Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

RDP connection keep disconnecting over site to site vpn tunnel

We have 2 sonicwall firewall and trying to access the server over the ipsec tunnel but rdp session is keep disconnecting.

Is there anything which need to check.

Category: Entry Level Firewalls
Reply
Tagged:

Answers

  • prestonpreston Enthusiast ✭✭
    edited February 4

    Hi @manish_pareek , this will be the TCP timeout on the firewall rule by default it is set to 15 mins you need to increase it, VPN to LAN and LAN to VPN rules. if it is the Global VPN it will be the rules which say VPN DHCP Clients

  • Even after changing timeout value 15 to 150, still same issue.

  • govi33govi33 Newbie ✭

    HI,

    I am also facing same issue since past 2 days.

    Using Global VPN client and HQ has site to site vpn between azure vm.

    User from Home get connected to HQ using Global VPN.

    When user does RDP, RDP disconnects and global VPN and stays on authenticationg screen for very long time


    Thanks

    Govi

  • MitatOngeMitatOnge Cybersecurity Overlord ✭✭✭
    edited February 5

    Hi @manish_pareek

    don't cahnge the tcp value. this value will decrease firewall performance. Please checkwith packet capture and logs. before log checking, change the log level information to debug. It will show problem details.

  • prestonpreston Enthusiast ✭✭

    @MitatOnge , what you are saying only refers to globally changing the TCP Timeout not on a per firewall rule basis, Changing the TCP timeout on a per rule basis is often needed especially with RDP and other software, and SonicWall recommends doing this as per their KB articles.

    @manish_pareek , also check that if using SSO on either end of the VPN that the VPN network is excluded under the SSO Exclusions.

  • MitatOngeMitatOnge Cybersecurity Overlord ✭✭✭

    Hi @preston

    Yes as you said, I'm saying globaly changing. If tcp value is changing globaly, performance will effect. also If there are a lots of rdp users and changing tcp value of rdp rule, this effect same to globaly performance.

    I think this problem is not about tcp or connection time out. If @manish_pareek share the packet capture files. we can check the drop code error and other errors.

  • govi33govi33 Newbie ✭

    @preston @manish_pareek


    Looks like something to do with LDAP. I am not sure if you have integrated SonicWALL with LDAP. I saw few errors related to LDAP when i did some packet capture. Jus to try to possibility, i have created sonicwall local user and used those credentials on users GVC client. I did not change any tcp value since this issue was not their before and recently we did not change any settings on SonicWALL.For past 3 years, this settings working wihout any problem.

    Thanks

    Govi

  • prestonpreston Enthusiast ✭✭

    @govi33 , which bit is taking time is it the authentication with GVC or is it the authentication to the RDP connection ? asking as the LDAP integration with the SonicWall is only used for the connection to GVC, you would need to do a packet capture in the Packet Monitor to see why the traffic is being dropped, also are the users using Wifi or a wired connection when this is tested?

  • govi33govi33 Newbie ✭

    @preston :- Global VPN gets stuck on Authenticating screen for about 30sec to 1 minute. So need to disabled it and enable it. If lucky gets conencted in 10 to 15 sec. Stays connected for 15 min and connection drops and we see authenticating message.

    Very strange that same thing happens on local Sonicwall users as well.

    Mostly this issue get worse on wifi so i have asked user to use wired connection. Monitoring the issue now and will update once i find something.

    Internet connection is stable. Without VPN connection works perfectly fine. I mean browsing and all works fine.


    Thanks

    Govi

  • prestonpreston Enthusiast ✭✭

    Hi @govi33, make sure you are on the latest firmware for your SonicWall and check you are using the latest GVPN Client which can be found below

    firmware if Gen6 is 6.5.4.9.93n, if Gen7 is 7.0.1-5050-R2374

    https://www.sonicwall.com/products/remote-access/vpn-clients/

  • govi33govi33 Newbie ✭

    Hi @preston ,


    All basic steps already performed now i am suspecting that something to do with Wireless Drivers since we saw that issue happens only on Wireless. Now i have unistalled and installed drivers, lets see what happens next.

    Thanks,

    Govi

  • prestonpreston Enthusiast ✭✭

    Hi @govi33 , you might find this is your issue with the GVPN with Wireless users we have had to run this on several sites, see below

    scroll down to Workaround #1 and run the cab file cssemerg11005

    https://answers.microsoft.com/en-us/windows/forum/all/wifi-issues-with-creators-update/4a20ba4f-33dc-4397-9823-e12dcb2607ba

Sign In or Register to comment.