Hmm do you have any telnet servers you could try to connect to thought the tunnel? I'm wondering if you're running into a MSS/no fragmentation issue. It might be nice to see a tcpdump -ni $lan-if -w output.pcap 'host $your_client_ip' from the firewall. Let it capture for 5 mins while you try the remote desktop session. When your finished just ctrl-c the tcpdump and send it this way. You should know have a output.pcap file from what ever dir you run that command.
I'm guessing we might need to do some mss fixup for ipsec tunnels. My 0.02c -----Original Message----- From: Jason Landry [mailto:[EMAIL PROTECTED] Sent: Monday, October 10, 2005 12:58 PM To: support@pfsense.com Subject: [pfSense Support] IPSec tunnel and Remote Desktop Hi, I've created a site-to-site IPSec tunnel between my home and office. At home I'm using the latest pfsense, 0.86.4, and at work, m0n0wall. I used the basic instructions in the tutorial. The home network is 10.53.x.x/24, the work network is 192.168.x.x/24. Both are NAT'ed. At home I have a dynamic DNS, but that's ok since I only want to be able to connect *to* the office. The tunnel gets established properly, and I can ping machines at the office through the tunnel. I can access the webgui of the office's m0n0wall router without a problem. However, I cannot use remote desktop. When I attempt to connect to a machine, I get a partial connection (the screen starts drawing), but it hangs and never even shows me the login information. I was also hoping to access our office's sql server using the tunnel. I can establish the connection, but queries are never returned, and query analyzer always complains about a broken network connection. I'm guessing this has something to do with having the networks behind NAT. Any ideas? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
