Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1623
Views
0
Helpful
1
Replies

Need troubleshooting suggestions (RDP and SYN Timeout)?

Michael Bartholomæussen
Level 1
Level 1

‎10-11-2019 03:01 PM - edited ‎02-21-2020 09:35 AM

Hi All

I'm having issues with RDP sessions from our office location, to a remote server hosted abroad.

Clients connects via RDP, and sometime RDP fails which leaves them helpless.

From the office, they traverse a local ASA 5525X, gets routed to our data center, then through another ASA 5525X which hosts a S2S IPSec to the remote server.

When RDP fails for the users, it is still working from the data center. The VPN is running, and server is responding to RDP from the data center.

Tracing back the issue the first device that could cause trouble it the local office firewall. Going through syslog messages, I noticed that when, RDP is failing for office users, there are SYN timeouts on the firewall.

Looking at the data center firewall syslog messages, the connection is never seen by the firewall.

 

A brief topology looks like this

Local 5525X <-> Cat4500 (OSPF->) <-> ASR router <-> (<-OSPF) ASR router <-> data center (ACI) <-> DC 5525X <-> IPSec to remote server

 

I need some ideas on how to proceed with troubleshooting?

 

Best regards,

Michael

0 Helpful
1 Reply 1

Deepak Kumar
VIP Alumni
VIP Alumni

‎10-11-2019 08:05 PM

Hi,

Most of the cases (that I've run into) this has been an indication of a problem at the remote end. (Well regarding the local firewall it can only be about some remote device since it doesn't see the SYN-ACK)

Problems can be:

  • A connection is blocked by a remote firewall or firewall somewhere in between
  • A connection is blocked by the remote host's own firewall (software)
  • Connections SYN arrives at the remote host but a routing problem exists which forward the SYN-ACK in the wrong way.
  • There an outage in the remote end service you are trying to reach
  • Some other equipment is filtering the traffic in between
  • The reason may be your NAT configuration.

Can you share logs and configuration with us? Also if you can share traffic capture at the same time.

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card