Remote Desktop on XP-Pro not working over VPN any longer?

  • Thread starter Thread starter Bo Berglund
  • Start date Start date
B

Bo Berglund

I have a strange problem:
For a long time I have been connecting regularly to the company LAN
via VPN over the Internet (Microsoft PPTP tunnel). Then I have been
able to use the Remote Desktop on a few of the PC:s on the LAN just
fine.
Lately this has stopped working for some unknown reason, what happens
is that as soon as I click the Connect button there is network
activity over the VPN (can be viewed in the tray icon) and the outer
border of the window where the session will be located comes up.
Then the network activity over VPN stops and after about a minute
delay there is an error message about inability to connect.

All other functions I have tested over VPN work fine, like using
shares on the servers and connecting to other resources on the LAN.

I tried to fix this yesterday and went as far as attaching my home PC
(a new DELL with XP-Pro and SP2) to the company domain (I am a domain
admin) and then logging on to the PC as my domain user with dialup
login via VPN. This worked fine (but slow).
Then I tried the Remote Desktop and actually managed to make a
connection as was previously possible. So I thought I had nailed it!

Then I went ahead and migrated my local profile to the domain profile
in order to access all my usual stuff in the common places.

Now again the Remote Desktop does not work...

And I have the same problem from a laptop that I have not done
anything on, previously I had RD access but not any longer.

Finally, on my home LAN I have a W2000 server which I access using
Remote Desktop. This works just fine all the time, even now from the
domain account on my new PC. So I guess that the problem is not really
on my local PC, right? But why did it work transiently yesterday?

What could be the problem, where do I start looking?
It is so confusing....

Grateful for any hints at all.

/Bo

Bo Berglund
bo.berglund(at)nospam.telia.com
 
Bo Berglund said:
I have a strange problem:
For a long time I have been connecting regularly to the company LAN
via VPN over the Internet (Microsoft PPTP tunnel). Then I have been
able to use the Remote Desktop on a few of the PC:s on the LAN just
fine.
Lately this has stopped working for some unknown reason, what happens
is that as soon as I click the Connect button there is network
activity over the VPN (can be viewed in the tray icon) and the outer
border of the window where the session will be located comes up.
Then the network activity over VPN stops and after about a minute
delay there is an error message about inability to connect.

All other functions I have tested over VPN work fine, like using
shares on the servers and connecting to other resources on the LAN.

I tried to fix this yesterday and went as far as attaching my home PC
(a new DELL with XP-Pro and SP2) to the company domain (I am a domain
admin) and then logging on to the PC as my domain user with dialup
login via VPN. This worked fine (but slow).
Then I tried the Remote Desktop and actually managed to make a
connection as was previously possible. So I thought I had nailed it!

Then I went ahead and migrated my local profile to the domain profile
in order to access all my usual stuff in the common places.

Now again the Remote Desktop does not work...

And I have the same problem from a laptop that I have not done
anything on, previously I had RD access but not any longer.

Finally, on my home LAN I have a W2000 server which I access using
Remote Desktop. This works just fine all the time, even now from the
domain account on my new PC. So I guess that the problem is not really
on my local PC, right? But why did it work transiently yesterday?

What could be the problem, where do I start looking?
It is so confusing....

Grateful for any hints at all.

/Bo

Bo Berglund
bo.berglund(at)nospam.telia.com
Click to expand...

Have you tried running Remote Desktop directly, without setting
up a VPN? All you need is a tunnel through your company firewall
that directs port 3389 packets to the correct internal IP address.
 
Have you tried running Remote Desktop directly, without setting
up a VPN? All you need is a tunnel through your company firewall
that directs port 3389 packets to the correct internal IP address.
Click to expand...

That is unfortunately not a real option for me. We have had all kinds
of Internet attacks on our network over the years and finally when we
set up a Symantec Raptor firewall we got some peace from that.
The VPN tunnel is served by a dedicated W2000 server inside the
network that handles PPTP calls. These are channeled through the
firewall to the server. That is how we get on our network using VPN.

In order to open up a new port in Raptor I must first get on the
network to a specific workstation via Remote Desktop so I can get at
the management console installed there. Obviously this is not possible
now.

