Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Can't establish RDP connection over IPSec L2L VPN

Hello,

Got 2 ASA 5505 connected to each other via L2L IPsecVPN. I can RDP a server from my remote location to HQ site but cant RDP from HQ to remote site. VPN is up and running ok. I can ping any server from both sites. I have attached running configs from both ASA5505. Public IP Address and relevant names on the configuration were omitted. Any feedback is highly appreciated.

Thanks,

udimpas

2 REPLIES
New Member

Re: Can't establish RDP connection over IPSec L2L VPN

windows firewall would have got RDP out of its exeption list. As soon as we checked the box you would be able to connect.

New Member

Re: Can't establish RDP connection over IPSec L2L VPN

You shouldn't need to add the explicit line for RDP as it will be covered by the IP line you have:

access-list outside_1_cryptomap_1 extended permit ip inside 255.255.255.0 172.16.1.0 255.255.255.0

Its difficult to read this you have cut the access-group statement from the remote site config.

try adding

access-list inside_access_in extended permit tcp any any eq 3389

to the HQ firewall.

I believe there is a sysopt command that allows you to bypass these lists for site-site vpn but never quite got it to work myself.

Do you get any syslog error messages, these can be helpful.

601
Views
0
Helpful
2
Replies