Solved

Problem with RDP connection between subnets

Posted on 2009-05-09
8
861 Views
Last Modified: 2013-11-21
I just set up a VPN between my home and office, using a Watchguard Firebox X at home and Firebox X500 at work.  I am trying to RDP from home to my work PC.

Home = 192.168.10.101; Windows 7 RC
Work PC = 192.168.2.244; Vista SP 1
Work Server = 192.168.2.123; Windows 2003 Server

I can successfully RDP from:
- Home to Work Server
- Work Server to Home
- Work PC to Home
- Work Server to Work PC

My work Firebox is configured to allow all traffic over the VPN connection, and I can successfully map a drive from Home PC to Work, etc.  All the usual signs of VPN success.

But I cannot connect from Home to Work PC.  I have configured Work PC to allow remote connections, tried disabling Windows Firewall, everything I could think of.

Seems like there's something about the fact that I'm connecting from a different subnet that Vista doesn't like.  

Ideas?
0
Comment
Question by:jkochel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Expert Comment

by:netcomsol
ID: 24346447
Do you have any other Firewall or Anti-Virus software that may be blocking the connection on the PC? Also is the pc going to sleep? Did you disable that?
0
 

Author Comment

by:jkochel
ID: 24346451
No security software other than Windows Firewall (which I tried disabling).  I can RDP from Work Server to Work PC, even if Windows Firewall is enabled on Work PC.

It's not going to sleep, either.  I can access it via LogMeIn just fine.
0
 
LVL 5

Expert Comment

by:DTAHARLEV
ID: 24346526
well, there is a chance you're showing up using your ORIGINAL IP and the work machine doesn't have a route to you. can you ping it??
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 

Author Comment

by:jkochel
ID: 24346580
I can ping the server (192.168.2.123) but not the PC (192.168.2.244).  From the server I can ping the PC *only* if Windows Firewall is turned off on the PC.  From home, I cannot ping the work PC regardless of Windows Firewall.  From the server I can RDP to the PC with *or* without Firewall turned on.

The server and work PC are on the same subnet.  The only difference seems to be the OS.  Can't figure out why work PC would allow RDP from within its own subnet but not from another subnet on the same trusted network.
0
 
LVL 5

Expert Comment

by:DTAHARLEV
ID: 24346608
nono, it's not a permission issue or an allowing issue; you're coming in with an IP the client machine doesn't know how to get to, and is not replying to it. can you logmein to the office machine and send a route print from there?
0
 
LVL 2

Expert Comment

by:iamshaked
ID: 24347596
You need to open up port 3389 on your router at your house and have it pass through your ip address of your home machine (192.168.10.101)
Then while your at your house google "what is my IP"
And that will give you your physical IP address.

While at work Start ---> RUN ---->  MSTSC
type in your physical IP address that will go to your home network (this is not going to be a 192.168 number.)
Enter in the physical ip address and as long as you opened the ports on your router to pass through to 192.168.10.101 and ports udp/tcp 3389.
You should get through from work, to your house.

0
 

Author Comment

by:jkochel
ID: 24347874
DTAHARLEV:  I tried a few tracerts but the hardware firewalls are blocking ICMP so it's not telling me much.  I'm not sure what you mean by "doesn't know how to get to".  Remember the work PC can RDP to the home PC successfully.  It's just the opposite direction that's not working.  And the home PC can RDP to the work server successfully (which is on the same subnet and behind the same firewall as the work PC).  Seems like it's gotta be something with Vista.  (And I did set the Vista box to accept remote connections from any version of Remote Desktop).

iamshaked:  This is a hardware VPN scenario, so I shouldn't need to open up any specific ports on the router.  The VPN tunnel is already configured to allow all traffic between the two subnets.
0
 

Accepted Solution

by:
jkochel earned 0 total points
ID: 24348180
Problem solved!

I turned on "Network Discovery" and "File Sharing" in Network & Sharing Center on the work PC, and rebooted.  Not sure which did the trick, but I can now RDP and map drives from home to work.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question