Tuesday, June 12, 2007

Black Screen when connecting with Remote Desktop

When connecting to terminal server behind a firewall some of the users who were connecting over a DSL or a Cable connection they would receive a black screen upon connection.

Usually the problem is with the MTU settings.  One can adjust the setting using Dr. TCP which is a free download from http://www.dslreports.com/drtcp. This will let you adjust your MTU settings on the network adapter of the PC that you are using to connect to the terminal server. Adjusting MTU setting to 1400 did the trick for me.
But this became a nuisance as we had several users connecting to the Terminal server using the remote desktop.
After much investigation I found out that I can change the MTU settings on the WAN interface of our firewall. In our case we were using Watchguard Firebox.
In order to make the changes on the Watchguard firebox. Follow these particular tweak settings to permanently adjust the MTU settings.
nstruction is as follow.

!!! As a configuration hack, and not a GUI feature, we do not support this and will not be responsible for problems caused by this or a invalid configuration setting added manually. Keep in mind, changing MTU size may fix speed for the services that use the bigger size, but mess things up for other things that prefer 1500.

1) Save you Firebox config to a file and open it in a text editor

2) Find the following lines:

scripts.startup.00 here0

3) Insert the following between them:

ifconfig eth0 mtu XXXX
ifconfig eth1 mtu XXXX
ifconfig eth2 mtu XXXX

The ''XXXX'' will be the MTU size you want on that interface card. eth0 is external, 1 is trusted and 2 optional. So if you wanted a MTU size of 1500 for external but 4096 on the other interfaces you would do as follows:

ifconfig eth0 mtu 1500
ifconfig eth1 mtu 4096
ifconfig eth2 mtu 4096

The lines should now appear as:

scripts.startup.00 here0
ifconfig eth0 mtu 1500
ifconfig eth1 mtu 4096
ifconfigeth2 mtu 4096

Once this is done, save this text edited file and reopen it in Policy manager and save it to the Firebox.

1 comment:

Benzin said...

You might be interested to know about RHUB http://www.rhubcom.com, Remote Desktop
solution. It has some impressive features such as instant remote control, remote reboot, firewall and proxy-compliance, file transfer, interactive chat and recording, among others.