Solved: RDP issue with pix

techtips03 · ‎12-01-2007

Hi

I have a pix 506 installed replacing linksys. After this is installed, when I try to RDP to a computer internally (within LAN) I see the remote PC is getting rebooted. I have no issues to RDP into the server from outside. once on the server, when I try to make a virtual connection to any of the computer, I see the computer is getting restarted itself.

I just tried doing telnet internally to the remote ip on port 3389 and see it is getting restarted.

As this is within LAN, I dont think PIX has anything to do with this, however it seems that it happened after the pix installation.

Any input on this is greatly appreciated.

Thanks

husycisco · ‎12-10-2007

Are there any dmp files in %SystemRoot%\Minidump with up to date creation date? Any 3rd party firewalls or antiviruses running?

View solution in original post

husycisco · ‎12-02-2007

Pretty interesting. I would first suggest you to shutdown the inside interface of PIX, you wont need the gateway since you RDP to a PC which is in same subnet. This will eliminate the possibilty of PIX. If computer restarts itself again although the PIX interface is disabled, that means PIX is not involved in this. Then I would suggest you Right-click My computer>Properties>Advanced>Startup and recovery and uncheck "Auto reboot" . This time you will see the Blue screen error when you try to RDP. Please tell us what Blue scree error you see.

techtips03 · ‎12-02-2007

Hi

Thanks very much for the response. I am actually remote to the location. I should be able to do this remotely right by RDPing to the server and then shut down the inside interface of the pix? Just want to make sure that I dont lose connectivity to the location as the site is unmanaged. Or do I have to be on site to do this? Here is what I have on pix.

Inside interface - 192.168.1.1

server - 192.168.1.11

access-list outside_in permit tcp any host eq 3389

static (inside,outside) tcp 3389 192.168.1.11 3389 netmask 255.255.255.255

access-group outside_in in interface outside

ip address inside 192.168.1.1 255.255.255.0

nat (inside) 0 access-list 102

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

global (outside) 1 interface

access-list 102 permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0 --> this is for my remote vpn clients

Please advise

Thank you for your time

husycisco · ‎12-02-2007

You shouldnt take the steps if you are remote to the location.

Your config looks OK. Please follow the steps I posted when you are on site, and post the results. Lets see if server reboots itself when a server in local network try remote desktop to it. It is really a weak possibilty that the issue is PIX related. Might be an mtu issue.

techtips03 · ‎12-07-2007

I have eliminated the PIX unit by shutting it down and did an RDP between the PCs and the remote pc started rebooting. I unchecked the auto restart option, however it started rebooting when I try to RDP leaving no error message.

Any further advise?

husycisco · ‎12-10-2007

Are there any dmp files in %SystemRoot%\Minidump with up to date creation date? Any 3rd party firewalls or antiviruses running?

techtips03 · ‎12-13-2007

I am still waiting to visit the client and get information on this.

Another question

I have a remote user logging into this PIX through Microsoft Windows PPTP client. And once on VPN, he is not able to access his Internet. I believe it is a characteristic of software VPN but is there anyway he can browse the Internet changing routing tables etc or should I have to go for L2TP?

Please advise

techtips03 · ‎12-28-2007

This issue is resolved. related to desktop issues. Thanks