Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IPsec Remote Site VPN / RDP dropping

I'm having issues with users intermittently dropping RDP sessions when connecting through IPsec remote VPN.  The Windows RDP session seems to drop and re-connect.  I'd like to think it's not an issue on the firewall (ASA5540) because I don't see users dropping their active IPsec connection.  

Assuming that's the case, I don't know where to look beyond the firewall.  We aren't doing anything through GPO for RDP.  

Through research some suggest MTU size may be the issue.  My inside/outside interfaces are both set for 1500 and I'm not sure I want to change that. 

Does anyone out there happen to have any other suggestions on where to begin troubleshooting?

 

Thanks!

Everyone's tags (1)
9 REPLIES

Hey Eric-Owens,Please let us

Hey Eric-Owens,

Please let us know the firewall version ?

how frequent is this issue occurring ?

Please try to do continuous ping when you see the RDP reconnecting.

Is there any other rule/ access list for this mentioned RDP IP address ?

 

 

Pothen

  

 

New Member

 The firewall is an ASA5540

 

The firewall is an ASA5540 running 8.0(3).  

It happens periodically, and not every day.  

There is just one access list set for each remote VPN user.  The access list allows user from any source to only the specific destination IP.  

 

Yesterday when users were complaining about dropping RDP sessions I tested it for myself from an outside connection.  I did see the issue with RDP disconnecting and reconnecting.  I did a continuous ping to the destination and saw some latency (10 - 20ms response) but nothing too spectacular and never a time out.

 

 

 Hi,if it is not timing out

 

Hi,

if it is not timing out during continuous ping.then we will need to check in other aspects.

the latency that you mentioned looks ok which is between 10s and 20s.

you tried to ping the Remote machine with Hostname or its IP address ?

when this issue occurs next time try to trace route to the RDP Machine and see were excatly you see the latency or drop happening.

 

 

New Member

In the Event Viewer of the

In the Event Viewer of the Windows server, do you see any warning/error ? In the option of your mstsc.exe, do you use the Gateway ? Do you use a certificate on your Windows server for terminal services ?

New Member

Well the device users are

Well the device users are using RDP to is just a workstation (Windows 7 PC)  I'd mentioned that I tested it out myself to my PC.  I looked through the event viewer and I didn't see any warnings or errors, best I saw was informational of the connection made and connection terminated. 

 

Currently all connection settings in MSTSC are default including Automatically detect RD Gateway server settings.

New Member

Can you install wireshark on

Can you install wireshark on Windows 7, then you can run wireshark  and verify when the connection RDP stop.

New Member

That's the plan.  I've got it

That's the plan.  I've got it downloaded and ready to capture.  This has been a sporadic issue it's hard to nail down the issue until users start complaining.

New Member

In your asa, have you enable

In your asa, have you enable the log with facility information ? If yes, you must check if the connection RDP stoip with TCP-RST flag

New Member

I was pinging to the remote

I was pinging to the remote end via IP and not hostname.

 

I'll have to try a trace route next time and see if I notice an increase in latency.  The next hop inside is a 3750 stack that I've noticed is running a higher than normal CPU when these complaints come in so I'm wondering if that isn't the root of the problem.

748
Views
0
Helpful
9
Replies