Sign in with
Sign up | Sign in
Your question

Got VPN ...but how do I ensure RDP is using it?

Last response: in Windows XP
Share
Anonymous
August 2, 2004 4:36:04 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I have a small network that has a Winn2k (SP 4) VPN server and has
RRAS setup to receive VPN clients. The server has only one NIC and
this is connected to an Actiontec DSL gateway that acts as an
all-in-one firewall, DHCP ADSL router (actiontec 1520). The server is
assigned a static address from the Actiontec DHCP pool and also acts
as a file server. The server is only used as a workgroup server so
Active Directory is not involved. The server also has Terminal
Services installed in application mode.

The router is configured to pass ports TCP port 1723 and GRE protocol
port 47. I have also passed port 3389 for RDP.

Before I setup VPN, I could connect using RDP directly over the
internet to the Terminal Server (using the public address of the
gateway) but wanted to use VPN for better security.

I have a Win XP client that uses the built in VPN client to
successfully connect and authenticate. It gets the IP address from the
actiontec dhcp pool (192.168.0.x)

However , the only way I can connect using RDP to the terminal server
is by using the (public) IP address of the gateway, not the private
address of the server . Is this in effect NOT using the VPN
connection?

Should I remove the port forwarding (3389) actiontec? I can't ping the
server from home using the servers assigned 192.168.0.7

I would have thought that once a VPN session is established, you would
then use various services using the *internal, private* IP addressing
of the destination network server.

What do I need to do to ensure I'm using RDP over VPN?

thanks

More about : vpn ensure rdp

Anonymous
August 2, 2004 11:43:27 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

If you have the VPN connected, use the private/LAN IP Address for
Remote Desktop, not the public address...

Jeffrey Randow (Windows Networking & Smart Display MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

On Mon, 02 Aug 2004 12:36:04 -0600, saxguy <saxguy@musicman.org>
wrote:

>I have a small network that has a Winn2k (SP 4) VPN server and has
>RRAS setup to receive VPN clients. The server has only one NIC and
>this is connected to an Actiontec DSL gateway that acts as an
>all-in-one firewall, DHCP ADSL router (actiontec 1520). The server is
>assigned a static address from the Actiontec DHCP pool and also acts
>as a file server. The server is only used as a workgroup server so
>Active Directory is not involved. The server also has Terminal
>Services installed in application mode.
>
>The router is configured to pass ports TCP port 1723 and GRE protocol
>port 47. I have also passed port 3389 for RDP.
>
>Before I setup VPN, I could connect using RDP directly over the
>internet to the Terminal Server (using the public address of the
>gateway) but wanted to use VPN for better security.
>
>I have a Win XP client that uses the built in VPN client to
>successfully connect and authenticate. It gets the IP address from the
>actiontec dhcp pool (192.168.0.x)
>
>However , the only way I can connect using RDP to the terminal server
>is by using the (public) IP address of the gateway, not the private
>address of the server . Is this in effect NOT using the VPN
>connection?
>
>Should I remove the port forwarding (3389) actiontec? I can't ping the
>server from home using the servers assigned 192.168.0.7
>
>I would have thought that once a VPN session is established, you would
>then use various services using the *internal, private* IP addressing
>of the destination network server.
>
>What do I need to do to ensure I'm using RDP over VPN?
>
>thanks
Anonymous
August 3, 2004 4:11:48 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
<jeffreyr-support@remotenetworktechnology.com> wrote:

>If you have the VPN connected, use the private/LAN IP Address for
>Remote Desktop, not the public address...

I'm sorry I thought I was clear on that. That's what I do try but it
times out. Perhaps the firewall is dropping the private address (not
passing ICMP ??) request?

I can connect fine using the public IP as I mentioned but this
circumvents the VPN, correct?

If it is the firewall, what additional ports do I need to open?
Related resources
Anonymous
August 3, 2004 6:38:47 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

>On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
><jeffreyr-support@remotenetworktechnology.com> wrote:
>
>>If you have the VPN connected, use the private/LAN IP Address for
>>Remote Desktop, not the public address...

Is it perhaps *my* private IP address is the same as the remote
private address (192.168.0.x)? So that when try and connect to the RDP
server at 192.168.0.7, it only tries my LAN and not the one connected
via the VPN?

thanks to all for something I'm not getting!

On Tue, 03 Aug 2004 00:11:48 -0600, saxguy <saxguy@musicman.org>
wrote:
August 3, 2004 11:41:34 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

If your IP class is the same as the VPN your desktop will not route the data
properly it will look for 192.168.0.7 on the local loop not the VPN
connection. Change them, for example client side make it 192.168.1.X class.
"saxguy" <saxguy@musicman.org> wrote in message
news:gqtvg0pphevimjpvmeouam1guj02ob2cb0@4ax.com...
> >On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
> ><jeffreyr-support@remotenetworktechnology.com> wrote:
> >
> >>If you have the VPN connected, use the private/LAN IP Address for
> >>Remote Desktop, not the public address...
>
> Is it perhaps *my* private IP address is the same as the remote
> private address (192.168.0.x)? So that when try and connect to the RDP
> server at 192.168.0.7, it only tries my LAN and not the one connected
> via the VPN?
>
> thanks to all for something I'm not getting!
>
> On Tue, 03 Aug 2004 00:11:48 -0600, saxguy <saxguy@musicman.org>
> wrote:
>
>
Anonymous
August 4, 2004 11:17:23 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

On Tue, 3 Aug 2004 19:41:34 -0400, "RoadRunner"
<gabriel.stan@earthlink.net> wrote:

>If your IP class is the same as the VPN your desktop will not route the data
>properly it will look for 192.168.0.7 on the local loop not the VPN
>connection. Change them, for example client side make it 192.168.1.X class.

Worked like a charm RoadRunner. Thanks so much!
saxguy
August 5, 2004 9:24:25 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Happy to be at service!
"saxguy" <saxguy@musicman.org> wrote in message
news:qdo1h0ta1m2pbcnn9qea7qmh8m0meklucj@4ax.com...
> On Tue, 3 Aug 2004 19:41:34 -0400, "RoadRunner"
> <gabriel.stan@earthlink.net> wrote:
>
> >If your IP class is the same as the VPN your desktop will not route the
data
> >properly it will look for 192.168.0.7 on the local loop not the VPN
> >connection. Change them, for example client side make it 192.168.1.X
class.
>
> Worked like a charm RoadRunner. Thanks so much!
> saxguy
>
!