Intermittent/flakey outbound RDP connections from behind a PIX501

Unanswered Question

I'm having a problem connecting to Terminal Servers or Remote Desktop computers from behind a PIX501.

If you look at the config of the PIX501, we have incoming RDP and LPD printing which works fine. And outgoing (from LAN2, behind PIX) POP3, SMTP and DNS all work fine, but outgoing RDP does not.

Please take a look at the attached JPG of the network layout.

I can access "3rd Party TS servers" consistantly from :

1) various (5+) XP or 2003 machines on various networks / ISPs

2) machines on LAN1

but not from machines on LAN2.

Occasionally it works, but more often that not I can't connect and recieve the standard "This computer can't connect to the remote computer. Please try again".

All the machines in LAN2 have RDP client v6.0. I have tried reseting the PIX to factory default also.

So my question is, Why am I unable to reliably connect to Terminal Servers from machines in LAN2 via the PIX501?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
robertson.michael Fri, 08/15/2008 - 18:10
User Badges:
  • Silver, 250 points or more

Hi Simon,

A couple of questions regarding this issue:

1. Are any syslogs generated during a time when an RDP connection fails?

2. Does 'show xlate debug | i ' show any strange xlates getting built during the time of the problem? If you do a 'clear xlate' and re-try the connection, does it work?

3. Does 'show interface | i error|proto show any interface errors? If so, are these counters increasing?

4 Are you doing any load balancing between the client and the RDP server?

5. Can you gather simultaneous, bi-directional packet captures on both sides of the PIX for a failing RDP connection?



This Discussion