WRV210- Can't establish Remote Desktop Connection over IPSec

Unanswered Question
Nov 2nd, 2009

Hi there,

I changed the  BEFVP41 with WRV220 and configure the VPN  the same way, succeed to establish IPSec VPN connection with TGB VPN client with no problems but now Remote Desktop Doesn't work. I changed the firmware that didn't help. That didn't help as well, the answer is the same:The client could not connect to the remote computer. Remote connection might not be enabled or the computer might be too busy to accept new connections.The Remote connection works fine in local and with BEFVP41 (even thou I had different problems with this one) the only change is the WRV210....Did you have this issue?

Thank you

Vesna

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
William Childs Tue, 11/03/2009 - 04:38

Vesna,

Have you setup port forwarding rules to send 3389 on TCP to the desired machine or are you trying to RDP through the tunnel?

Bill

vesnajovanovic Tue, 11/03/2009 - 09:23

Hi Bill

I've been trying to RDP through the VPN tunnel. The tunnel is up and I can ping the stations over the tunnel. I use DSL lines on both ends, and think maybe MTU is the problem. When the MTU is set on Auto, the VPN connection is easy to establish, but when I changed the MTU to Manuel and put 1200 (on both routers- WRV200 and WRV210) the VPN doesn't work any more.

Vesna

David Carr Tue, 11/03/2009 - 07:57

Are you able to ping other devices through the vpn tunnel using a pc remotely?  If not, the tunnel is established with just the wan and not the network.  Is the ipsec setup for subnet or ip address?

vesnajovanovic Tue, 11/03/2009 - 09:26

Yes I can ping the stations, the subnet is set, but no RDP. I can't share the files eather, just ping.

I had a similar problem with the wrv210.  What I found was that unless the target PC (either for port forwarding or vpn) received a dhcp address from the wrv210, I couldn't ping it or RDP it.  Once I changed the configuration of the target PC to receive a DHCP address from the wrv210, I was able to ping it and rdp to it.  It's a poor solution, especially if you want the target PC to have a static address, but it was the only way I could get it to work.  I know I won't recommend the wrv210 to anyone else based on the numerous "undocumented features".

William Childs Fri, 12/04/2009 - 02:00

As a sort of work around, you could configure a dhcp reservation for that pc. Leave the machine as dhcp but know that it will always "recieve" a specific address. I think the problem the WRV210 experiences in this situation, is the mac address table times out and it flushes the pc's mac to ip binding. Therefore, it does not know who to send the request for X ip address to, because it no longer has a mac to port mapping.

However, when the router has the client via DHCP, the dhcp protocol takes care of making sure the mac does not time out in the CAM table. When the lease is somewhat close to expiration, the client renews and everything works fine. You can staticly map up to 20 addresses in the WRV210 (confirmed with configuration in lab).

With this solution, your RDP sessions and port forwardings will continue to work, and your mac will never timeout of the CAM table.

Bill

Actions

This Discussion