PfSense hangs when I'm connecting to MS RDP
-
It's running behind a virtual machine, so it seems to be the cause:
https://forum.pfsense.org/index.php?topic=61257.0
https://forum.pfsense.org/index.php?topic=70017.0Had anyone solved this yet?
-
Both scenarios talk about running pfsense virtually on a normal windows host vs a hyper-visor. The advantage of a hyper-visor is how you can create virtual switches. On a normal host, even bridged, you want dedicated NICs for WAN/LAN, and then a 3rd if you want the host itself to have connectivity.
When assigning vlans I've read countless times to not have VLANs traversing a NIC that also has an interface assigned without any vlans (normal LAN) as it will cause issues, so I imagine sharing a NIC through a virtual machine and host machine (bridged) could be problematic as well.
I run pfSense on vSphere 5.5 and pfsense as a virtual machine, and I RDP just fine. From outside WAN > LAN, subnet A to subnet B, Subnet A to Subnet A, and over a VPN. Rdp has yet to not work for me. I've even RDP'd from a virtual machine to a physical machine on a different subnet.
Long story short, I'd recommend having dedicated NICs for pfsense if you're running it as a virtual guest on a Windows based host, but would further recommend using a proper hyper-visor. Also stop RDP from listening on every interface for RDP sessions (on the HOST): http://lyncdup.com/2012/06/how-to-disable-remote-desktop-rdp-listening-on-an-external-nic/
-
I'm also running pfSense 2.1.3 under vSphere 5.5.u1. I don't have any problems using RDP to any of my physical or virtual Windows servers.
-
You are right, I'm not behind a hypervisor, however all my services work, such as IP Cameras, pfSense Webgui, traffic shaper, installed services (running under different ports with their firewall and NAT rules).
Additionally, I'm not running VLAN's through pfSense, had trouble setting it up, I just used Realtek VLAN utility and made them as virtual interfaces.
Host gets connection through MS loopback adapter and through that adapter another virtual machine grabs its IP by DHCP.
I could install VNC or something else and allow their ports, but I wanted the most minimalistic setup.
-
I believe the issue is the host that pfsense resides on also listens on 3389, maybe go into the registry and change the host's listening port from 3389 to something else. Whereas your security devices etc… don't share common ports with your host.
Doesn't hurt to try at least, hope it works.
http://support.microsoft.com/kb/306759
-
Thanks, but not dice, I changed it to port 5000 and it's the same thing. I forgot to add it works fine under LAN, problem is when the RDP connection happens outside my local network.
-
i have the same issue, does anyone know how to address this:
My setup is this:
1. I am running the PFSense as the main firewall.
2. PFsense is in transparent proxy.
3. I have several AP which is under VLAN** all routes to LAN which has a cisco router is also indicated in the routing table of PFSense
** MSRDP works fine when I use on LAN
** MSRDP works fine also when I use my Cisco Router as GW.** It does not work in VLAN , I can connect succesfully but after logging in it disconnect and reconnect and I cannot move anything on the remove.
