pfSense English Support > IPsec

How do I disable two android clients from connecting with the same credentials?

(1/1)

rsraney:
First off, my experience with pfSense is weak at best. I manage a few external Strongswan VPN gateways for a QA team and looking into pfSense to help diminish my overhead between configurations and deployment of testing services.  Any help or suggestions would be great.

Here is a summary of the issues I am seeing. I will attempt to use Strongswan's nomenclature. 

IPSec VPN Gateway Server:  Moon
Android Device-1: Client-1 (User Tom credentials)
Android Device-2: Client-2 (User Tom credentials)
IP Pool for VPN 192.168.102.0/24
Internal network 10.0.10.0/24

All tests have been performed using WiFi AP (with NAT)  and via cellular carriers.

Steps to reproduce the issue:
1)    When Client-1 is connected to Moon and receives the IP 192.168.102.1 and can access all network resources successfully
2)   If Client-2 is authenticated using same credentials as Client-1 to Moon, it will be assigned  IP 192.168.65.2 and can access all network resources successfully.

After second connection, Client-1 is still connected to the VPN but suddenly will not able to network resources, but Client-2  can access all network resources internal and external successfully.

What my team and myself expect Client-1 and Client-2 can never be connected at the same time if they use the same authentication.  The last successful authentication client will force a disconnect any existing connections using the same credentials.

 I have a working version of this in Ubuntu using Strongswan VPN, and I use 'uniqueids=yes' to perform this.   I've enabled the 'uniqueids' to 'yes' in the advanced menu, but I still see the same problem. 



Navigation

[0] Message Index

Go to full version