Networks

on this very site and topic you will find a Q where the user wants to get rid of cisco's failure to support 2 VPN clients . To avoid such trouble use another port and make another rule . It would be nice to do that for NAT purposes and for IP intrusion detection purposes.

It shouldn't be a problem. When you make a TCP connection, there are a couple components identify each connection. It's Source & Destination IP addresses, source & destination TCP or UDP ports. So, even if you have one server, connections from different clients will appear differently. Here is an example:

Client 1 10.0.0.1
Client 2 10.0.1.1
Server 172.16.0.1

Even though your clients will be using the port 3389 on the server, connections will be different:

Connection1: 10.0.0.1:1024 -> 172.16.0.1:3389
Connection2: 10.0.1.1:1024 -> 172.16.0.1:3389

If your Client1 opens another session, his PC will use another TCP port as an source:

Connection3: 10.0.0.1:1025 -> 172.16.0.1:3389

So, your firewall as well as the server can easily distinguish between different clients and connections.

Good luck,

Mike
CCNP, CCDP, CCSE, MCSE+I, MCSE W2K, Solaris, etc...
---
http://www.ciscoheadsetadapter.com

This question was closed by the author