RDP on S50 in VPN WAN environment

  • This topic is empty.
Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #398
    Avataragos
    Member
    • Total Post: 3
    • Newbie

    I have a multiple location WAN consisting of all CISCO router/vpn/firewall devices via PPPoE internet connections with VPN tunnels between each location and head office.
    I use 2 thin client apps: TEC – Ericom Terminal Emmulator and RDP connecting to a Windows 2003 TS w/SP1. When using RDP, I can login fine but at varied lengths of time the RDP window would freeze and after a period (30 to 90 secs) I’d get the following message:
    Network is down, do you want to exit remote desktop? Yes/No
    and the following message would be in the error log:
    RDP ERROR: ERROR: send: Resource temporarily unavailable
    Using RDP on a PC on the same network works wihtout a problem and furthermore, because these are remote locations, I am often connected to the Thin Client via VNC Shadow with absolutely no break in communication. Thin Clients on my LAN do not have this problem so it seems to be related to the VPN connectivity. Any thoughts would be appreciated.
    Other info:
    All Thin Clients run identical Software images: OS v6.3.1-21, RDP v1.4.1-3.32
    All clients are on 100Mbps switchs (Some Dell some HP)
    Head office router = CISCO 1841
    Remote routers = CISCO 877
    All cabling is structured and to standard
    Average WAN round trip performance is 28ms

    #9474
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi,

    Sounds like an issue to me, any chance of getting an Ethereal Packet Capture while it drops? It may be to only way to see whats going on.

    Also I believe there is a CiscoVPN addon for Wyse V6 Linux, would it be worth testing this to see if it has the same issue?

    Cheers,
    -TT

    #9484
    Avataragos
    Member
    • Total Post: 3
    • Newbie

    I did as you suggested and other than checksum errors, I get a lot of TCP segment of reassembled PDU messages going from my TS server back to the client. I’m not sure that this’ll cause the problem I’m having. There was also one TCP ACKed lost segment but I only noticed this once of the three caputures I did. Any thoughts?

    #9489
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi,

    That’s interesting, it would indicate to me that that you have a number of fragmented packets trying to be put back together. Normally this is related to large packets being fragmented to fit over a WAN however in your case it could be to many very small packets.

    I saw once on a netscreen firewall where a PPtP VPN would not work from a CE terminal (netscreen recognized this as an issue).

    Can you test a different VPN solution like Cisco? You mentioned you had Cisco equipment. Otherwise it could be a process of trouble shooting the network which can be long and slow.

    One other test I do on Blazer devices is to reduce the MTU size of the packets to help stop them being fragmented. I am not sure how to do this on Wyse Linux so I would have to ask,

    Cheers,
    -TT

    #9490
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi Again,

    I found the parameter to enter in the wlx.ini file (you are using this, right?)

    NETWORK.ETH0.MTU=value

    Note this only works on firmware 6.3.0 build22 or better.

    So in normal networks the MTU is 1500 however due to the overhead of the PPtP tunnel and WAN the packed needs to be smaller – normally the router does this.

    In some instances the router gets it wrong and the packets get fragmented to much or not assembled correctly.

    So try a value around this and see how you go, it may take so testing and it may not help you at all but worth a shot.

    Also make sure you optimise the RDP setting you have on the devices for WAN and the colors=high and disable any unwanted mappings like sound.

    Try slowly reducing the value (start at 1492 and Google for other values and more info in MTU). As you reduce the MTU to a packet capture again and see if the errors reduce.

    Good luck, these issues can be a cow to track!

    #9504
    Avataragos
    Member
    • Total Post: 3
    • Newbie

    I think you’ve hit the nail on the head. I reduced the MTU on the remote router (at the site that I’m having the problem on) and the RDP client has not hung since, BUT, VNC – desktop shadow no longer works. So I’m going to test your suggestion and see if that helps.
    One other question, I do not use the wlx.ini files, is there a way to do set this value on the client itself?

    Thanks,
    Agos

    #9507
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    OK, some progress which is good! Maybe the value is to small which is why VNC now fails. Try a larger value? Its trial and error, BTW did the ethereal captures on the TS server look better now?

    As for the value locally I guess if you could alter the network conf from a command sheel it is possiable. Also if you point it to a wlx.ini once you can store the setting locally.

    Personally I would always deploy with a wlx.ini some place as it so easy and the remote management is great.

    Keep us all updated as you have some great info for other who may have this issue!

Viewing 7 posts - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.