Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2865
Views
0
Helpful
7
Replies

RDP not working across IPSEC + GRE

ahmad82pkn
Level 3
Level 3

‎03-06-2012 09:34 AM - edited ‎03-04-2019 03:34 PM

Hi,

i am having hard time connecting RDP to a machine.

Scenario is from Home user connect easy VPN (built on VPN concentrator) after VPN then can RDP company servers in Data Center "A"  fine.

Problem accurs when they need to access a 3rd party "B" server which is connected with our data center "A" via GRE tunnel over internet.

i tried MTU 1436 and 1460 and no MTU as well.

but it didnt work. attach is capture and diagram.

Labels:
Preview file
20 KB
123968-not working.pcap.zip
123976-good.pcap.zip
0 Helpful
7 Replies 7

andrew.prince
Level 10
Level 10

‎03-06-2012 10:05 AM

check the routing from the remote 3rd party.

Sent from Cisco Technical Support iPad App

0 Helpful

ahmad82pkn
Level 3
Level 3
In response to andrew.prince

‎03-06-2012 10:07 AM

i can ping the server. so routing should be correct. Also attaching Good capture, when i can RDP same server with out VPN from LAN of office A.

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to andrew.prince

‎03-06-2012 10:10 AM

Hello,

     Make sure that the connection to the server is fine. You may try using "telnet" with tcp/3389. If you got a black screen ,you may try to add "ip tcp adjust-mss 1300" on the interfaces for testing.

HTH,

Toshi

0 Helpful

ahmad82pkn
Level 3
Level 3
In response to Thotsaphon Lueangwattanaphong

‎03-06-2012 10:17 AM

i tried chaning TCP adjust value to 1300 on GRE tunnel both side of rotuers, i can connect to 3rd party server via RDP from LAN in office A as before.

But i still cannot connect when i come via VPN. also when i am on vpn i cannot telnet port 3389

telnet 10.20.154.85 3389   (telnet works from office LAN though)

Connecting To 10.20.154.85...Could not open connection to the host, on port 3389

: Connect failed

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to ahmad82pkn

‎03-06-2012 10:22 AM

Hello,

     When you're on VPN, you need to make sure that the routing is fine. If the routing is okay, you should telnet w/3389 without any problem. You might try to double-check w/ personal firewall on the server as well.

Toshi

0 Helpful

ahmad82pkn
Level 3
Level 3
In response to Thotsaphon Lueangwattanaphong

‎03-06-2012 10:28 AM

Yes, when i am on VPN, routing is fine, i can telnet router and switch placed in 3rd office on same LAN 10.20.154.x.

only thing i cannot do is RDP to that server.

That server and my machine both has firewall off. and yes that is the issue telnet to 3389 doesnt work:(

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to ahmad82pkn

‎03-06-2012 10:32 AM

Hi,

    When you're on VPN, you can ping the server. Right?

    When you're on VPN, you can connect the server with other protocol such as file sharing/tcp/445. Right?

    Is there any firewall in between?

Toshi

0 Helpful
Customers Also Viewed These Support Documents