No Connection via VPN

G

Guest

Hell

i'm experiencing a really big problem with our terminal services.
One of our branch offices is connected to our company via VPN. The VPN was established by another Company and is nearly invisibly to us. The VPN ends in the DMZ and the Data that comes through have to pass our firewall (Symantec). The Routes to us and back to the branch offices are set on all devices that are participated. All Rules on the Firewall are cerefully set. But when the Clients (HP T5300 Thin Clients) in the branch office are trying to connect to the Terminal Servers, it always fails. They can ping our Servers and i can ping them, i can reach the Printservers via http, everthing looks good except the RDP Connection. While the Clients are trying to connect, the Firewall shows an established Connection, from those Clients to the Terminal Servers. But the funny thing is, when i put one of those Thin Clients in the DMZ it works fine, without a problem. RDP via Dial Up Connection runs also fine

Thanks for Your hel

Thil
 
M

Marc Reynolds [MSFT]

Sounds like the firewall is blocking TCP port 3389. From a client try to
telnet on port 3389 to the terminal servers "telnet <terminal server> 3389"

--

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.


jim said:
Hello

i'm experiencing a really big problem with our terminal services.
One of our branch offices is connected to our company via VPN. The VPN was
established by another Company and is nearly invisibly to us. The VPN ends
in the DMZ and the Data that comes through have to pass our firewall
(Symantec). The Routes to us and back to the branch offices are set on all
devices that are participated. All Rules on the Firewall are cerefully set.
But when the Clients (HP T5300 Thin Clients) in the branch office are trying
to connect to the Terminal Servers, it always fails. They can ping our
Servers and i can ping them, i can reach the Printservers via http,
everthing looks good except the RDP Connection. While the Clients are trying
to connect, the Firewall shows an established Connection, from those Clients
to the Terminal Servers. But the funny thing is, when i put one of those
Thin Clients in the DMZ it works fine, without a problem. RDP via Dial Up
Connection runs also fine.
 
G

Guest

hello

The firewall is not blocking the TCP Port 3389, because when the Thin Clients operates within the DMZ it works, and when the thin clients are operating in the Branch Office the Firwall shows established Connections and the logfiles shows neither blocked nor dropped packets.

Thanks

Thilo
 
M

Marc Reynolds [MSFT]

Hello

It appears from the information you have given that the branch office
clients get as far as the firewall, but not to the terminal servers, so
either the firewall is blocking the packets or something between the
firewall and the terminal servers is blocking them. Did you test with telnet
per my previous reply?
Check netstat -an on the server when a client attempts to connect and see if
a tcp port 3389 connection is established. If not the packets are not making
it to the server.

--

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.


jim said:
hello

The firewall is not blocking the TCP Port 3389, because when the Thin
Clients operates within the DMZ it works, and when the thin clients are
operating in the Branch Office the Firwall shows established Connections and
the logfiles shows neither blocked nor dropped packets.
 
G

Guest

hi,
we found the problem, the firewall has caused it. we had to set the MTU Size manually to 1300 on both interfaces and everything goes wel

regards
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top