RDP via VPN problem 2

[Dfig]

I have a user who is having problems accessing his work PC using RDP via a VPN connection from home. Everything was fine until a few weeks ago. We had a situation where some users where not able to access their email at the work place after some changes to our Group Policy to disable using a Proxy for Internet Explorer. Did a GPUpate /force on the Servers and Workstations and everything seemed to work ok. After that a certain user could no longer access his work PC from home using RDP via VPN. I tried as well and could not. I get the message "This computer can not connect to the remote computer". If I try to ping by IP or name the request times out. If I ping by name you see the correct IP address in the ping message. I can RDP to other PCs and Servers with no problem. I can RDP to the PC at the work place ok. I verifeid his settings against other PCs and they match. Rdp is enabled, Allow logon through term. service is enabled, Firewall off, and he is a local admin as well as a Remote Desktop user member. The weird thing is, it seems to work during the day. If I am sitting in front of his PC and I use my Verizon wireless card on my laptop I can get in but when I try it in the evening to check, I have same problem. I did a search for VPN and RDP problems on TEK-TIPS and tried some of the solutions suggested there but non worked although I did not look at every post. We use a Cisco VPN client and the VPN Server is a Pix 515E. I can connect to other PCs, Email and shares ok. If I do a tracert it makes it to the first hop which is our core switch (Cisco 3550) and timeout after that(the next hop would be the PC) . I can ping other devices ok. Any suggestions would be much appreciated.

 

[normntwrk]

Does the PC have power saving enabled ? Perhaps it is going to sleep

Norm

 

[Dfig]

Didn't think of that one. Let me check and get back to you. Thanks

 

[burtsbees]

Even if it goes to sleep, it should still ping. Also, you see the name when you ping because the hostname is still in WINDOWS\System32\Drivers\etc\hosts file...you can open it and edit with notepad.
Is the PIX also doing the routing for the LAN?

Burt

 

[Dfig]

No, we have layer 3 switches (Cisco 3550s). The network is divided into subnets and vlans.

 

[burtsbees]

Post a sh run from the 3550 that connects to the pc in question, and the ip address of that pc also. Is the pc ip address in a different subnet as the vpn pool? If it's in the same, then the pc ip address needs to be excluded from the NAT pool. Also, post a sh run from the PIX.

Burt

 

[Dfig]

Ok. I'll get that posted. The weird thing is that it works from 9 t0 5, Monday through Friday.

 

[Dfig]

Thanks for all the help guys. I took another look and it seems that someone other than the user or IT department had upgraded the user to SP3. I removed it and it worked. Thanks again for the assistance.