So I am left with trying to restore the previous functionality, which
for some unknown reason has stopped working properly.
Strangely the remote desktop call starts to work in the beginning
because one will not even get the inital window set up unless the
client and server are communicating. But then nothing is filled in on
the window....

I have now tested to remove my domain profile and then logging in
again using VPN dial-in as authentication to get a "clean" profile.
With this I am able to start a RD session, but about a minute after
the desktop has been painted the network connection is again gone and
no more interaction is possible....


Bo Berglund
bo.berglund(at)nospam.telia.com
 
Bo Berglund said:
That is unfortunately not a real option for me. We have had all kinds
of Internet attacks on our network over the years and finally when we
set up a Symantec Raptor firewall we got some peace from that.
The VPN tunnel is served by a dedicated W2000 server inside the
network that handles PPTP calls. These are channeled through the
firewall to the server. That is how we get on our network using VPN.

In order to open up a new port in Raptor I must first get on the
network to a specific workstation via Remote Desktop so I can get at
the management console installed there. Obviously this is not possible
now.

So I am left with trying to restore the previous functionality, which
for some unknown reason has stopped working properly.
Strangely the remote desktop call starts to work in the beginning
because one will not even get the inital window set up unless the
client and server are communicating. But then nothing is filled in on
the window....

I have now tested to remove my domain profile and then logging in
again using VPN dial-in as authentication to get a "clean" profile.
With this I am able to start a RD session, but about a minute after
the desktop has been painted the network connection is again gone and
no more interaction is possible....


Bo Berglund
bo.berglund(at)nospam.telia.com
Click to expand...

Your reply implies that you cannot go to the office to sort things
out. Is there someone at your office who can install some software
on a workstation under your instructions?
 
Your reply implies that you cannot go to the office to sort things
out. Is there someone at your office who can install some software
on a workstation under your instructions?
Click to expand...

Yes, I am quite a bit remote from the office. In fact the office is in
Austin, Texas and my own location is in Sweden. I'd say we are talking
about 5000 miles away...

Sometimes there are people who are qualified in the office, and they
could probably install stuff on my instructions.
But the issue here is that it looks like a network problem....

When I use a brand new laptop (just did so) which belongs to a totally
different domain and do the following I still get problems:
- Create a VPN dialup profile
- Use it to log on as the domain user to the network
- Start the remote desktop session
- Now the logon screen appears (better than on the other PC:s)
- I log in as the domain user and the desktop is painted
- But the window does not accept any mouse clicks or anything like
that and after a while the little "network problem" image briefly
appears a few times, but still no interactivity.
- When I look in the VPN packet statistics I can see that there are
actually very small amounts of traffic going between the RD server and
my PC over VPN. Should be much more because of the desktop etc.

So I am still stumped.

/Bo

Bo Berglund
bo.berglund(at)nospam.telia.com
 
I received a solution for this problem in the win2000.ras_routing
group. What apparently is needed is to reduce the MTU of the PPP
connection to a lavel that will not fragment packets.
The procedure is described here:
www.chicagotech.net/vpnissues/vpndorp1.htm

After setting it to 1200 (started out at 1300) and restarting my
client machine I get again immediate connections to the Remote
Desktop.


Bo Berglund
bo.berglund(at)nospam.telia.com
 
Bo Berglund said:
I received a solution for this problem in the win2000.ras_routing
group. What apparently is needed is to reduce the MTU of the PPP
connection to a lavel that will not fragment packets.
The procedure is described here:
www.chicagotech.net/vpnissues/vpndorp1.htm

After setting it to 1200 (started out at 1300) and restarting my
client machine I get again immediate connections to the Remote
Desktop.


Bo Berglund
bo.berglund(at)nospam.telia.com
Click to expand...

Thanks for the feedback.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN server without domain controller 0
Remote Desktop bombs out when i connect over VPN 1
Remote Desktop over SSL VPN Problem 1
SSH over VPN? 4
Remote Desktop over VPN Connection 8
XP SP3 and VPN 5
XP Home VPN/Remote Desktop Will Not Connect 8
Printing Data From Remote PC Using Remote Desktop? 3

Back
Top