I have a 5520 configured for IPSec nad SSL VPN. When clients connect using either mode, they connect fine.
I have 2 machines inside our corporate network that we allow access to RDP session at user's home as part of testing.
Basically, these 2 users leave their machine connected at their home via VPN. When they get to work, they RDP from work to the home PC. It works fine for IPsec clients. If they connect using SSL, rdp session timesout.
VPN pool IP is on the same subnet as inside interface. Clients get public IP from the VPN pool. Inside network, they get 10.x.x.x ip addresses. I have no nat configured for inside network to VPN pool ip addresses.
Here is the log
Built outbound TCP connection 8408 for outside x.x.231.78/3389(x.x.232.78/3389) to inside 10.28.16.151/4875 (10.28.16.151/4875)
Teardown TCP connection 8407 for outside x.x.231.78/3389 to inside 10.28.16.151/4875 duration 0:00:30 bytes 0 SYN Timeout
Do I need to do anything special if I need to allow this outbound RDP sessions if they connect using SSL?
The syslog message indicates the connection closed because the of SYN timeout. This tells the administrator that no application X server responses were received by the ASA. Syslog message termination reasons can vary.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...