Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Dial-up VPN within Terminal Services session

Posted on 2010-09-17
Medium Priority
Last Modified: 2013-11-21
Hi experts,

Bit of an unusual scenario here, but we are doing a desktop replacement (to thin client) rollout and some users have an application which requires a soft (i.e. dial-up) VPN.  

They currently have this app and the VPN settings installed on their desktop (XP) machines but every user will now go full Citrix XenApp desktop.

Question is, can I allow per-user VPN connections from Terminal Services and what effect will that have on the server and the other users on the box?

Question by:Codestone
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 32

Expert Comment

ID: 33699858
Do you have a separate device that is your firewall/router on your network? If so, this should be used to manage all client VPN connections.

I would not recommend that you implement a VPN solution on your box that is also your Citirx server.

Author Comment

ID: 33699904
Hi nappy,

Thanks for your reply, but II think you've misunderstood.

I'm not suggesting we use a XenApp server as a VPN/RAS Server.

The users which are 'sat' on the box need to establish a [Windows Dial-Up networking] VPN to a remote service so that their application can communnicate with a remote server.

I hope that is clearer?


Assisted Solution

woodmouse earned 600 total points
ID: 33700112
That's not what nappy meant... I think he quite understood, not to install any 3rd party VPN software on a terminalserver or Citrix server.
You'd end up to have virtual networkcards that build up the IPSTACK, either by IPSEC vpn software or PPTP VPN - and that can confuse your terminal server big time.

I would recommend to try XenDesktop to virtualise desktops indepentantly... and install VPN software there... that way, you won't end up having multiple users connecting software-like VPN's on one box...

You don't make multiple VPN connections using software neither (at least, not at random...) and this is what's just going to happen, if you let multiple users login to Citrix (or TSE), and work each with (the same) VPN software solution...

I really think that this is "not done" on a terminal-server.
LVL 32

Accepted Solution

nappy_d earned 1400 total points
ID: 33700144
Agrred with woodmouse.

In your case, if the vpn connections from the XenApp desktops are being made to another end point, I woul recommend that you relieve your virtual desktops of this task and work with the remote site admin(if not you) to create a site-ste vpn between your networks.

It would make more sense.

Author Comment

ID: 33700500
I agree with both of you and this is not a design of my choosing - I'm putting this question up here for some back up on my own points which you have both made, so thank you.

Agreed nappy, site-to-site VPN would be more appropriate but is unfortinately not a possibility for political reasons outside of my control.

Points split 70/30; nappy.

Thanks both.


Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenDesktop, gold image, VMware, vSphere.
#Citrix #Citrix Policies #XenDesktop #VDI #POC #Citrix Univeral Printer Driver #Citrix UPD
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question