I have been working on a client’s ASA 5510 v8.2(1) with setting up Anyconnect for the PC (domain and non-domain), Iphone/pad, and android, which in itself is pretty straight forward that I have done before for other clients. I am running into something strange when using RDP over the VPN and hope this makes sense to someone.
Anyconnect is setup with LDAP authentication, DAP to check a security group for the users allowed to connect, and the internet traffic is set to Tunnel All and is working correctly. When I test the VPN on a domain laptop with a separate internet connection from the office and logged in as a domain user I can ping and UNC by name and IP to computers inside, along with being able to RDP. I also test the VPN on an iPhone and android which can RDP to computer on the inside.
The problem is that sometime in the evening (anywhere from 6:30 to 10p) I am still able to connect to the VPN on iPhone, android, and a non-domain computer and ping and UNC, but cannot RDP to anything inside (made sure the systems I am trying do not sleep). Looking on the ASDM Real-Time Log Viewer I can see a built TCP for 3389 and then teardown. Even telnet <inside-computer> 3389 fails on the remote system.
However, when I log-in to the VPN on a domain computer as a domain user I can once again RDP to any computer and afterwards also once again able to RDP on the iPhone, android, and a non-domain computer over the VPN for a while and then stops after a period of time.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :