Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
2
Replies

Intermittent/flakey outbound RDP connections from behind a PIX501

vantage
Level 1
Level 1

‎07-28-2008 04:55 PM - edited ‎03-11-2019 06:21 AM

I'm having a problem connecting to Terminal Servers or Remote Desktop computers from behind a PIX501.

If you look at the config of the PIX501, we have incoming RDP and LPD printing which works fine. And outgoing (from LAN2, behind PIX) POP3, SMTP and DNS all work fine, but outgoing RDP does not.

Please take a look at the attached JPG of the network layout.

I can access "3rd Party TS servers" consistantly from :

1) various (5+) XP or 2003 machines on various networks / ISPs

2) machines on LAN1

but not from machines on LAN2.

Occasionally it works, but more often that not I can't connect and recieve the standard "This computer can't connect to the remote computer. Please try again".

All the machines in LAN2 have RDP client v6.0. I have tried reseting the PIX to factory default also.

So my question is, Why am I unable to reliably connect to Terminal Servers from machines in LAN2 via the PIX501?

Labels:
Preview file
6 KB
Preview file
60 KB
0 Helpful
2 Replies 2

robertson.michael
Level 3
Level 3

‎08-15-2008 06:10 PM

Hi Simon,

A couple of questions regarding this issue:

1. Are any syslogs generated during a time when an RDP connection fails?

2. Does 'show xlate debug | i ' show any strange xlates getting built during the time of the problem? If you do a 'clear xlate' and re-try the connection, does it work?

3. Does 'show interface | i error|proto show any interface errors? If so, are these counters increasing?

4 Are you doing any load balancing between the client and the RDP server?

5. Can you gather simultaneous, bi-directional packet captures on both sides of the PIX for a failing RDP connection?

-Mike

0 Helpful

vantage
Level 1
Level 1
In response to robertson.michael

‎08-16-2008 05:31 PM

Hi Mike,

I ended up sorting this out. The Linksys Modem/Router we're using doesn't like PAT, but with NAT configured on the PIX everying works A Ok.

Thanks for your response.

Simon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card