Question

Locked

vpn + remote desktop = trouble

By writehwy61 ·
I want to vpn into my home lan via ddwrt. VPN claims to connect. Ipconfig of client says it has an address on my home lan 192.168.1.x. Client can ping target for remote desktop, but remote desktop can't connect. Remote desktop works great when client is physically on home lan, but can't connect when vpn into home lan.
My logic says that vpn works, and remote desktop works(locally), but no remote desktop over vpn. Any thoughts?

Sam

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Answers

Collapse -

Well, you have to do it over VPN or RAC

by seanferd In reply to vpn + remote desktop = tr ...

so that isn't the problem.

Windows Firewall? Make sure "Don't allow exceptions" is NOT checked.

Otherwise, what OS and SP are you running?

edit: What is the failure message? You could just have latency issues over a slow connection.

Collapse -

over vpn

by writehwy61 In reply to Well, you have to do it o ...

Thanks for the reply,
I am running vista ultimate sp1, as was my remote tester. firewalls allow exceptions ... I thought windows firewall allowed remote desktop automagically. You only have to configure options on the server side of remote desktop, correct? The client only needs address and credentials? I will record exact error on client desktop next time I'm able, but I believe it was "cannot connect ..."
connection is cable highspeed on both ends. I will post again any updates once I test again.
One more thing, it is impossible to test vpn/remote desktop without connecting from another network right? I mean, no real loopback test for this sort of thing?
thanks,
Sam

Collapse -

Don't know about a loopback test

by seanferd In reply to over vpn

The firewall does automatically create an exception <i>unless</i> "Don't allow exceptions" is checked.

http://techrepublic.com.com/2346-1035_11-61469.html

http://windowshelp.microsoft.com/Windows/en-us/help/f55326fa-e629-423b-abba-b30f76cc61e61033.mspx

This is for XP, but it may give you some ideas.
http://www.windowsnetworking.com/articles_tutorials/Using-Remote-Desktop-Windows-XP-Pro.html

Then there is this thread you might like to check out concerning Remote Desktop in Vista:
http://techrepublic.com.com/5208-6230-0.html?forumID=101&threadID=212261&messageID=2177634

http://www.vistaheads.com/forums/microsoft-public-windows-vista-networking-sharing/92878-fixed-remote-desktop-connection-rdc-slow-no-connection-issue.html
http://www.howtonetworking.com/index.htm
http://www.chicagotech.net/vista/vistaraissues.htm
http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-connection-authentication-faq.aspx

I think you do need to do some setup on both ends of the connection. The remote computer needs to "Invite" the computer you are using. But since it seems to work fine on the LAN, I wonder if it is a latency issue that could be adjusted in some TCP settings, or a router issue if you have a gateway router for internet connection at home. Are there incoming ports blocked in the router? (port 3389)

Hope something in here points you in the right direction.

Collapse -

limited success redefines problem

by writehwy61 In reply to Don't know about a loopba ...

I just now successfully connected from my friends computer! Everything was the same as before except the remote client was directly connected to a cable modem. I think that most home routers allow pretty much all outound traffic by default, I don't think this is related to a remote firewall. I think the reason the other computer could not connect had to do with nat or the fact that both the local and remote lans used the same subnet (192.168.1.x).
If this is true the solutions appear to be one or more of the following:
1. re-address one of the two lans to distinct subnets
2. impliment a domain environment with proper naming schemes
3. use fqdn to map local machines to internet(does that even make sense?)
4. ...some simple solution that allows remote access while I look into 1-3.

Thanks again and feel free to correct any misconceptions I have here. I can't help but think I am missing some important concepts.

Sam

Collapse -

I think I got it. For now.

by writehwy61 In reply to limited success redefines ...

So I re-addressed my lan to another subnet and now I can at least make a connection. I have more to iron out with host names and performance, but I am happy to have connected.
As a side topic, I found that if I disabled telnet on my router, vpn would not connect. If this means that my vpn connection uses telnet, how is that secure? Doen't telnet transmit in clear text? Should I consider an ssh connection instead? Just curious.

Thanks for the help,

Sam

Back to Networks Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums