<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 17/06/2018 7:13 AM, Yury Kolos
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAEdtFYNEskZqBY5k+tVX7rb2Lb2RY-ajthGOqb6Tv_CfvMyfWA@mail.gmail.com">
<div dir="ltr">
<div>Hello, Peter</div>
<div><br>
</div>
<div>I know that 192.168.111.250 is LAN IP of my remote server
(in office network). I use ShrewVPN from my home.</div>
<div> I have a lot of RDP servers and I don't want to port
forward they all. That why I need VPN solution.</div>
<div><br>
</div>
<div>
I guess you had not understood this issue.</div>
<div><br>
</div>
<div>See below:</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>"ShewVPN" + "Remote Desktop App" + "LAN IP of remote
RDP-server" = <span style="color:rgb(255,0,0)"><b>ISSUE</b></span>
(cannot connect).</div>
<div>
"ShewVPN" + "RDP-client (mstsc)" + "LAN IP of remote
RDP-server" =
<span style="color:rgb(106,168,79)"><b>
OK</b></span>. <br>
</div>
<div>"Remote Desktop App" + "WAN IP of remote RDP-server" =
<span style="color:rgb(106,168,79)"><b>
OK</b></span>. <br>
</div>
<div>"RDP-client (mstsc)" + "WAN IP of remote RDP-server" =
<span style="color:rgb(106,168,79)"><b>
OK</b></span>.
<br>
</div>
</blockquote>
<div><br>
</div>
<div>Classic RDP client (mstsc) and Remote Desktop app use the
same TCP port 3389.</div>
<div>When I try Remote Desktop App through ShrewVPN I don't see
any attempts on my Cisco PIX debug logs. Classic RDP client
does <span class="gmail-pronunciation"><span
style="width:20px;height:17px" class="gmail-pbf_s"
id="gmail-speaker_on_tmf1_2"></span></span><span
class="gmail-ref_result">footstep</span><em
class="gmail-trsc"></em>s in Cisco logs.</div>
<div><br>
</div>
<div>I hope you can make conclusion from information above issue
in ShrewVPN software. <br>
</div>
<div>Debug logs<a href="https://blancos.info/debug.zip"
moz-do-not-send="true">: https://blancos.info/debug.zip</a></div>
<div><br>
</div>
<div>Thank you for your response!<br>
</div>
<div><br>
</div>
</div>
</blockquote>
<br>
It would seem your VPN tunnel is working just not the application.<br>
<br>
In Shrew VPN Debug Options, you could simply enable only "Enable
packet dump of private interface traffic" with a tick, restart the
Shrew IPSEC Service then re-establish your VPN tunnel.<br>
<br>
Using MSTSC connect to the RDP server then logging off.<br>
<br>
Using the RemoteDesktop App, attempt a connection. When the timeout
occurs, remove the tick from "Enable packet dump of private
interface traffic" and restart the IPSEC service.<br>
<br>
Examine the packet capture file looking for the connection using the
RemoteDesktop App, I expect you will see some packets relating to
connection establishment. If so, could your PIX be performing deep
packet inspection and blocking the connection!?<br>
<br>
Larry.<br>
</body>
</html>