https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172332#M877841 <HTML><HEAD></HEAD><BODY><P>This could also be a port restriction.</P><P>Can you telnet to port 3389, this is the RDP port.</P></BODY></HTML> Mon, 12 Jan 2009 18:52:58 GMT ronshuster 2009-01-12T18:52:58Z https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172330#M877839 <P>Rookie here so please forgive me as I have no Cisco knowledge.</P><P></P><P>At my work we have a site to site VPN and the status is up. I can ping their private ip and the other end can ping my server. However when he tries to RDP to my server he is unable to. My guess is it's the firewall on our 2821. How would I go about allowing him access? If it's not a firewall issue what else would it be?</P><P></P><P>Thank you in advance.</P> Mon, 11 Mar 2019 14:35:12 GMT https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172330#M877839 jeremys 2019-03-11T14:35:12Z https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172331#M877840 <HTML><HEAD></HEAD><BODY><P>More likely it's the MTU size, especially if your connected via DSL. You can adjust it under the interface (your LAN interface).</P><P></P><P>(config-if)#ip tcp adjust-mss ?</P><P> &lt;500-1460&gt; Maximum segment size in bytes</P><P></P><P>To find the correct size, ping from one side to the other with a large packet size and decrease it until it is successful. That should be close to the size you enter above. Here's an example from Windows.</P><P></P><P>F:\&gt;ping -l 1500 -f 192.168.5.15</P><P></P><P>Pinging 192.168.5.15 with 1500 bytes of data:</P><P></P><P>Packet needs to be fragmented but DF set.</P><P>Packet needs to be fragmented but DF set.</P><P>Packet needs to be fragmented but DF set.</P><P>Packet needs to be fragmented but DF set.</P><P></P><P>Ping statistics for 192.168.5.15:</P><P> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),</P><P></P><P>F:\&gt;ping -l 1430 -f 192.168.5.15</P><P></P><P>Pinging 192.168.5.15 with 1430 bytes of data:</P><P></P><P>Reply from 192.168.5.15: bytes=1430 time=8ms TTL=55</P><P>Reply from 192.168.5.15: bytes=1430 time=8ms TTL=55</P><P>Reply from 192.168.5.15: bytes=1430 time=10ms TTL=55</P><P>Reply from 192.168.5.15: bytes=1430 time=16ms TTL=55</P><P></P><P>Ping statistics for 192.168.5.15:</P><P> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),</P><P>Approximate round trip times in milli-seconds:</P><P> Minimum = 8ms, Maximum = 16ms, Average = 10ms</P><P></P><P>Hope that helps.</P><P></P><P></P></BODY></HTML> Mon, 12 Jan 2009 16:48:28 GMT https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172331#M877840 Collin Clark 2009-01-12T16:48:28Z https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172332#M877841 <HTML><HEAD></HEAD><BODY><P>This could also be a port restriction.</P><P>Can you telnet to port 3389, this is the RDP port.</P></BODY></HTML> Mon, 12 Jan 2009 18:52:58 GMT https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172332#M877841 ronshuster 2009-01-12T18:52:58Z https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172333#M877846 <HTML><HEAD></HEAD><BODY><P>I can RDP just fine to the server from my workstation internally. The other guy is not able to and I don't think the port has been opened up which would explain why it's not working for him. How would I go about doing that?</P></BODY></HTML> Mon, 12 Jan 2009 19:35:31 GMT https://community.cisco.com/t5/network-security/firewall-issue/m-p/1172333#M877846 jeremys 2009-01-12T19:35:31Z