• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 207
  • Last Modified:

RDP session dies when connecting to VPN

I'm RDP'd into a VPN when I connect to a Cisio VPN I lose my connection and have to log onto the console to disconnect before being able to reconnect.

Does anyone have any Ideas? I can provide more information if needed.
0
gman
Asked:
gman
  • 4
  • 3
1 Solution
 
QlemoC++ DeveloperCommented:
Please provide more details.
Which kind of Cisco VPN? The legacy IPSec or AnyConnect (SSL)?
Do you start the Cisco VPN in the RDP session or on your client?

Most Cisco VPN connections are configured to redirect Internet traffic thru them, and to cut off any local access. That is probably the reason.
0
 
gmanInfrastructure Engineer Author Commented:
Connects over IPSEC / UDP

Is there a way to set static routes for all RDP traffic that wont be wiped when connecting to the VPN

Windows IP Configuration

   Host Name . . . . . . . . . . . . : VM01
   Primary Dns Suffix  . . . . . . . : domain.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.com

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Cisco Systems VPN Adapter for 64-bit W
ows
   Physical Address. . . . . . . . . : 00-05-9s-4t-44-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::fr84:5t4f:f7d8:8c2f%22(Preferred
   IPv4 Address. . . . . . . . . . . : 192.168.1.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 369100186
   DHCPv6 Client DUID. . . . . . . . : 00-01-02-01-1C-F4-1F-2A-00-0C-29-58-29

   DNS Servers . . . . . . . . . . . : 10.1.1.3
                                       10.1.1.2
   Primary WINS Server . . . . . . . : 10.1.1.3
   Secondary WINS Server . . . . . . : 10.1.1.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connectio
   Physical Address. . . . . . . . . : 11-1E-29-38-19-59
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : ee30::2838:ced0:7aca:9884%11(Preferred
   IPv4 Address. . . . . . . . . . . : 10.15.1.22(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . : fe80::8d08:4e40:71ca:8ab4%11
                                       10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234884137
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-r4-1F-3A-00-0C-59-44-12

   DNS Servers . . . . . . . . . . . : 10.0.2.1
                                       10.0.2.22
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
 
QlemoC++ DeveloperCommented:
Usually there is no way if split tunneling is prohibited. The VPN virtual NIC is in control of the network traffic, and denying further access if not via VPN.
0
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

 
Faruk Onder YerliOwnerCommented:
please check mtu size and packet fragmentation between two points.
use windows command line "ping [rdp address] -l 1500" if you can not ping you have to adjust mtu over VPN concentrator.
0
 
gmanInfrastructure Engineer Author Commented:
I don't have access to that, its a customer VPN so i've no admin rights to it. Any other Ideas?
0
 
QlemoC++ DeveloperCommented:
As said, if the Cisco device does not allow, you can't trick it.
However, this seems to be a VM - maybe a VMware? The VM console still works.
0
 
gmanInfrastructure Engineer Author Commented:
Yes, vmware esxi. However the end users dont have access to the host or console.
0
 
QlemoC++ DeveloperCommented:
If you are limited to using RDP (because you need multiple sessions), then "you can't do that" is the only answer.
VMWare Sessions can be deployed via Browser plug-in - that is what we do with such Cisco connections (we use the old VMWare Server 2 for that, because it is much more simple to use in this context).
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now