs to residential and they won’t have to double their monthly cost.
This issue is lame and frustrating every time I encounter it, good luck!
One stays connected while another disconnects.
Why is that tho? Do ISPs usually block multiple IPSec connections…? I didn’t know you could set up both SSL and Global VPNs on same SonicWALL.
We’ve purchased over 20
You could also configure a firewall for site to site, put it inside their network rather than replacing their firewall, then have an isolated network separate from their home network. You could run into NAT issues there but if it is a home router, putting the secure firewall into the DMZ should help that.
Is not the ISP. It’s the sonicwall.
Trade them in for sslvpn licenses. Sonicwall support will do it if you ask them.
SSLVPN is 1/10th the speed though.