×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Remote Desktop suddenly not working through Site2Site-VPN

Unanswered Question
Jul 31st, 2013
User Badges:

Hello,


has anybody experienced something simillar?


The setup consists of 2 equaly setup and configured SA540. Everything else is perfectly tunneld to the other side. However, Remote Desktop is interrupted after a view seconds with the message that the session had to disconnected because there was an error in the encryption of data.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jeffrrod Mon, 08/12/2013 - 11:21
User Badges:
  • Bronze, 100 points or more

Dear Florian,


Thank you for reaching Small Business Support Community.


An "error in the encrypted data" error! I would first suggest you to uncheck the "Dead peer detection" and if the problem persists then change the "Exchange mode" from "Aggressive" to "Main mode".  If the problem still persists try changing the 'IKE SA Parameters" to a not so strong encryption and authentication algorithm, try a lower DH group as well. 


Please try this out let me know if there is any further assistance I may assist you with.


Kind regards,



Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer


*Please rate the Post so other will know when an answer has been found.

SHAWN EFTINK Mon, 08/12/2013 - 11:27
User Badges:
  • Silver, 250 points or more

Florian,

The message that you're seeing regarding the session being disconnected because there was an error in the encryption of data, is that coming from the SA540 VPN or the RDP client?  If it's coming from the RDP client, I would recommend trying to turn off NTLM on the client and Terminal Server.



Shawn Eftink
CCNA/CCDA


Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

FlorianCokl Sat, 08/17/2013 - 03:52
User Badges:

Dear Shawn,


thank you for taking your time to get into this.


The error is shown on the RDP-Client. I will investigate into your suggestion as well.


Kind Regards

Florian




Update:

No it did not work - besides it's a session between 2 Desktopcomputers and not a Desktopcomputer and a Server somewhere.....

One Computer is running XP Pro and the other W7.

FlorianCokl Sat, 08/17/2013 - 03:51
User Badges:

Dear Jeffrey,


thank you for taking your time to get into this.


Regarding the strenght of encryption - I went even so far to turn encryption completely off no nothing. The SA was only wrapping the data twice in IP - no encryption, no DH - no success.


What I did notice was: the higher the encryption algorythm was on the 2 SA540s the significantly longer took the 2 PCs in the local LANs on both ends of the tunnel to establish the Remote-Desktop-Session through the VPN-tunnel and the shorter the session would last.


Jeffrey - where would I find the menu item that I could then alter from agressiv to main?!


Kind Regards

Florian







Update:

Hello Jeffrey - I found the Exchange Mode in the IKE-Policies site - it was/is on "Main Mode"! So - what would you recomend next?!

Actions

This Discussion

Related Content