Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2154
Views
0
Helpful
7
Replies

BUG: RV042 (1.3.12.19-tm) not ready for Win7 RDP ?

NISITNETC
Level 1
Level 1

‎08-22-2012 11:25 PM

Hello,

we used a CISCO RV042 with Firmware version:  1.3.12.19-tm  (CPU: Intel IXP425-266, DRAM: 32M, Flash: 8M) with a  "Gateway to Gateway" VPN Tunnel connected to a CISCO1921/K9-SEC with ZBF. The  Tunnel works fine.

A connection to a WinXP (Professional) RDP works permanent. Then we had to connect to a Win7 (Professional) RDP: the  connection was established, but is canceled with different  error-messages by the "RDP-Server" on the "RV042 LAN". Problems with the  host-cert or RDP-Server not ready was announced. (???) We started a trouble-shooting on both sides and can't find a clear statement in the log-data on CISCO or Windows Harwdare.

Then we replaced the RV042 with a RV042G V01 with Firmware version: 4.2.1.02 -

No problems with RDP to Win7 RDP anymore !

We only chnaged the hardware - VPN configuration on CISCO1921 and RV042G was not changed.

Is RV042 (1.3.12.19-tm) not ready for Win7 RDP ?

Grüße

Stefan

Labels:
0 Helpful
7 Replies 7

dondersconsulting
Level 1
Level 1

‎08-30-2012 09:14 PM

it works fine with Server 2008R2 RDP, which should be same as Win7.  Are you connecting the RDP session through the VPN?  If so, I'm not sure why the RV042 would have anything to do with the RDP session.   If you are connecting directly through the internet using Forwarding or UPnP, then it should work fine. 

The only thing that throws a flag for me is the certificate message.  The RV042 uses an SSL cert for various things, but there is no clear way to refresh this cert when it gets corrpted.  For some reason it is hidden in the VPN client setup - look for the button at the bottom that says "Generate" - use this to create a new certificate, then save the settings and reboot the router.

I'm not sure that this is the issue, but it shouldn't hurt anything to reset the certificate.  If you have a valid signed certificate to import, that might be even better.

0 Helpful

NISITNETC
Level 1
Level 1
In response to dondersconsulting

‎08-30-2012 11:23 PM 

dondersconsulting schrieb:
it works fine with Server 2008R2 RDP, which should be same as Win7.

You are using a IPSec Tunnel to an RV042 (not the Client feature!) and you can connect to an Server 2008R2 to RDP trough the tunnel ?

dondersconsulting schrieb:
Are you connecting the RDP session through the VPN? If so, I'm not sure why the RV042 would have anything to do with the RDP session.

Yes, we are connecting via IPSec from a CISCO1921 to the RV042. I think that the RV042 has problems with it's own Stateful Firewall related to the local routing throug the IPSec tunnel. In this case the RDP protocol has changed on the Microsoft side from to .

dondersconsulting schrieb:
If you are connecting directly through the internet using Forwarding or UPnP, then it should work fine.

Thats not our setup and is far away from any security policies on our side ...

dondersconsulting schrieb:
The only thing that throws a flag for me is the certificate message.  The RV042 uses an SSL cert for various things, but there is no clear way to refresh this cert when it gets corrpted.  For some reason it is hidden in the VPN client setup - look for the button at the bottom that says "Generate" - use this to create a new certificate, then save the settings and reboot the router.
I'm not sure that this is the issue, but it shouldn't hurt anything to reset the certificate.  If you have a valid signed certificate to import, that might be even better.

The Certs you discribe are going with the "Client To Gateway" feature and we are using "Gateway To Gateway" feature.

I think the RV042 is working fine with the IPSec-Tunnel Feature "Gateway To Gateway". It works fine with WinXP Hosts connecting RDP through the tunnel - but using Win7 RDP the RDP Sessiopn breaks with all avaiable Error Messages in a random output on any Win-Client (WinXP and Win7) - we teste with 5 ! different machines ...

I looks like Firewall Bug on the RV042.

0 Helpful

dondersconsulting
Level 1
Level 1
In response to NISITNETC

‎08-31-2012 11:51 AM

I use an RV082 (v1) and my client has an RV042 (v1) with firmware 1.3.12.6-tm.   I have not had a reason to upgrade their firmware and have had problems with Cisco's newer firmwares on RV042 and especially v2 firmware on RV082's.  

I just established a Gateway-Gateway VPN between the RV042 and RV082 with following settings:

- both sides are IP only authentication

- Phase1 and Phase 2 settings are [Group2 / 3DES / MD5], with a 16-digit Preshared Key

- Advanced settings I have checked [Compress, Keep-Alive, NetBIOS broadcast, Dead Peer Detection]

I was able to connect Remote Desktop from my PC (Windows Vista) to their server (SBS2011) without any issue.

Also connected from my laptop (Windows 7 x64) to their server without any issue.

I used the LAN IP address of the remote server to connect (192.168.2.1)

** a note about the SSL certificate.  It is NOT in the "Client to Gateway" feature.  It is in the "VPN Client Access" feature, which is completely different.  My point is that it uses this certificate for all SSL communications to the router, including the web administration.  Generating a new certificate or importing a trusted one will refresh the SSL certificate for everything in the router.  Again, I don't see how this could be causing your problem, but the default certificate can get broken during firmware upgrades and needs to be re-generated.  Your new RV042G probably came out of the box with a good certificate.  It's worth a try, at least.

0 Helpful

NISITNETC
Level 1
Level 1
In response to NISITNETC

‎03-23-2013 11:32 AM

This threat can't be closed sucessfull ...

8 month later we have the same problem with an other RV042 with the same firmware. Sorry, but this seems to be a real firmware bug. We are using the new RV042G at all locations now. We are not opening a TAC or will put more energy to a bug report. Maybe someone has time to complete this if the problem appears ...

0 Helpful

linksysinfo
Level 4
Level 4
In response to NISITNETC

‎03-23-2013 05:06 PM

What version of RDP are you using? if you use the RDP Client from XP (v6) it should work. Vista and Windows 7 use a newer version of mstsc.exe (v6.1) that checks for authentication

Regards Simon
http://www.linksysinfo.org

Regards Simon
0 Helpful

NISITNETC
Level 1
Level 1
In response to linksysinfo

‎03-26-2013 05:34 AM

If destination is Win7 with the new RDP-Server it breaks - client version doesn't matter ...

0 Helpful

SamirD
Level 5
Level 5
In response to NISITNETC

‎04-01-2013 02:59 PM

So what are you doing with your old rv042s?  Because I need one.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents