Hi!
Maybe someone with more knowledge and experience could help me to discover this issue.
One colleague of my company has problems with the combination of forticlient and windows 2k12 r2 via rdp.
The connection is between Venezuela-Spain.
We have recently installed fiber optic, and the topology of the network is that we have 3 interconnected stars. The fortigate #F50E wit the v6.2.15 build1378 is in the center of one star and is connected by fiber to the second star by two fiber ports on LAG at 2Gbs and the server has two eth ports on team at 2 Gbs as well
The colleague tells me that he connects via forticlient, pings the server continuously and it responds but the moment he tries to establish a rdp connection he gets a timeout and can't connect.
Can anyone give me a clue why it may be happening?
Thank you very much
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @Jalonso-otazu
Are you using SDWAN, if this is the case, please check out the technical document below.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Solution-RDP-freezing-over-SSL-VPN-T...
BTW, what is the session timeout values configured in FortiGate ? You can also configured it per policy.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Session-timeout-settings/ta-p/191228
regards,
Sheikh
Hi @Sheikh
Thanks for reply me.
No, we do not use SD-WAN. I explained myself wrong, Our LAN has 3 main stars interconnected through fiber switches, from each fiber switch there are more connections to other switches.
I also mistakenly did not tell you that we use forticlient free.
How can I gather more information to find the right solution?
Thanks
Hi again @Sheikh
Whatching the video that the user sent me in the cmd console of his windows client pc says
Request timeout for icmp_seq13 and so on
Hello @Jalonso-otazu
Have you checked the session timeout value on the policy ? or the RDP session disconnected, right after VPN is established ?
Moreover, what the firewall logs shows when the end user tries RDP to server ?
BTW what is the output of following PowerShell command for testing connection from client machine ?
tnc XX.XX.XX.XX -port 389 <----------replace the XX with an IP address of RDP server and change the port if the server is set to respond on different RDP port.
regards,
Sheikh
Hi @Sheikh
I´m not a network expert, nevertheless I have been watching the FW logs. I´ll talk with the user and next monday i´ll continue with the post. Thanks
He has executed the cmdlet but this command is not very usefull, don´t you think...no much info.
Hello @Jalonso-otazu
At least we can see that the server is responding on port 3389, when the client tries to communicate. Have you tried updating Windows RDP client ? If not possible then I would suggest checking the firewall logs.
Moreover, is it only happening with one specific server via RDP or the result is same when try to RDP to any of the server, after connecting VPN ?
regards,
Sheikh
sorry for the delay, Hi @Sheikh
I think that on a windows 2012 r2 it is not possible to update the rdp, I will check it but I think not.
Regarding the logs, is there any section of the fw where I can give you more information, I mean, I sent you some screenshots in a couple of previous messages in which does not give much information or is relevant ... would you know if it is possible to see more in depth what happens?
Regarding the second question we have no more servers on-premise.
Hi @Sheikh
I spoke to the user and asked him for several things.
I asked him if he used other vpn clients and he said yes (openvpn).
He created a virtual machine with everything clean and only forticlient and told me that it worked a couple of times and then started to give the same problem.
Then on his laptop he uninstalled openvpn, forticlient, deleted caches, ran ccleaner and it didn't work either.
He says that sometimes it works, he disconnects from the vpn leaving the remote desktop "active" (this does not fit me) and when he tries to reconnect, sometimes it works and sometimes it does not. It also argues that it pings google and the server, it says that the vpn is not down but that the ping to the server stops responding .... (this also does not fit me, if the vpn is down it would also stop responding to the ping to the server).
Anything you can think of?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.