DaanHoogland commented on code in PR #514: URL: https://github.com/apache/cloudstack-documentation/pull/514#discussion_r2123631186
########## source/adminguide/networking/remote_access_vpn.rst: ########## @@ -156,4 +156,19 @@ Now, you need to add the VPN users. #. Click Add. -#. Repeat the same steps to add the VPN users. \ No newline at end of file +#. Repeat the same steps to add the VPN users. + +Limitations of Remote Access VPN +-------------------------------- + +CloudStack's Remote Access VPN feature (L2TP over IPsec with pre-shared key) is subject to certain limitations: + +- **Single connection per source IP/CIDR:** + Due to the use of StrongSwan in the virtual router implementation, CloudStack does not support multiple simultaneous VPN connections originating from the same source public IP or NAT'ed subnet. + This means that if multiple users are behind the same NAT (e.g., office network or shared IP), only one of them can connect at a time. Additional connection attempts will fail until the first session is disconnected. + +- **No support for overlapping CIDRs or NAT before VPN:** Review Comment: ```suggestion - **No support for overlapping subnets by the VPN:** ``` ?? the sentence seemed a bit odd. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
