?
Solved

Risk of RDP over VPN?

Posted on 2011-09-16
4
Medium Priority
?
588 Views
Last Modified: 2012-05-12
I have a VPN and want to grant a user RDP to his desktop.
He has citrix access and Terminal server, but sometimes it's not always working as expected.

What risk do you think this might bring?

Thank you,
0
Comment
Question by:dguandique
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:dguandique
ID: 36550532
Thanks,
0
 
LVL 2

Accepted Solution

by:
Mike earned 1500 total points
ID: 36550544
To RDP over a proper VPN is secure. As long as the user is actually RDPing to an internal address and not just a NATed port on the firewall. (I've seen admins do this before.)
0
 
LVL 8

Expert Comment

by:gsmartin
ID: 36551569
You can also RDP over HTTPS for better security, as well.  

More importantly, this seems to be more of a bandaid to the original issue, which is the reliability of your remote Citrix/Terminal server connection.  Why is the Citrix/Terminal server connection unstable?  For example: If the user(s) connect to Citrix over VPN via an IPSec tunnel - You may need to adjust VPN clients MTU setting to avoid dropping packets (like with Cisco's IPSec VPN Client).  My preferrence is Cisco's AnyConnect VPN client and/or Citrix Access Gateway these are both SSL VPN solution, which typically are more stable.
0
 

Author Closing Comment

by:dguandique
ID: 36713853
thanks
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question