I have group of developers who is using few machines to do development and they need to have network connect access to few servers at the same time. How could i allow same user id to loggin from multiple locations to SSL VPN
It's not clear what you are looking for.
Do you want all of these developers to share a single ID? If so, why?
Or, do you want each of them, when they log on, to be able to access multiple servers? If this is the case, this should be simple using NC.
All developers have they own user id, but they have multiple development machines and they need to able to login to ssl vpn from these machines at the same time. When they login to one they getting kicked out from other one.
bummer.. multiple id's or alternate VPN I guess is the only solution.
Do you have a duplicate DC ? What if you pointed the other realm to that. Or use Kerberos instead of LDAP for the other realm? If it makes you feel any better we cant get rid of our Contivity VPN for similar issues.
Here is something I use to solve a different problem - maybe you can find a way to use something like it.
I use the custom sign-in pages to for a specific realm to add a suffix to the user ID, so that user "999999999" becomes user 999999999@SSLVPN. I then forward the authentication request to my Radius server, which strips off the "@SSLVPN" before doing the authentication. That way, the SA thinks that ID "999999999" is different than user 999999999@SSLVPN.
Another thought, but one which might be a real kluge, is to use IVS to create multiple identical IVSs. It has to be possible for the same ID to be used in different IVSs.