VPN ipsec works for only 1/2 user, no more

Gianfilippo

Hi, this is my situation.
Office with usg40, server and pc.
Connecting from my home (or other place) to office with Zywall VPN ipsec Client works great (tunnel open and browse network lan) for first and second pc.
When I try with third or fourth pc simultaneously tunnel won't open.
Is a possible provider limitation?
In the modem isp I've open 500 and 4500 port.
Thanks

Gianfilippo

Any help?

kukuman

Have you checked the IPsec VPN IP ranges of your USG40 is enough? and checked concurrent IPsec VPN session number of USG40? If the VPN IP range is too small or over maximum IPsec VPN concurrent tunnel may lead to this symptom. I found its specification may give you some reference.

https://www.zyxel.com/tw/zh/products_services/Unified-Security-Gateway-USG40-40W-60-60W/comparison

Gianfilippo

Yes checked, VPN ip ranges is 192.168.200.80 to 192.168.200.99 (20 pc) and I have problem with third or fouth pc.
Max. concurrent IPSec VPN tunnels in 20 for USG 40 (my model).
The problem seem appear when I connect 3-4 pc form the same external netrwork (same public IP).
If I connect 4 pc from 4 exterrnal network it works (4 different public IP).
How is possible?
Thanks

kukuman

Did you check the 20 tunnels all be occupied while you establish the third, fourth PC's IPsec VPN connection? Because I remember Monitor > VPN Monitor > IPsec VPN can check the VPN client connection status.
Or you can change the IPsec VPN of establishing connection order e.q.try the third, fourth PC establish IPsec VPN first and establish the first, second PC's IPsec VPN connection secondly.

Gianfilippo

Look at ip starting 87...
Two pc connected, connection impossible for third pc.
The ip starting 79... is from another network.
In this moment 3 pc simultaneously connected, but maximum 2 from same ip (same network).
I don't know why the second ip from 87... network not have port 4500 at the end...