Trying to remote desktop over IPsec tunnels

[Colin Swan]

We are setting up a network of Cisco routers that are connected to a
central hub using IPsec VPN tunnels. While we can ping the individual
LANs through the tunnels, we are not able to remote desktop to them.

For example, from the servers on the central hub, we can telnet to
port 3389 on 3 remote servers. However, when we try to remote desktop
to them, one just times out, and the other two connect, start drawing
the login box, then stop and pop up the "network problems" dialog.

All the servers involved work fine if you connect from within the same
LAN. Where a server has an external address that is NATed, that also
works fine, it appears to be just the connections via the VPN tunnels.

Pings via the VPN tunnels work fine, and there does not appear to be
any packet loss.

Firstly, are there any known issues using remote desktop over Cisco
IPsec VPN tunnels? This is the first time we have done this sort of
thing with routers, but have used PIX firewalls in a similar way
previously, with no problems.

If the consensus seems to be that it "should" work, then please let me
know what further info would be required to help diagnosis, and I'll
post it.

Thanks.

 

[Colin Swan]

We are setting up a network of Cisco routers that are connected to a
central hub using IPsec VPN tunnels. While we can ping the individual
LANs through the tunnels, we are not able to remote desktop to them.

For example, from the servers on the central hub, we can telnet to
port 3389 on 3 remote servers. However, when we try to remote desktop
to them, one just times out, and the other two connect, start drawing
the login box, then stop and pop up the "network problems" dialog.

All the servers involved work fine if you connect from within the same
LAN. Where a server has an external address that is NATed, that also
works fine, it appears to be just the connections via the VPN tunnels.

Pings via the VPN tunnels work fine, and there does not appear to be
any packet loss.

Firstly, are there any known issues using remote desktop over Cisco
IPsec VPN tunnels? This is the first time we have done this sort of
thing with routers, but have used PIX firewalls in a similar way
previously, with no problems.

If the consensus seems to be that it "should" work, then please let me
know what further info would be required to help diagnosis, and I'll
post it.

Update:

Have created a PPTP tunnel between the two routers and have found that
routing the return packets only back via the tunnel makes it work.