Hi All,
I have a support ticket raised for this, but I am appreciative of the quality of the forum, don' t want to neglect it and thought I' d put this to the collective:
Fortigate 300 - 2.50 MR9
Forticlient seems to work fine for single users, including users behind a PAT device, so NAT-T is working fine and sessions are seen terminated on port 4500.
One of our customer' s remote sites is a rented office where many of their devices go through PAT translation.
One device connects fine using Forticlient.
Second device seems to connect fine also.
Both devices seem to have network connectivity (of some sort) and are using separate static addresses configured in the client.
Although the client is being authenticated, whichever one is passing traffic shows up, then if the other client tries to pass traffic the authentication box flashes up and the session goes from idle to up.
Basically we have two clients which are both authenticated, but only one of the tunnels is up at any one time. The dialup monitor also reflects this.
The fortinet (because of the PAT) seems to believe that there is just one session.
PPTP is working through the same infrastructure - also multiple users from the same PAT address.
My main question to support was whether this setup should be supported. We have quite a few other facilities set up on the box (PPTP, RSA, site to site VPN' s) so I' m reluctant to move immediately to another OS, but will if a possible fix is suggested.
Any ideas or similar problems??
Cheers,
Gaz