• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 747
  • Last Modified:

Help diagnose RDP connection DROP

Hello all,

We got a rack in a new datacenter, and we have setup a firewall from juniper and a secure access also from juniper, after installing the first w2k8 virtual machine on the DELL R510, we created the terminal services profile on SA2000.

Everything worked fine, on the first minutes, then the RDP started being dropped, sudden frozen and sometimes it recover the connection.

After a lot of testing, i tough the problme might be the SA2000 the problem, and i configured the RDP connection direct on the internet, configured the VIP services on the SSG140 firewall, worked fine for about 15-20 minutes, then again, froze and 2 minutes later, dropped the connection.

The only strange thing on the setup is that the datacenter, gave us 2 layers of external ip, because of a gateway problem, as this is my 3rd or 4th deployment, this is the first time i receive a ip in this situation, i think the only problem could be the ip range.

I need some help diagnosing this, kind of urgent.
0
manolocruz
Asked:
manolocruz
  • 5
  • 2
1 Solution
 
Lester_ClaytonCommented:
It definately sounds like a routing issue.

For troubleshooting do the following:

Take a traceroute showing the route as it works
Do a continuous PING to the IP Address (ping -t)
Take a traceroute showing the route when it fails

A Traceroute will show the path packets take when travelling from your machine to the destination.  Hopefully, it will identify which hop is failing.
0
 
manolocruzAuthor Commented:
you say traceroute from the firewall to the RDP? from the SA2000 (secure access SSLVPN) to RDP or from my local machine to the RDP?
because from the SA is just one hop, same thig from the firewall.
0
 
manolocruzAuthor Commented:
i noticed that the firewall is,from time to time, losing contact with the VIP i created for the rdp connection.

There is no TX RX errors on the SA2000 or SSG140 or on the switch.
No errors on event viewer.
Im affraid it could be something on the vmware esxi...
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Lester_ClaytonCommented:
I would suggest tracerting from your machine where you're trying to RDP from(local machine) - to the RDP server.

Doing a continuous ping would verify that you're losing communications.

Doing a traceroute will hopefully identify at which point the comms is being lost - either the VPN link itself or the ESXI server.

Is there also another machine you could ping over the VPN?  This will help rule out ESXi as being the culprit.
0
 
manolocruzAuthor Commented:
i noticed that pinging the ESXi from the virtual machine, it is losing about 7% of the ping, out of 600 tries.
I think this is too much.
0
 
manolocruzAuthor Commented:
problem was a trunk configured on the HP Switch, as soon as disabled a port on the switch, problem is gone.
0
 
manolocruzAuthor Commented:
After trying all other solutions, including test with vmware, juniper and HP, we were able to diagnose a problem trunk on the HP Switch
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now