[7.450][DUPE][OPEN] Remote Desktop ssl tunnel

gnomme · #1 (**permalink**) 06-15-2009, 04:57 PM

If IPS is enabled remote desktop connections trough SSL VPN do not work. If I stop the service and try again It works

BAlfson · #2 (**permalink**) 06-15-2009, 05:43 PM

Gnomme, do you mean stop/start IPS while you have an SSL VPN session running, or that it only works when IPS is stopped?

Cheers - Bob

gnomme · #3 (**permalink**) 06-15-2009, 05:56 PM

Quote:

Originally Posted by BAlfson

Gnomme, do you mean stop/start IPS while you have an SSL VPN session running, or that it only works when IPS is stopped?

Cheers - Bob

yes! however some hours later when I make another vpn connection the same problem happens

BAlfson · #4 (**permalink**) 06-15-2009, 06:00 PM

"Yes" ???

Is it "A" or "B" ?

A. It works after you "stop/start IPS while you have an SSL VPN session running"

B. "it only works when IPS is stopped"

Cheers - Bob

gnomme · #5 (**permalink**) 06-15-2009, 06:03 PM

sorry...stop/start

dmzalarm · #6 (**permalink**) 06-16-2009, 02:35 AM

hmm, I use TS over ssl vpn daily and I don't have this problem on my beta instances. Did you see anything in packet filter logs?

BrucekConvergent · #7 (**permalink**) 06-16-2009, 03:31 AM

Check your IPS logs; chances are you are experiencing a IPS rule that's being falsely triggered; when you see the rule sid in the log, just add it to the disabled rule list in the advanced tab under Intrusion Protection configuration.

ee-tra · #8 (**permalink**) 06-16-2009, 02:41 PM

@gnomme
Can you please specify which rules are causing the drops?
Just posting the SIDs would be great, thanks.

gnomme · #9 (**permalink**) 06-16-2009, 07:34 PM

I thont know wich rule is...I used VPN a lot in my previous version of ASG with no problem. the configurations was imported from the older

BAlfson · #10 (**permalink**) 06-16-2009, 10:40 PM

Gnomme, ee-tra wants you to look in your Intrusion Protection log to see what rules are listed when this traffic is blocked.

Cheers - Bob