Hi @Sheikh 

Thanks for reply me.

No, we do not use SD-WAN. I explained myself wrong, Our LAN has 3 main stars interconnected through fiber switches, from each fiber switch there are more connections to other switches.

I also mistakenly did not tell you that we use forticlient free.

How can I gather more information to find the right solution?

Thanks

Hi again @Sheikh 

Whatching the video that the user sent me in the cmd console of his windows client pc says

Request timeout for icmp_seq13 and so on

Hello @Jalonso-otazu 

Have you checked the session timeout value on the policy ? or the RDP session disconnected, right after VPN is established ?

Moreover, what the firewall logs shows when the end user tries RDP to server ? 

BTW what is the output of following PowerShell command for testing connection from client machine ?

tnc XX.XX.XX.XX -port 389 <----------replace the XX with an IP address of RDP server and change the port if the server is set to respond on different RDP port.

regards,

Sheikh

Hi @Sheikh

I´m not a network expert, nevertheless I have been watching the FW logs. I´ll talk with the user and next monday i´ll continue with the post. Thanks

He has executed the cmdlet but this command is not very usefull, don´t you think...no much info.

Hello @Jalonso-otazu 

At least we can see that the server is responding on port 3389, when the client tries to communicate. Have you tried updating Windows RDP client ? If not possible then I would suggest checking the firewall logs.

Moreover, is it only happening with one specific server via RDP or the result is same when try to RDP to any of the server, after connecting VPN ?

regards,

Sheikh

sorry for the delay, Hi @Sheikh

I think that on a windows 2012 r2 it is not possible to update the rdp, I will check it but I think not.

Regarding the logs, is there any section of the fw where I can give you more information, I mean, I sent you some screenshots in a couple of previous messages in which does not give much information or is relevant ... would you know if it is possible to see more in depth what happens?

Regarding the second question we have no more servers on-premise.

Hi @Sheikh 

I spoke to the user and asked him for several things.

I asked him if he used other vpn clients and he said yes (openvpn).

He created a virtual machine with everything clean and only forticlient and told me that it worked a couple of times and then started to give the same problem.

Then on his laptop he uninstalled openvpn, forticlient, deleted caches, ran ccleaner and it didn't work either.

He says that sometimes it works, he disconnects from the vpn leaving the remote desktop "active" (this does not fit me) and when he tries to reconnect, sometimes it works and sometimes it does not. It also argues that it pings google and the server, it says that the vpn is not down but that the ping to the server stops responding .... (this also does not fit me, if the vpn is down it would also stop responding to the ping to the server).

Anything you can think of?