Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 6 subscribers
  • Views 3967 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RDP crash sessions over SSL VPN

Antonio Rouqueiro

Good afternoon

I am having problems with our client in RDP sessions through the SSL VPN tunnel since Windows 10 was updated to version 20H2, whenever I make a connection via “remote desktop”, for example, I access a page with heavier content, like images, inside the remote machine, this is the crash session and restart the connection, I have clients working at home and they are not being able to develop their tasks, I need your help in order to resolve this issue, because before this update, and I have servers where I access with previous versions of rdp running at full speed without restarting the connection, I had no problems.

The UTM version is 9.705-3

Greetings



This thread was automatically locked due to age.
Parents
  • 0

    Good Morning Harsh Patel

    Yes, when this problem occurs users are connected to the SSL VPN, the VPN does not fall, the rdp session is disconnected, right on the first attempt to connect the rdp, reconnect, but scrolling on that same page , or file, which has great content, disconnects again, this VPN client reinstallation operation has already been done and it didn't work.

    Thanks

  • +1 in reply to Antonio Rouqueiro

    Hola Antonio,

    try again with disabled IPS, TCP flood protection and UDP flood protection. What are your results?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • FormerMember
    0 FormerMember in reply to PhilippRusch

    Good Morning ,

    Thank you for the update. 

    As mentioned by , It could be the Anti-DoS/flooding protection or IPS causing these disconnects. 

    Just for testing, try to turn off Anti-DoS/flooding protection under Network Protection > Intrusion Prevention > Anti-DoS/flooding > turn off UDP and TCP flood protection and see if that helps. If it does help, you might have to recalibrate the values. 

    Thanks,

  • 0 in reply to PhilippRusch

    Thank you jprusch, after experimenting with your suggestion, it worked, I will also try making an exception IPS, TCP flood protection and UDP but only for the rdp service, if it works after I communicate.

    Thank you very much from Portugal

  • 0 in reply to FormerMember

    Thanks again Harsh Patel, as I already answered the jprusch, after deactivating IPS, TCP flood protection and UDP, I did several scroll tests on pages with great content and the session did not fall again, which values will be more appropriate to recalibrate? I have defined the default values that are TCP flood Source packet rate (packets / second): 100 Destination packet rate (packets / second): 200 UDP flood Source packet rate (packets / second): 200 Destination packet rate (packets / second): 300

    Thanks a lot for the help

  • FormerMember
    +1 FormerMember in reply to Antonio Rouqueiro

    Hi ,

    You can specify the rate of packets per second that is allowed for source and destination IP addresses. The default packet rate isn't ideal for remote users in your environment, so either you can change the packet rate.

    However, it would be better to create an exception for the SSL remote network in your case. 

    Reference screenshot:

    Select coming from these source network under For all requests and add your SSL VPN network.

    Thanks,

Reply
  • FormerMember
    +1 FormerMember in reply to Antonio Rouqueiro

    Hi ,

    You can specify the rate of packets per second that is allowed for source and destination IP addresses. The default packet rate isn't ideal for remote users in your environment, so either you can change the packet rate.

    However, it would be better to create an exception for the SSL remote network in your case. 

    Reference screenshot:

    Select coming from these source network under For all requests and add your SSL VPN network.

    Thanks,

Children
Unfiltered HTML