VPN, Remote Desktop, Vista and MTU

LinkSys WAG325NMy home network is rather small: two desktop machines and one laptop. Access to outside world is done via usual ADSL connection. Bridge between two worlds was some unknown ADSL router connected to (good old) LinkSys WRT54G with custom DD WRT firmware; all work was done here: firewall, port forwarding, dhcp …

This combination was good, but not the best – main obstacles were having two devices instead of one (WRT54G has no ADSL port) and no VPN directly to offices where I work.

Recently, I replaced WRT54G with newer model: LinkSys WAG325N: ADSL port, 4 LAN ports, 802.11 a/b/g wireless and experimental (draft) implementation of 802.11n wireless protocol. Best of all, up to 5 VPN channels directly from router, so all machines can use VPN tunnel w/o problems.

After seting up VPN, access to business machines was just fine from desktop machines. However, that was not the case for laptop, which is using wireless connection.

Using Remote Desktop from laptop, I would see initial black or blue screen of remote computer (w/o login box) and after couple of minutes, Remote Desktop session would die.

After considerable time spend on Google (and with great help of our system administrator Nemanja), I found possible problem: size of MTU or Maximum Transmition Unit – size of the largest packed allowed on particular network.

Default size set by Windows Vista was 1500 and that was enought not to establish Remote Desktop connection over VPN. In Vista, you can check settings by going in Command Prompt and typing:

netsh interface ipv4 show subinterfaces

and you will get something like:


  MTU  MediaSenseState   Bytes In  Bytes Out  Interface
------  ---------------  ---------  ---------  -------------
4294967295          1          0       7127  Loopback Pseudo-Interface 1
1500                1     145661      51022  Wireless Network Connection
1500                5          0          0  Local Area Connection
1500                5          0          0  Bluetooth Network Connection

Now, you can change MTU for particular interface:

netsh interface ipv4 set subinterface "Wireless Network Connection" mtu=1440 store=persistent

(make sure that you are doing this from elevated Command Prompt, i.e. CMD started using right-click and option “Run as Administrator“) and that will sort out any Remote Desktop connection problems.

5 thoughts on “VPN, Remote Desktop, Vista and MTU”

  1. I spent many google hours myself, others has similar problems which were solved by turning of autotuning, thought I would mention it here ‘netsh interface tcp show global’ to view settings and ‘netsh interface tcp set global autotuning=disabled’ tot turn setting off.

    For me your solution worked: it also solved my problem connecting to FTP on my NAS and accessing shares on my XP desktop all requiring username/password.

    Thanx again!

    Marcel M.

    Reply

  3. Thank you for your article. It was helping me with the same problem as you described. I have changed the size of MTU at my Wireless connection and remote desktop started to work.

    Reply

  5. Thanks!! This was exactly what i needed. Could not connect Vista to our terminal servers over ipsec tunnel, now it works!

    Reply

Leave a Reply to jeroen Cancel reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.