SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  SRX 240 How to use one account for 20 Dynamic VPN users

    Posted 06-25-2014 02:59

    Hello 

     

    Is it possible to use one account in access-profile for many VPN users?

    For example i have such config:

    --

    show configuration access | display set
    set access profile dyn-vpn-access-profile client test firewall-user password "password"

    --

    and i want all vpn users use this password and login for vpn connection.

    I know it is not a good idea but i need it now.

     

     

     



  • 2.  RE: SRX 240 How to use one account for 20 Dynamic VPN users

    Posted 06-25-2014 03:14

    Hi ,

     

    SRX uses username along with host name to differentiate each vpn user connecting through dynamic vpn client.

     

    user@host> show security ike active-peer 
    Remote Address           Port     Peer IKE-ID       XAUTH username       Assigned IP
172.19.100.99            500      testdynvpn        test                 10.10.10.2

     

    Regards,

    rparthi



  • 3.  RE: SRX 240 How to use one account for 20 Dynamic VPN users

    Posted 06-25-2014 03:17

    Hi ,

     

    SRX uses username along with host name to differentiate each vpn user connecting through dynamic vpn client.

     

    user@host> show security ike active-peer 
    Remote Address           Port     Peer IKE-ID       XAUTH username       Assigned IP
172.19.100.99            500      testdynvpn        test                 10.10.10.2

     so remote users can use the same user account  but i dont think they can connect simultaneously at the same time.

     

    Regards,

    rparthi



  • 4.  RE: SRX 240 How to use one account for 20 Dynamic VPN users

    Posted 06-25-2014 03:51

    Yes, when i try connect second PC to SRX first client become disconnected.
    I am can not find another explanation for it , i think you are right.

     

     



  • 5.  RE: SRX 240 How to use one account for 20 Dynamic VPN users
    Best Answer

    Posted 06-25-2014 04:29

    Hi Sultanov2007,

     

    Yes , IKE id generated for first client connection and IKE-ID generated for second connection will be same.

    so srx would remove the first connection and add the new connection if same user account is used.

     

    Regards,
    rparthi

    [Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too] .....