RDP over IPSec fails

Discussion in 'Hardware' started by rsscp1, Mar 16, 2008.

  1. rsscp1

    rsscp1

    Joined:
    Mar 16, 2008
    Messages:
    1
    I have a weird problem and I can't seem to figure out what's going on.

    I have two customers. For one of them, I have configured an IPSec tunnel between an ISA Server and a Cisco 877. For the other one, I have configured an IPSec tunnel between two Cisco 877 routers.

    At customer one, I can start an RDP session from the Cisco site to the ISA site, but fails from the ISA site to the Cisco site.

    At customer two, RDP fails in both directions.

    I have done a capture of the traffic between the sites. What I noticed is that when I try to establish the RDP connection, the client computer sends a SYN, ACK, the server receives this packet and responds with an ACK, but the ACK never reaches the other side of the tunnel.

    I have searched the internet for clues, but most articles and forum posts I have found suggest MTU/packet size/fragmentation problems. The reason I don't think my problem has anything to do with those, is that the size of the beforementioned ACK packet is only about 64 bytes.

    I have tried to figure out what the Cisco router does with the packet, but I don't really know which debug commands to use. (I tried debug ip packet <# of acl> and debug crypto ipsec, but they don't provide useful information.) Can anyone recommend debug commands that may provide clues as to what might go wrong?

    If anyone has any ideas or suggestions, I'd be very happy to hear them.
     
    rsscp1, Mar 16, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AM
    Replies:
    1
    Views:
    606
  2. AM
    Replies:
    0
    Views:
    483
  3. Curt
    Replies:
    7
    Views:
    693
    notaccie
    Jul 6, 2007
  4. =?ISO-8859-15?Q?Alexander_Gr=FCmmer?=

    RDP fails on IPSec Tunnel

    =?ISO-8859-15?Q?Alexander_Gr=FCmmer?=, Jun 9, 2007, in forum: Cisco
    Replies:
    2
    Views:
    1,413
    QoS@domain.invalid
    Jun 9, 2007
  5. Theo Markettos

    VOIP over VPN over TCP over WAP over 3G

    Theo Markettos, Feb 3, 2008, in forum: UK VOIP
    Replies:
    2
    Views:
    1,061
    Theo Markettos
    Feb 14, 2008
Loading...

Share This Page