Watchguard SSL MUVPN Cannot connect to terminal server

Posted on 2011-10-18
Last Modified: 2012-05-12
I have setup one of my users to dial into our network using Watchguards SSL MUVPN.
We Have an XTM 505 using system manager 11.4. Our client machine is windows 7 professional. the client connects ok and shows an allow response to rdp/tcp traffic , netbios-ns/udp traffic, ntp/udp , loc-srv/tcp  traffic the user can log into all the resources on the network except annoyingly the one piece of infrastructure they need to access - i.e. the terminal server. No denies are shown in the WG log but the Remote desktop connection is refused. I can connect to the terminal server with the same profile using the standard MUVPN client.  We have 75 SSL Client licences which we will not be able to use if I cannot resolve this issue.

Any help would be much  appreciated.
Thanks for  viewing this article.

Question by:rabpwh1000
    LVL 32

    Accepted Solution

    If client is accessible through MUVPN then I would doubt the policy allowing access to SSL client being the culprit.
    Another thing to check would be the IP subnet of the client when they connect through MUVPN and through SSL; if different then check does this cause different firewall policies to get enforced.

    Please provide details on both above and we can assist you further.

    Thank you.
    LVL 32

    Expert Comment

    Read>>> If client is accessible through MUVPN
    as>>>> If terminal server is accessible through MUVPN
    LVL 14

    Expert Comment

    You could enable logging for allowed packets on the "any rule" for ssl, this way you can see if rdp is coming through.
    to enable: open policy-->>properties-->logging-->chck the "log allowed packets" thick

    Author Closing Comment

    Thanks for taking the time to help me with this one. The problem was related to an old mcafee SaaS firewall rule being inadvertently left on the system.

    Thanks again guys - your comments helped me greatly

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
    If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
    Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now