same user login to vpn twice

Incident response
Intrusion management
Network security
Hi Very simple question, can anyone think of a valid reason why a user can not vpn in from two differnet machines at the same time using the same username and password. So a user is at home and has a laptop and a desktop and wants to VPN into the office using his same username and password on both machines at the same time. The problem he is having is he is able to vpn into one machine but the other one connects and then hands on verifying username and password and then disconnects with error 721. so untill he disconnects from the original machine he is not able to vpn from the other. there are enough ports for him to connect. User is using xp on both machine and this is a standard windows vpn server. Any help would be great. Thank you F

Answer Wiki

Thanks. We'll let you know when a new response is added.

You didnt mention what vpn solution your using.
We use a Microsoft vpn solution and you right, there is no reason a user cannot connect multiple times thru it.. I do it all the time.

Discuss This Question: 8  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Celtic
    Hello, You haven't mentioned which software and version are in your "standard windows vpn server". Anyway, I'm sure Microsoft included an option in the VPN server properties to allow multiple logins with the same username. Just look in your server's documentation and try to find the correct settings. Hope I helped...
    0 pointsBadges:
  • Dollface
    Setting your server to timeout connections after a certain amount of time without activity might be your solution. Are both machines configured with DHCP or static IP?
    0 pointsBadges:
  • Metlaxlt1
    Are you using RADIUS server?
    0 pointsBadges:
  • Spadasoe
    Another thing to check: Some VPN appliances (Cisco 3000 series) will not allow multiple connections from the same source IP.
    5,130 pointsBadges:
  • Stevesz
    Or, if none of the above seem to apply, the user is only allowed one login to the server at a time.
    2,015 pointsBadges:
  • PhilReed
    From your description you seem to be using Microsoft PPTP VPN. If at home you are on a private network with both laptop and desktop NAT'ed behind the same IP address then you will only be able to have one VPN connection at a time. To get round this you either have to assign a public IP address to each of the computers (unlikely for most home users) or create a network to network VPN connection (but will need a Win 2000/2003 server with RRAS at home), or use one of the machines as a router and direct all the traffic for the office network from the other machine through it by creating a static route.
    0 pointsBadges:
  • Haroldrossi
    I am a novice at this but with the VPN connections I have set up, they all have a static IP on the hosting system and will not allow two external connections to the same VPM at one time. If this user needs to maintain two connections simultaneously, create an additional VPN profile.
    0 pointsBadges:
  • Mortree
    On the Active Directory /Windows 2003 side: Does the user account and RRAS policies for that user/group allow him to use multiple connections? Windows 2003 is configurable in that sense - none, 1, 2, 3, or unlimited connections. On the home side -- static addresses are not the same as PUBLIC Internet routable IPs. If your home computers are behind a hardware firewall -- separate Linksys or Netgear box or something built into your cable or DSL modem -- you are likely using 192.168.?.? or 172.16.?.? or 10.?.?.? type static IP addresses. These are called private IPs and they are not routable across the whole of the Internet (though your IP might pass them on their network). Whether these addresses are statically assigned makes not difference. The problem is that you likely have only one PUBLIC IP assigned on the outside of your hardware firewall. All internal home LAN traffic get translated into that PUBLIC IP to travel across the Internet. As others have mentioned that configuration normally can support only one VPN connection easily. Most other IPs would be PUBLIC IPs and routeable...and I would guess you are a brave soul depending solely on the software firewall built into XP. In this case the problem is almost certainly with corporate network policy for the user account either in Active Directory or in Remote Access Policies.
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: