RDP does not work over UDP on port 443

Question

Hi, 
 I have a Problem on our new sophos XG Firewall. 
 It seems that the Firewall is manipulating UDP Packets sent to an OpenVPN connection on Port 443 causing RDP to show a black screen all the Time and not getting the Desktop at all. 
 
 Does anybody have an Idea on how to solve that problem. 
 Current Setting: 
 PC from DMZ tries to connect via OpenVPN on UDP port 443 to the remote Gateway passing through the XG Firewall and succeeds with the connection. 
 Afterwards I try to open an RDP to a Server located in the Tunnel - I get the Logon WIndow and it does just show a black screen. 
 
 The Rule in the XG Firewall is allowing UDP Traffic on Port 443 to the remote gateway and does not have any Security Features (Webfilter, IPS, TLS Inspection, ...) enabled any more. 
 
 Best regards, 
 Makrus

Markus Steinbauer · Accepted Answer

Hi Everyone, 
 The Solution was quite easy. 
 When setting MTU-Size to something else than the standard Values (1418 in our Case) then the Firewall starts to mess up the UDP Packets. 
 So the Workarround is to use MSS instead of UDP for remote ISPs not supporting MTU-Size of 1500. 
 
 Best Regards, 
 Markus

RDP does not work over UDP on port 443

Top Replies