Remote Desktop Connections

Moderator: Securepoint

Gesperrt
ajl119
Beiträge: 160
Registriert: Do 21.06.2007, 19:05

Remote Desktop Connections

Beitrag von ajl119 »

Hello, I have found we have a problem with 'Remote Desktop Connection' through the Securepoint firewall.

For some reason any RDP sessions going through the Securepoint firewall die after a couple of minutes of no activity.

Thanks for your time

--------------

Hallo, ich habe festgestellt, wir haben ein Problem mit der "Remote Desktop Connection" durch die Securepoint Firewall.

Aus irgendeinem Grund alle RDP-Sitzungen durch das Securepoint Firewall die nach ein paar Minuten keine Aktivität.

Vielen Dank für Ihre Zeit

achim
Beiträge: 255
Registriert: Fr 09.03.2007, 11:42
Wohnort: Flensburg
Kontaktdaten:

Beitrag von achim »

maybe you are right and this error depends on the securepoint firewall.
i have discovered similar problems.

i think you have taken a look at your terminalserver-configuration (timeout limits and so on)...
perhaps you can take a look at your MTU. I do not know which provider and type of internet connection you use on both sides... if one of them is a pppoe-connection - try to set the MTU on the WAN-interface on the securepoint or the other router to 1492.

so far...

carsten
Beiträge: 644
Registriert: Fr 05.10.2007, 12:56

Beitrag von carsten »

Hi,

I guess if there are problems with MTU, a connection woudn't get connected.

Does the traffic go over 2 interfaces or is input and output the same interface? Multipathrouting?
There are 10 types of people in the world... those who understand binary and those who don\'t.

ajl119
Beiträge: 160
Registriert: Do 21.06.2007, 19:05

Beitrag von ajl119 »

Securepoint;
Hello, Thank you for your suggestions.

We do not use any PPP connections on our securepoint firewall. We only have Ethernet NICs which connect to internal switches, or external routers.

The PC I am trying to connect to is on the internal LAN and I have already set its MTU to 1400 (The MTU on the LAN NIC on the Securepoint firewall is 1500).


Update;
I have fixed the problem by setting Terminal Services to send keep alives and setting the TCP keep alive system properties;
HKLM\\System\\CurrentControlSet\\Control\\TerminalServer\\KeepAliveEnable=0x1(1) (DWORD)(Enable Terminal Services TCP keepalives)
HKLM\\System\\CurrentControlSet\\Services\\TCPIP\\Parameters\\KeepAliveInterval=0x3e8(1000) (DWORD)(Determines how often TCP repeats keep-alive transmissions when NO response is received)
HKLM\\System\\CurrentControlSet\\Services\\TCPIP\\Parameters\\KeepAliveTime=0x1d4c0(120000) (DWORD)(Determines how often TCP sends keep-alive transmissions when response received)
HKLM\\System\\CurrentControlSet\\Services\\TCPIP\\Parameters\\TCPMaxDataRetransmissions=0xa(10) (DWORD)(Determines number of dropped packets before session is deleted)


tcp_Sessions.reg (file)
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters]
"IPEnableRouter"=dword:00000000
"EnableICMPRedirect"=dword:00000001
"EnableDeadGWDetect"=dword:00000000
"EnablePMTUBHDetect"=dword:00000001
"EnablePMTUDiscovery"=dword:00000001
"KeepAliveInterval"=dword:000003e8
"KeepAliveTime"=dword:0001d4c0
"TCPMaxDataRetransmissions"=dword:0000000a

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server]
"KeepAliveEnable"=dword:00000001



Thank you for your help.

Gesperrt