Multi Wan router (Ubuntu 16.04) - having problems with Remote Desktop to a remote site

I recently setup a multi wan router in our office using the gwping script as can be referenced over the web.

I was able to do it successfully and Internet access has improved.

However, users have a particular application that needs to be accessed through Remote Desktop (at the head office, this multi wan setup is in a satellite office).

Current setup is that the WinXP and Windows 7 clients use MS Windows Remote Desktop app to access the remote host through the multi wan router setup. Connection is intermittent from the windows clients (through the multi wan router)... while pinging the remote hosts (we have multiple ip addresses setup for this) from the multi wan router itself, response time is good (50ms and below)..

I also observe that whenever one Windows client successfully connects to the remote machine, it disconnects when another windows client tries to access the same remote machine through the same ip address...

Does this have any relation with the multi wan setup?

I am thinking that perhaps, if I setup a VPN (OpenVPN) between the Windows clients and the remote host.. then from there use remote desktop I may be able to get better connection... would this be better?

What should I look into here to investigate this further?

To my understanding, the multi wan setup consists of these components: 1. the policy routing (source routing) entries and the load balancing route entry 2. iptables - properly mark connections so the packets know which WAN uplink to go back to 3. iptables - NAT the LAN clients

this is my current iptables :

# Generated by iptables-save v1.6.0 on Mon Nov 20 13:10:41 2017
*filter
:INPUT ACCEPT [432:41286]
:FORWARD ACCEPT [5062:1011840]
:OUTPUT ACCEPT [589:68052]
:SSH_ROUTER - [0:0]
-A INPUT -i enp1s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i enp3s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i enp2s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i enp1s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i enp3s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i enp2s0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2222 -j SSH_ROUTER
-A SSH_ROUTER -s xx.xx.xx.xx  -j ACCEPT
-A SSH_ROUTER -s yy.yy.yy.yy -j ACCEPT
-A SSH_ROUTER -s zz.zz.zz.zz -j ACCEPT
-A SSH_ROUTER -s 192.168.111.0/24 -j ACCEPT
-A SSH_ROUTER -j DROP
COMMIT
# Completed on Mon Nov 20 13:10:41 2017
# Generated by iptables-save v1.6.0 on Mon Nov 20 13:10:41 2017
*mangle
:PREROUTING ACCEPT [36261:8363451]
:INPUT ACCEPT [5611:626514]
:FORWARD ACCEPT [30630:7738367]
:OUTPUT ACCEPT [3648:397292]
:POSTROUTING ACCEPT [34343:8142855]
-A PREROUTING -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
-A PREROUTING -m mark --mark 0x1 -j ACCEPT
-A PREROUTING -i enp1s0 -m state --state NEW -m mark --mark 0x0 -j MARK --set-xmark 0x1/0xffffffff
-A PREROUTING -m mark --mark 0x2 -j ACCEPT
-A PREROUTING -i enp3s0 -m state --state NEW -m mark --mark 0x0 -j MARK --set-xmark 0x2/0xffffffff
-A PREROUTING -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff
COMMIT
# Completed on Mon Nov 20 13:10:41 2017
# Generated by iptables-save v1.6.0 on Mon Nov 20 13:10:41 2017
*nat
:PREROUTING ACCEPT [1215:106534]
:INPUT ACCEPT [773:55521]
:OUTPUT ACCEPT [936:67061]
:POSTROUTING ACCEPT [936:67061]
-A POSTROUTING -s 192.168.111.0/24 -o enp1s0 -j SNAT --to-source 192.168.15.254
-A POSTROUTING -s 192.168.111.0/24 -o enp3s0 -j SNAT --to-source 192.168.2.254
COMMIT
# Completed on Mon Nov 20 13:10:41 2017

Any help will be appreciated.

Thanks.