Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

remote desktop through ASA5510

Hi all, I have a problem to connect to a pc behind an ASA 5510 either with remote desktop or with vnc. When I try, connection disconnects frequently, sometimes after few seconds, sometimes after 2 minutes. I've controlled log of ASA and I think it is the cause of these difficulties. Rules are ok, my pc can access with all ip protocols.

7 REPLIES
New Member

Re: remote desktop through ASA5510

Hello,

Do you have on a linux or bsd gateway on the path between you and the remote pc ?

It could be the source of the problem with RST your remote desktop/vnc connections.

New Member

Re: remote desktop through ASA5510

Thank you for your answer.

No, I have Windows XP on both pcs. I didn't write that I pass through a FWSM and the ASA 5510; if I consider FWSM, my pc is on an interface more secure than the interface where the ASA is. I tried to connect to a pc which was behind FWSM and I didn't have any problem. This is the reason why I think the problem is caused by ASA.

Re: remote desktop through ASA5510

gdspa,

You can take captures directly on the ASA interfaces to review the communication between your RDC client and server.

When you say that the PC disconnects after a certain amount of time, you should be clear, at that point, that your issue is not related to ACLs, NAT, or anything else hard-configured on the device.

So what's left? You have connection timeouts, which, while not dynamic, are variable. Then you have inspects, of which we have none for RDP.

What should you gather? Captures on the ASA interfaces related to the client and server, plus syslogs surrounding the entire communication.

Here is the section of the command reference pertaining to the capture command:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c1.html#wp2090739

You can pull these captures off by copying them as you would copy any other file - with one addition, the /pcap argument.

Assuming you have a capture named in_cap:

copy /pcap capture:in_cap tftp:

or via HTTPS as follows:

https:///capture/in_cap/pcap

Thanks,

-=Blayne

New Member

Re: remote desktop through ASA5510

I exclude timeouts could be the reason, I don't always have the same behaviour, sometimes I can't connect at all, other times I connect for 10 seconds or for a couple of minutes. I read that other people had some problems using rdesktop through ASA. Don't you think it could be a bug in the firewall?

Re: remote desktop through ASA5510

A bug is always possible, and it is also always the last resort. Before we can make any logical conclusions about why something is happening, we need to gather data to know exactly what is happening. Captures and syslogs are the tools that can help us to answer the "what" first, and then the "why."

New Member

Re: remote desktop through ASA5510

In the log of ASA I find this line when the connection stops:

6 Jan 04 2008 13:16:01 302014 PC-B PC-A Teardown TCP connection 1554559 for ospiti:PC-B/3390 to inside:PC-A/2921 duration 0:00:27 bytes 490314 TCP Reset-I

I read that TCP Reset-I means that one of the 2 pcs sent a packet which caused the disconnection.

Is it right?

Re: remote desktop through ASA5510

It means that a Reset was seen on the higher security interface (I=inside) for this connection.

802
Views
0
Helpful
7
Replies
CreatePlease to create content