Cicso VPN RDP issue

Unanswered Question

I have a working VPN tunnel between an ASA 5510 and a 1841 Router. I am having an issue with RDP connections dropping. I will get an initial connection, then it will drop after I start to enter the credentials (5 or so seconds). It takes 30 or so seconds before I am able to make a connection to that RDP server again. Usually with the same result. It seems that the issue occurs after we exceed a number of RDP connections. I am still able to ping the servers in question during the RDP connection issue. Any help would be greatly appreciated. Thanks.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Thu, 06/25/2009 - 06:19

You may try entering the command "timeout conn 0:0:0" on the ASA. You may also try changing the MTU size to1100 in ASA.

auraza Thu, 06/25/2009 - 09:40

On the private (inside) interface of your router, enter the following command:

ip tcp adjust-mss 1300

Then try again.

PS. If you think this post was helpful, please do rate it.

udimpas Sun, 08/09/2009 - 23:58

Hi Auraza,

May I ask the command on the ASA side? My problem is I wont be able to connect thru RDP. Im using ASA5505 on both sites.

Attached are the running configs (IP Address and other configs has been omitted)

Thanks,

udimpas

Attachment: 
auraza Mon, 08/10/2009 - 05:56

Remove the following:

From HQ:

access-list outside_1_cryptomap_1 extended permit tcp inside 255.255.255.0 172.16.1.0 255.255.255.0 object-group RDP

From Remote:

access-list outside_1_cryptomap extended permit tcp any any object-group RDP

--

The HQ has these routes:

route outside 0.0.0.0 0.0.0.0 x.x.x.x 1

route inside 0.0.0.0 255.255.255.0 192.168.10.4 1

route outside 172.16.1.0 255.255.255.0 192.168.10.1 1

route outside 172.16.1.0 255.255.255.0 192.168.10.4 1

How come you have a default route pointing inside, and then internal networks also on the outside interface? Shouldn't 172.16.1.0 point to the inside interface to a router on the inside?

--

The Remote has these routes:

route outside 0.0.0.0 0.0.0.0 58.69.234.209 1

route inside 0.0.0.0 255.255.255.0 172.16.1.1 1

route inside 0.0.0.0 255.255.255.0 58.69.234.209 1

Why do you have default routes pointing to the inside on the remote?

Actions

This Discussion