Dial-up VPN within Terminal Services session

Posted on 2010-09-17
Last Modified: 2013-11-21
Hi experts,

Bit of an unusual scenario here, but we are doing a desktop replacement (to thin client) rollout and some users have an application which requires a soft (i.e. dial-up) VPN.  

They currently have this app and the VPN settings installed on their desktop (XP) machines but every user will now go full Citrix XenApp desktop.

Question is, can I allow per-user VPN connections from Terminal Services and what effect will that have on the server and the other users on the box?

Question by:Codestone
  • 2
  • 2
LVL 32

Expert Comment

ID: 33699858
Do you have a separate device that is your firewall/router on your network? If so, this should be used to manage all client VPN connections.

I would not recommend that you implement a VPN solution on your box that is also your Citirx server.

Author Comment

ID: 33699904
Hi nappy,

Thanks for your reply, but II think you've misunderstood.

I'm not suggesting we use a XenApp server as a VPN/RAS Server.

The users which are 'sat' on the box need to establish a [Windows Dial-Up networking] VPN to a remote service so that their application can communnicate with a remote server.

I hope that is clearer?


Assisted Solution

woodmouse earned 150 total points
ID: 33700112
That's not what nappy meant... I think he quite understood, not to install any 3rd party VPN software on a terminalserver or Citrix server.
You'd end up to have virtual networkcards that build up the IPSTACK, either by IPSEC vpn software or PPTP VPN - and that can confuse your terminal server big time.

I would recommend to try XenDesktop to virtualise desktops indepentantly... and install VPN software there... that way, you won't end up having multiple users connecting software-like VPN's on one box...

You don't make multiple VPN connections using software neither (at least, not at random...) and this is what's just going to happen, if you let multiple users login to Citrix (or TSE), and work each with (the same) VPN software solution...

I really think that this is "not done" on a terminal-server.
LVL 32

Accepted Solution

nappy_d earned 350 total points
ID: 33700144
Agrred with woodmouse.

In your case, if the vpn connections from the XenApp desktops are being made to another end point, I woul recommend that you relieve your virtual desktops of this task and work with the remote site admin(if not you) to create a site-ste vpn between your networks.

It would make more sense.

Author Comment

ID: 33700500
I agree with both of you and this is not a design of my choosing - I'm putting this question up here for some back up on my own points which you have both made, so thank you.

Agreed nappy, site-to-site VPN would be more appropriate but is unfortinately not a possibility for political reasons outside of my control.

Points split 70/30; nappy.

Thanks both.


Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
upgrade Vcenter to V6 10 90
Microsoft Remote app to an application server slow 3 72
SCCM Microsoft Report 2 65
Domain Trusts - Define AD Servers and Sites 9 60
Citrix XenDesktop 7.6 Citrix Policies Graphics
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now