09-11-2017 01:17 PM - edited 02-21-2020 06:17 AM
I have an issue regarding RDP. My server is behind ASA. From my network i can ping the server but not able to create RDP seesion. I can't RDP on this specific server but able ti RDP the other server on the same DMZ network. I have check that the packet is not blocked by asa. The packet tracer from ASA ASDM, it shows me connection is perfectly established.
What should be the issue ?
There is two server on the network 12.12.1.0/24
First one is 12.12.1.10, on this server i can pind and also i can RDP from my computer
second one 12.12.1.15, on this server i can ping but can't RDP from my computer.
It's for internal network. Packet will not go to the outside network.
Solved! Go to Solution.
09-12-2017 08:24 PM
I have a question, i don't have any route from 10.33.6.0/24 network, but i can do RDP to 10.10.1.10 which is on same network like 10.10.1.24 ?
09-11-2017 07:56 PM
Hello,
Is it RDP enable on the server?
09-12-2017 05:44 AM
Thanks for your reply.
But i have already done this step but can't able to RDP.
09-12-2017 06:22 AM - edited 09-12-2017 06:46 AM
Well, if RDP is enable on server we can eliminate this step.
Next question: What about Server routes. How mane interfaces does the Server has? Does it know how to reply to your machine?
You can put the output here:
route print
ifconfig /all
09-12-2017 09:34 AM
Here i my output for route print
I am tryint to RDP from 10.33.6.0/24 network
but i can RDP from 192.168.0.0/18 network
===========================================================================
Interface List
13...00 50 56 8b 12 de ......vmxnet3 Ethernet Adapter
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.24 261
10.10.1.0 255.255.255.0 On-link 10.10.1.24 261
10.10.1.24 255.255.255.255 On-link 10.10.1.24 261
10.10.1.255 255.255.255.255 On-link 10.10.1.24 261
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.0.0 10.10.1.2 10.10.1.24 6
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.10.1.24 261
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.10.1.24 261
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
192.168.0.0 255.255.0.0 10.10.1.2 1
0.0.0.0 0.0.0.0 10.10.1.1 Default
0.0.0.0 0.0.0.0 10.10.1.1 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 261 fe80::/64 On-link
13 261 fe80::55f5:e584:1b84:4170/128
On-link
1 306 ff00::/8 On-link
13 261 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
09-12-2017 11:32 AM
Alright,
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.24 261
10.10.1.0 255.255.255.0 On-link 10.10.1.24 261
10.10.1.24 255.255.255.255 On-link 10.10.1.24 261
10.10.1.255 255.255.255.255 On-link 10.10.1.24 261
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.0.0 10.10.1.2 10.10.1.24 6
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.10.1.24 261
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.10.1.24 261
We can see that you have an static route to 192.168.0.0 but you dont have it for
10.33.6.0. This way, you are using the default route 0.0.0.0 0.0.0.0 10.10.1.1 10.10.1.24 261.
If you are not the Network guy, you may need help to address it. Maybe will be necessary to add a new route on the target server.
09-12-2017 06:52 PM
That route should be add in the server or in asa ? Can you suggest me how can i add route on server ?
In asa, i know but not from server side.
09-12-2017 07:10 PM - edited 09-12-2017 07:11 PM
It is easier on both. On server you just need to use the following command as administrator:
Example (Dont use this address)
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1
destination^ ^mask ^gateway
What I´d like to highlight is that it is important to understand what is necessary.
I mean, as per our verification, looks like server have no idea how to replay the RDP request. Then, it is sending to the default gateway throught default route. Looks like this is not the proper way and then your connection fail.
Whithout know your environment it is difficult advise you where to add route or not.
09-12-2017 07:54 PM
One thing i fergot to mention, i can ping and RDP 10.10.1.10 server from my network 10.33.6.0/24.
09-12-2017 08:19 PM - edited 09-12-2017 08:20 PM
I think you could add a route like this on sever:
10.33.6.X 255.255.255.0 10.10.1.2 10.10.1.24
replace X by your IP address.
I think this can work.
09-12-2017 08:24 PM
I have a question, i don't have any route from 10.33.6.0/24 network, but i can do RDP to 10.10.1.10 which is on same network like 10.10.1.24 ?
09-12-2017 08:42 PM
That's correct. Same network. Does this server you are trying to RDP has IP address on the network as well?
Ipconfig /all you can confirm that. Maybe you are only using the wrong IP address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide