Gaz, I think there might be some routing problems. IPSEC is not like a serial link, it will not pass all traffic, it only passed traffic from one endpoint of the tunnel to the other endpoint of the tunnel. In your scenario, once the packet gets to the concentrator, the concentrator wouldn't know how to pass the packet off to the other client.
The issue is probably really the transient nature of the dial up sessions. Imagine two clients running on DSL, then I can see them communicate to each other through the concentrator. They just need static routes in between them. Any comments? Alex Gaz wrote: > > Hi all > > Someone was banding this question around at work today, so > although it's > possibly a little off topic, I don't feel too guilty because I > don't need > the answer, just interested. > > If two clients each access a network via the internet in to one > VPN > concentrator, is it possible in any way to let the two separate > clients also > access each other's networks? > > We had a few off the cuff ideas, but nothing that would seem to > be a go'er. > Things like running overlapping NAT on an internal router with > two > interfaces. > > Anybody got any mad ideas, or possibly any sane ones? > > Gaz > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44287&t=44276 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]