Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Remote Desktop does not work over VPN

Posted on 2006-10-19
8
Medium Priority
?
13,311 Views
Last Modified: 2013-11-21
Hi,

We have a partner that needs to remote desktop into one of our servers but for some reason it's not working. I think his company's network is blocking him from accessing our network via RDP.

We are currently using sonicwall global vpn client and sonicwall ssl web based vpn but neither are working. When he connect using the web base one, he's able to access the files on our file server but when he tries to launch a RDP session it just hangs there. As for the sonicwall global vpn client, he is not able to successfully connect using that vpn. Can someone tell me if rdp uses a different port when connecting via a web based vpn such as the sonicwall ssl vpn? And can someone explain why sonicwall global vpn is not working at all inside his network? Is there a way to give him RDP access via the sonicwall ssl vpn?

Thanks in advance for you help!!
0
Comment
Question by:hiephop
7 Comments
 
LVL 7

Expert Comment

by:knightrider2k2
ID: 17769621
RDP will always use port 3389. Check if there is a firewall policy in sonicwall vpn.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17769811
By default with the Sonicwall VPN all ports are open, unless someone has manually created rules to block specific services. However, one thought; if the Windows Firewall, or similar, is enabled on the server, you may need to edit the exceptions. When you enable remote desktop/terminal services the Windows firewall automatically creates a rule allowing access by the local LAN. Connections from outside the local network have to be manually allowed. To do so go to: control panel | windows firewall | exceptions | highlight remote desktop and choose edit | hight TCP/IP 3389 and choose change scope | change add an additional subnet or choose "any computer (including those on the Internet)"

Also if using server 2000 filtering may be enabled under advanced TCP/IP properties.
0
 

Author Comment

by:hiephop
ID: 17770433
I understand that RDP will always use port 3389 but I guess my question is for the partner's network. I know everything is working properly on ours because we've tested on several external sites and they all seem to work perfectly. My guess is that his network is blocking port 3389 from accessing the internet because he's able to terminal service into his internal servers just fine.

Another weird thing is that I've tried to duplicate the scenario by blocking all ports from access the internet at a remote site except for http and https (80 & 443)and tried using the sonicwall ssl vpn to connect to my network and then terminal service into one of my servers. This works fine at our remote test site. So I don't know what is blocking the access at his end.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Assisted Solution

by:abissa
abissa earned 150 total points
ID: 17772181
I have had this issue many times with Remote Desktop (or a Citrix client) which seem to be very sensitive to packet fragmentation. Try to find the maximal value of the MTU (Maximal Transmission Unit) by using the ping command from the remote client to your server server with the "-f" (do not fragment packet) and the "-l" (send buffer size) parameters until you get through with the maximum size which should be between 1200 and 1464. You can then add 28 (ping packet overhead) to the result you find which will give you the right value. Using a utility called "Dr. TCP" (http://www.dslreports.com/drtcp) you can change the MTU size to the value you've found. Dont't forget to reboot in order to enable the parameter change.

Hope this helps...

Jan
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 150 total points
ID: 17773060
Can you telnet out from the problematic site to port 3389 on a working site? Might confirm your thoughts.
0
 
LVL 8

Expert Comment

by:nitadmin
ID: 17778840
Most likely your Sonicwall Firewall or SonicWall SSL VPN appliance is not correctly configured, or both devices could be misconfigured.

Also if your remote user is connecting to Sonicwall SSL VPN appliance using his/her web browser, she/he needs to download and install either ActiveX or Java Applet for Remote Desktop.

Cheers,
NITADMIN
0
 

Expert Comment

by:mnatkin
ID: 25367730
I had the same problem  Sonicwall 3060 pro. Under the adavce configuration for the VPN policy uncheck
apply NAT and firewall rules to VPN.. This solved our problems with remote desktop and VPN

Matt
Natco Terminal Support
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question