VPN, XP, Termdd, and x.224

From: Denny (anonymous_at_discussions.microsoft.com)
Date: 07/13/04 

Date: Tue, 13 Jul 2004 08:31:09 -0700

This is a confusing issues, so I will do my best to
explain it.
Site A and Site B are connected by a hardware based VPN
tunnel over the internet. Both sites have Remote Access
Servers that users can vpn from their home desktop into
the system. Some of my users are experiencing an issue
where they vpn into the closest server, let's say Site A,
and then try to remote desktop into their PC @ Site A.
Some of them get a black screen and after a minute or so
it disconnects with the standard network error. On the PC
that they were trying to remote to the event log gives

'Source: TermDD - Description: The RDP protocol component
X.224 detected an error in the protocol stream and has
disconnected the client.'

BUT, here's the confusing part of the whole thing, if
some one from home is vpn'd into Site A, they can
successfully RD a PC in Site B without the network error.
And Vise-Versa, if some one vpn's into Site B, the can
successfully RD a PC in Site A.

I am unsure of what has changed as this has only started
recently and only effects a handful of people (myself
included). I thought it was a DNS or WINS issue but I
think I have successfully ruled that out, and I have been
through every article on the technet site referencing the
error message and DATA ENCRYPTION errors. I have deleted
the certificate key a few times with no luck, and I am
positive ALL of my servers have the latest SP and Patches
installed. Both are 2000 servers and all of the desktops
are XP using SUS to keep them up-to-date. I have also
tried terminating the hardware vpn (to seperate the
offices) and then try to vpn into Site A or B and access
a local PC w/no luck. I use SonicWall as my firewall and
to establish the VPN tunnels.

Relevant Pages

  • Re: VPN versus Terminal Server for remote workers
    ... If one wants to cross the river and gets into a secure tunnel, ... this does not really help me understand why the hardware will allow ... By default and intention 'split tunneling' of VPN connections is not ... as far as using Term Server, the question really is: ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN versus Terminal Server for remote workers
    ... do not allow one to use both the tunnel and the default gw at the ... With the "solid" hardware that supports VPN ... they will be using work in a term server environment? ...
    (microsoft.public.windows.server.sbs)
  • Re: Site to Site VPN 2 SBS servers
    ... site to site VPN. ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... | Subject: Re: Site to Site VPN 2 SBS servers ...
    (microsoft.public.windows.server.sbs)
  • Re: IP over IP to make static IP?
    ... My ISP's terms of service even allow me to run private servers. ... > Now what if some third party comes along, and has maybe a class C of IP ... The VPN traffic doesnt have to be limitted to internal traffic. ... A normal tunnel can be used for interent traffic. ...
    (comp.os.linux.networking)
  • Re: Change of IP for Servers
    ... Static device like printers will need to have their gateway's ... All servers ... We have an ISP who is providing internet and VPN access. ...
    (microsoft.public.win2000.networking)
Loading