Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 7679 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remote Desktop over ipsec site to site failing to authenticate

David McIntosh

After having a site to site Ipsec connection running without issue between two offices over many years, I've been forced to move to an XG115 at one end due to an end of life UTM 9 device.

When making an L2TP VPN connection from outside the network I can access a computer inside the network using Remote Desktop without difficulty.

When trying to access the same machine from within site to site network (from one office to the other) the connection appears to be created but I consistently receive the error message "invalid log-in credential, please re-enter"

I know the authentication credentials are correct as I've used the same machine to successfully connect from outside the network.  

I can successfully telnet to the RDP port over the site to site VPN and have a number of other services running successfully over the site to site VPN (eg VOIP services).

IPSEC policies are identical at both ends.

Has anyone come across this or have any ideas on if there is something about the authentication process that requires a tweak on the firewall? 



This thread was automatically locked due to age.
Parents
  • 0

    This sounds like an RDP config issue. Make sure you're using this format for username: COMPUTER_NAME\username

    Also check on the machine you're connecting to that "Allow remote connections to this computer" is enabled in Advanced System Properties, verify correct NLA setting, and that "Select Users..." contains your username.

Reply
  • 0

    This sounds like an RDP config issue. Make sure you're using this format for username: COMPUTER_NAME\username

    Also check on the machine you're connecting to that "Allow remote connections to this computer" is enabled in Advanced System Properties, verify correct NLA setting, and that "Select Users..." contains your username.

Children
  • 0 in reply to Mark van Beekum

    Mark van Beekum said:

    This sounds like an RDP config issue. Make sure you're using this format for username: COMPUTER_NAME\username

    Also check on the machine you're connecting to that "Allow remote connections to this computer" is enabled in Advanced System Properties, verify correct NLA setting, and that "Select Users..." contains your username.

     

    The RDP config is ok and connection is made with no difficulty through a remote access VPN connection.

    Site to site VPN connection log on XG firewall shows that the connection is being allowed but RDP on client machine showing "invalid login credentials" 

    I've had this running ok for years between 2 UTM 9 firewalls. The XG firewall is the only change so I'm assuming there's something going on with it. 

    Site to Site connection is up and Firewall rules are in place to allow all traffic and services both ways between the 2 sites.  

  • 0 in reply to David McIntosh

    David McIntosh said:

     

     
    Mark van Beekum

    This sounds like an RDP config issue. Make sure you're using this format for username: COMPUTER_NAME\username

    Also check on the machine you're connecting to that "Allow remote connections to this computer" is enabled in Advanced System Properties, verify correct NLA setting, and that "Select Users..." contains your username.

     

     

     

     

    The RDP config is ok and connection is made with no difficulty through a remote access VPN connection.

     

    Site to site VPN connection log on XG firewall shows that the connection is being allowed but RDP on client machine showing "invalid login credentials" 

    I've had this running ok for years between 2 UTM 9 firewalls. The XG firewall is the only change so I'm assuming there's something going on with it. 

    Site to Site connection is up and Firewall rules are in place to allow all traffic and services both ways between the 2 sites.  

     

     

    Apologies. I am a complete buffoon. I had my IP addresses mixed up. Problem solved. Thanks for taking the time to comment.