[Vpn-help] Problem with VPN and RDP

Matthew Grooms mgrooms at shrew.net
Wed Aug 19 12:54:56 CDT 2009 

Emmanuel Andry wrote:
> Le mardi 18 août 2009 à 23:29 +0200, Martin Zürcher a écrit :
>> Hi Matthew
>>> Martin Zürcher wrote:
>>>> Hello list
>>>>
>>>> I have a VPN connection from Shrew Soft VPN Client (2.1.4-release /
>>>> 2.1.5-rc-2 on WinXP) to a D-Link DFL-200 Firewall (ipsec with preshared
>>>> keys). The connection works basically fine, so I can ping every host in
>>>> the remote Net, VNC connections works also without any problems to every
>>>> tested host (a few clients and two servers incl. terminal server) and
>>>> also connecting with net shares (samba) works correct.
>>>> The only thing that not works, is the RDP connecting for remote desktop
>>>> (Terminal Server). All tries to connect the terminal server results in
>>>> "connection timed out" / "No answer from server".
>>>>
>>>> The strange thing: The RDP connections works fine when I connect the VPN
>>>> with the NCP Secure entry client instead of the shrew soft client. I
>>>> compared a lot of things from NCP to shrew and the only one difference
>>>> I've found was an additional entry in the routing table, generated by
>>>> NCP client (local adress 192.168.20.10, remote net 192.168.10.0)
>>>>
>>>> shrew soft:
>>>> 192.168.10.0    255.255.255.0     192.168.20.10    192.168.20.10
>>>> NCP:
>>>> 192.168.10.0    255.255.255.0     192.168.20.10    192.168.20.10
>>>> 192.168.10.0    255.255.255.0     192.168.20.11    192.168.20.10
>>>>
>>>> I'am not shure about the causality of that difference but as I said,
>>>> this is the only one difference I've found.
>>>>
>>>> Any (other) ideas?
>>>>
>>> A few questions. Can you ping the host you are trying to RDP to? Have
>>> you tried using the IP address rather than the name for RDP and does
>>> that make any difference?
>> Yes, I can ping the TS-host (like every other host) over the hostname
>> and over the IP-Adress to. There is no difference between the two ways,
>> same latency etc.
>> As I told, the TS-host is also reachable with VNC  but not via RDP and
>> with the NCP client RDP works fine to. That's what I mean with "strange";-)
>> I tried a few hours with many different configuratons , so I can provide
>> a lot of informations - what ever you need;-)
>>
>> Thanks
>> Martin
> 
> Hi,
> 
> have you got vpn compression enabled ? I had the same issue (but with
> another VPN client). I could do everything but connect in RDP to a tse
> server. I had to disable compression.
> Hope that will help...
> 

Martin,

You could also try to reduce the MTU on your virtual adapter by a few 
hundred bytes.

-Matthew

More information about the vpn-help mailing list