Got VPN ...but how do I ensure RDP is using it?

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I have a small network that has a Winn2k (SP 4) VPN server and has
RRAS setup to receive VPN clients. The server has only one NIC and
this is connected to an Actiontec DSL gateway that acts as an
all-in-one firewall, DHCP ADSL router (actiontec 1520). The server is
assigned a static address from the Actiontec DHCP pool and also acts
as a file server. The server is only used as a workgroup server so
Active Directory is not involved. The server also has Terminal
Services installed in application mode.

The router is configured to pass ports TCP port 1723 and GRE protocol
port 47. I have also passed port 3389 for RDP.

Before I setup VPN, I could connect using RDP directly over the
internet to the Terminal Server (using the public address of the
gateway) but wanted to use VPN for better security.

I have a Win XP client that uses the built in VPN client to
successfully connect and authenticate. It gets the IP address from the
actiontec dhcp pool (192.168.0.x)

However , the only way I can connect using RDP to the terminal server
is by using the (public) IP address of the gateway, not the private
address of the server . Is this in effect NOT using the VPN
connection?

Should I remove the port forwarding (3389) actiontec? I can't ping the
server from home using the servers assigned 192.168.0.7

I would have thought that once a VPN session is established, you would
then use various services using the *internal, private* IP addressing
of the destination network server.

What do I need to do to ensure I'm using RDP over VPN?

thanks
6 answers Last reply
More about ensure
  1. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    If you have the VPN connected, use the private/LAN IP Address for
    Remote Desktop, not the public address...

    Jeffrey Randow (Windows Networking & Smart Display MVP)
    jeffreyr-support@remotenetworktechnology.com

    Please post all responses to the newsgroups for the benefit
    of all USENET users. Messages sent via email may or may not
    be answered depending on time availability....

    Remote Networking Technology Support Site -
    http://www.remotenetworktechnology.com
    Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

    On Mon, 02 Aug 2004 12:36:04 -0600, saxguy <saxguy@musicman.org>
    wrote:

    >I have a small network that has a Winn2k (SP 4) VPN server and has
    >RRAS setup to receive VPN clients. The server has only one NIC and
    >this is connected to an Actiontec DSL gateway that acts as an
    >all-in-one firewall, DHCP ADSL router (actiontec 1520). The server is
    >assigned a static address from the Actiontec DHCP pool and also acts
    >as a file server. The server is only used as a workgroup server so
    >Active Directory is not involved. The server also has Terminal
    >Services installed in application mode.
    >
    >The router is configured to pass ports TCP port 1723 and GRE protocol
    >port 47. I have also passed port 3389 for RDP.
    >
    >Before I setup VPN, I could connect using RDP directly over the
    >internet to the Terminal Server (using the public address of the
    >gateway) but wanted to use VPN for better security.
    >
    >I have a Win XP client that uses the built in VPN client to
    >successfully connect and authenticate. It gets the IP address from the
    >actiontec dhcp pool (192.168.0.x)
    >
    >However , the only way I can connect using RDP to the terminal server
    >is by using the (public) IP address of the gateway, not the private
    >address of the server . Is this in effect NOT using the VPN
    >connection?
    >
    >Should I remove the port forwarding (3389) actiontec? I can't ping the
    >server from home using the servers assigned 192.168.0.7
    >
    >I would have thought that once a VPN session is established, you would
    >then use various services using the *internal, private* IP addressing
    >of the destination network server.
    >
    >What do I need to do to ensure I'm using RDP over VPN?
    >
    >thanks
  2. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
    <jeffreyr-support@remotenetworktechnology.com> wrote:

    >If you have the VPN connected, use the private/LAN IP Address for
    >Remote Desktop, not the public address...

    I'm sorry I thought I was clear on that. That's what I do try but it
    times out. Perhaps the firewall is dropping the private address (not
    passing ICMP ??) request?

    I can connect fine using the public IP as I mentioned but this
    circumvents the VPN, correct?

    If it is the firewall, what additional ports do I need to open?
  3. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    >On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
    ><jeffreyr-support@remotenetworktechnology.com> wrote:
    >
    >>If you have the VPN connected, use the private/LAN IP Address for
    >>Remote Desktop, not the public address...

    Is it perhaps *my* private IP address is the same as the remote
    private address (192.168.0.x)? So that when try and connect to the RDP
    server at 192.168.0.7, it only tries my LAN and not the one connected
    via the VPN?

    thanks to all for something I'm not getting!

    On Tue, 03 Aug 2004 00:11:48 -0600, saxguy <saxguy@musicman.org>
    wrote:
  4. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    If your IP class is the same as the VPN your desktop will not route the data
    properly it will look for 192.168.0.7 on the local loop not the VPN
    connection. Change them, for example client side make it 192.168.1.X class.
    "saxguy" <saxguy@musicman.org> wrote in message
    news:gqtvg0pphevimjpvmeouam1guj02ob2cb0@4ax.com...
    > >On Mon, 02 Aug 2004 19:43:27 -0500, "Jeffrey Randow (MVP)"
    > ><jeffreyr-support@remotenetworktechnology.com> wrote:
    > >
    > >>If you have the VPN connected, use the private/LAN IP Address for
    > >>Remote Desktop, not the public address...
    >
    > Is it perhaps *my* private IP address is the same as the remote
    > private address (192.168.0.x)? So that when try and connect to the RDP
    > server at 192.168.0.7, it only tries my LAN and not the one connected
    > via the VPN?
    >
    > thanks to all for something I'm not getting!
    >
    > On Tue, 03 Aug 2004 00:11:48 -0600, saxguy <saxguy@musicman.org>
    > wrote:
    >
    >
  5. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    On Tue, 3 Aug 2004 19:41:34 -0400, "RoadRunner"
    <gabriel.stan@earthlink.net> wrote:

    >If your IP class is the same as the VPN your desktop will not route the data
    >properly it will look for 192.168.0.7 on the local loop not the VPN
    >connection. Change them, for example client side make it 192.168.1.X class.

    Worked like a charm RoadRunner. Thanks so much!
    saxguy
  6. Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

    Happy to be at service!
    "saxguy" <saxguy@musicman.org> wrote in message
    news:qdo1h0ta1m2pbcnn9qea7qmh8m0meklucj@4ax.com...
    > On Tue, 3 Aug 2004 19:41:34 -0400, "RoadRunner"
    > <gabriel.stan@earthlink.net> wrote:
    >
    > >If your IP class is the same as the VPN your desktop will not route the
    data
    > >properly it will look for 192.168.0.7 on the local loop not the VPN
    > >connection. Change them, for example client side make it 192.168.1.X
    class.
    >
    > Worked like a charm RoadRunner. Thanks so much!
    > saxguy
    >
Ask a new question

Read More

vpn Servers Actiontec Windows XP