RDP session dies when connecting to VPN

I'm RDP'd into a VPN when I connect to a Cisio VPN I lose my connection and have to log onto the console to disconnect before being able to reconnect.

Does anyone have any Ideas? I can provide more information if needed.
gmanInfrastructure Engineer Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Please provide more details.
Which kind of Cisco VPN? The legacy IPSec or AnyConnect (SSL)?
Do you start the Cisco VPN in the RDP session or on your client?

Most Cisco VPN connections are configured to redirect Internet traffic thru them, and to cut off any local access. That is probably the reason.
0
gmanInfrastructure Engineer Author Commented:
Connects over IPSEC / UDP

Is there a way to set static routes for all RDP traffic that wont be wiped when connecting to the VPN

Windows IP Configuration

   Host Name . . . . . . . . . . . . : VM01
   Primary Dns Suffix  . . . . . . . : domain.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.com

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Cisco Systems VPN Adapter for 64-bit W
ows
   Physical Address. . . . . . . . . : 00-05-9s-4t-44-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fr84:5t4f:f7d8:8c2f%22(Preferred
   IPv4 Address. . . . . . . . . . . : 192.168.1.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 369100186
   DHCPv6 Client DUID. . . . . . . . : 00-01-02-01-1C-F4-1F-2A-00-0C-29-58-29

   DNS Servers . . . . . . . . . . . : 10.1.1.3
                                       10.1.1.2
   Primary WINS Server . . . . . . . : 10.1.1.3
   Secondary WINS Server . . . . . . : 10.1.1.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connectio
   Physical Address. . . . . . . . . : 11-1E-29-38-19-59
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : ee30::2838:ced0:7aca:9884%11(Preferred
   IPv4 Address. . . . . . . . . . . : 10.15.1.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : fe80::8d08:4e40:71ca:8ab4%11
                                       10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234884137
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-r4-1F-3A-00-0C-59-44-12

   DNS Servers . . . . . . . . . . . : 10.0.2.1
                                       10.0.2.22
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Usually there is no way if split tunneling is prohibited. The VPN virtual NIC is in control of the network traffic, and denying further access if not via VPN.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Faruk Onder YerliOwnerCommented:
please check mtu size and packet fragmentation between two points.
use windows command line "ping [rdp address] -l 1500" if you can not ping you have to adjust mtu over VPN concentrator.
0
gmanInfrastructure Engineer Author Commented:
I don't have access to that, its a customer VPN so i've no admin rights to it. Any other Ideas?
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
As said, if the Cisco device does not allow, you can't trick it.
However, this seems to be a VM - maybe a VMware? The VM console still works.
0
gmanInfrastructure Engineer Author Commented:
Yes, vmware esxi. However the end users dont have access to the host or console.
0
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
If you are limited to using RDP (because you need multiple sessions), then "you can't do that" is the only answer.
VMWare Sessions can be deployed via Browser plug-in - that is what we do with such Cisco connections (we use the old VMWare Server 2 for that, because it is much more simple to use in this context).
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.