RDP through L2L problems.

Cybervex3 · ‎10-26-2012

Having a strange issue with RDP to an XP machine through a L2L tunnel.

Tunnel is between an ASA5505 and ASA5510. Site A 5510, Site B 5505

I have a handful of Win7 and XP Dev machines running on ESXi 4.1 within Site A.

Site B to Site A

Site A to Site B

AnyConnect

I have tried to Telnet on 3389 to the XP VMs with no success.

Any ideas?

Maykol Rojas · ‎10-27-2012

Hello,

Have you check the MTU on the regular RDP using the IPsec tunnel? Fragmentation are known issues when using RDP across IPsec

Mike

Julio Carvajal · ‎10-27-2012

Hello Cybervex3,

This sounds like a fragmentation issue.

Can you do the following on Site A:

     crypto ipsec df-bit clear-df outside

Then try to connect, if this does not work change the MTU size manually 
on the client to a value of 1300

Let us know the result,

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Cybervex3 · ‎10-27-2012

Ran the command on Site A ASA

Set the MTU on the XP VM and the Machine I am trying to RDP from to 1300. No changes

Julio Carvajal · ‎10-27-2012

Hello,

Please refer to the following documment :

We need to determine if this is a fragmentation issue, follow the Discover Fragmentation section

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Browser-Based SSH and RDP support