No Terminal Services over VPN

samcole · ‎11-19-2004

I have a problem with the setup of a pure Cisco VPN

At one end I have a 1721 router and at the other ends I have two 831 routers.

I am using site to site VPN and the good news is both VPN tunnels are up and running. 

The bad news is that one of the tunnels will not allow all services to operate through it

A ping of packets up to 1400 in size is fine and responds in an expected amount of time. However when I try a more complex thing like Terminal Services (RDP) I have problem in that it only displays a black screen. Mapping a drive will also fail. But the pings carry on with 100% success. The MTU has not been changed on the router from the default size

The thing that makes it really strange is that the two 831’s have an identical config (apart from ip addresses) and the other 831 worked out of the box with out any problems.

All conections are over ip address to rule out any name look up problems

I have the configs if that would help but I will edit them to remove ip addresses and logins before I post them

Has anyone got any ideas on if the problem is at the 1721 end or the 831 end? I have spent far too long on this now so any help or requests for further information email me or post to Aid others

Sam

aacole · ‎11-20-2004

Sam,

You say that you have one 837 that works, does this have a differnet IOS to the 2 that dont work as expected?

Run a sh ver and have a look at tbe versions.

The other common issue which you have already mentioned is MTU or TCP segement size, you may be running into a packet fragmentation issue.

Are you using the IP TCP ADJUST-MSS command, to reduce the TCP packet size, a value around 1420 should help.

Andy