×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

rdp and printing over vpn site to site

Unanswered Question
Jan 21st, 2007
User Badges:

Help! I have 2 877 routers connected using site to site vpn over adsl links. Everything seems to work fine (ping/telnet etc) except remote desktop will not establish a connection back to the main site and the 2003 Terminal server. There are no firewall issues etc and hopefully a clue for everyone is I can get 2 laptops to connect with rdp from the remote site but only if they have the cisco vpn client installed on them (other machine without vpn client doesn't connect).....something linked with DNE? MTU or MSS but do I have to make changes to both routers or only one?

Also HP 3800n printer at remote site will not work but I can ping it on the network and I can even http to the maintenance page it has and yes I can telnet to it on port 9100.

Thanks for your help - AG

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
m.sir Sun, 01/21/2007 - 23:46
User Badges:
  • Gold, 750 points or more

Ir really looks like MTU issue If you can ping but can't RDP it's because your traffic is larger than the MTU size permitted over the VPN...


On inside interfaces of both routers (LAN interface) enter:


ip tcp adjust-mss 1300

M.

Hope that helps rate if it does

alan.guilford Mon, 01/22/2007 - 04:43
User Badges:

Arrgh!! Thanks for the help - I did think that was the problem but now I've changed the mss to 1300 on both routers, the rdp has stopped working completely (with and without the vpn client installed) Printer does seem to work now though!!

Testing tunnel still comes back with add "crypto ipsec df-bit clear" to vpn interface but I have added this to both routers.......

alan.guilford Mon, 01/22/2007 - 05:45
User Badges:

Sorry, ignore last message. RDP was blocked by a rogue NAT rule setup ages ago. Strange the df-bit message still appears but conections are working.

Thanks for help - adjust-mss fixed the problem - AG

Actions

This Discussion