RDP not works but telnet x.x.x.x 3389 works

Unanswered Question
Sep 16th, 2008
User Badges:

I am trying to connect from florida location to MO. trace route, ping and telnet 3389 works but RDP application not works.I did some work around and used the command ip tcp adjust-mss 1260 in my first tunnel and it fixed the issue. my question is how MTU is varying and will it have effect on Applications?


Thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
singhsaju Tue, 09/16/2008 - 09:28
User Badges:
  • Silver, 250 points or more

Hi,

Application data packets have their own header .IPsec adds its header to normal data packet and increases its size and if you are doing GRE over Ipsec then GRE header is also added.This increase the size of packet more than 1500 bytes . And since network devices have MTU set for 1500 bytes these devices will try to fragment the packet . And since the df bit on the packets is not set and the device cannot fragment it , it drops the packet.


You can find out the exact packet size that will traverse the tunnel without fragmentation by using ping "ping -l 1400 192.168.1.1 -f " . you can gradually decrease the length of packet and see when you start getting the response from destination host . Then once you know that length of packet , you can adjust TCP MSS value accordingly on the VPN head end device.

Check out the following link :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml#Issues


HTH

Saju

Pls rate helpful posts



singhsaju Tue, 09/16/2008 - 12:38
User Badges:
  • Silver, 250 points or more

Correction


"And since the df bit on the packets is set and the device cannot fragment it , it drops the packet"

arkothapally Wed, 09/17/2008 - 05:52
User Badges:

Saju,


Is there any other way we can solve this issue without using ip tcp adjust -mss.



Actions

This Discussion