Solved

Windows 7 Remote Desktop - VPN - Can not connect

Posted on 2011-09-16
10
1,208 Views
Last Modified: 2013-11-21
i connect remoting to a security domain via VPN and then remote desktop to a machine to do my work.  Using an XP machine wired to my locate network i'm able to make the VPN connection and connect to the remote desktop without a problem.  I also have a Windows 7 machine connected to the same local network.  From windows 7 machine i can create the VPN connection but then nothing else works.  Remote desktop can not find the remote machine.  Ping times out and has the wrong IP address.   The windows 7 machine does not work using either a wireless link to the the local network or a wired connection.  The strange thing is that when my internet connection from the windows 7 machine is established using my broadband access point tied directly to the windows 7 machine via the USB port, i can establish the VPN connection and the connection to the remote machine via remote desktop without a problem.  

I have historically been able to connect via VPN and remote desktop to this remote machine from the windows 7 machine.  i have obivously changed something during a previously trouble shooting activity when a problem existed at the remote site.  i have tried the Reset options on the firewall settings but that has not worked.
0
Comment
Question by:ggi_brad
  • 5
  • 4
10 Comments
 
LVL 5

Expert Comment

by:ErikCamacho
Comment Utility
Look if IPV6 is installed even if not enabled you may have to disable from the registry.

Add the following registry value (DWORD type) set to 0xFF:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\DisabledComponents

This method disables IPv6 on all your LAN interfaces, connections, and tunnel interfaces but does not disable the IPv6 loopback interface. You must restart the computer for this registry value to take effect.
 
0
 
LVL 16

Expert Comment

by:cantoris
Comment Utility
If ping is returning the wrong address, troubleshoot DNS on the Windows 7 PC.  What does ipconfig /all   show when the VPN is connected but the remote connection fails compared to when the VPN is up but the remote desktop is working?
0
 

Author Comment

by:ggi_brad
Comment Utility
I tried disabling IPV6 .  I think i did this right because there were no IPv6 style attributes in the ipconfig /all listing.  This did not change the behavior in any way.

I compared the DNS listings from the ipconfig /all listings.  Not exactly sure what I'm looking but:
1.  The Windows IP Configuration is identical in both cases.
2.  The Ethernet Local area adapter that is tied to the VPN connection are identical.  
The Wireless adapters are identical and disconnected.  The only difference is that one has the Wired adapter and the other has the PPP adapter.  I don't know if this makes any difference but the PPP adapter is at the top of the list when the Remote Desktop works and the Wired adapter is at the bottom of the list.

One more newly discovered but maybe not related piece of information.  In my local network, i have an NT machine, Vista machine and the Windows 7 machine.  From the Windows 7 machine I can remote the Vista but not to the NT machine.  The NT and Vista machines can remote to each other and the Windows 7 machine without a problem.  I mention this only because the remote machine that I connect to via VPN is an NT machine.  The error messages from the Windows 7 when attempting to remote to the local NT is different than the message when i'm connecting to the remote NT machine but both imply that Windows 7 can not find the machine.
0
 
LVL 16

Expert Comment

by:cantoris
Comment Utility
ipconfig /all

Specifically check your default gateway and DNS server addresses on your VPN adapter and on the underlying network (whether it be wired or wireless).
Also check for DNS suffixes.

When you say pinging it returns the wrong IP, try pinging using the fully qualified domain name and not just a hostname
eg   remoteserver.mycompany.com   or whatever

The inability to connect to the NT machine will be name resolution since you said it was resolving the wrong IP address.  If it the IP were correct then I'd be thinking about other settings that were introduced with Vista into the RDP Client.
0
 
LVL 16

Accepted Solution

by:
cantoris earned 500 total points
Comment Utility
I should have added, can you remote desktop to this machine via its IP address?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:ggi_brad
Comment Utility
Doh... I connected to the remote machine using the IP address and it worked.  Thanks, this is a workable solution for me, but i'm curious why it can not resolve the name when connected via my local network but it can when I'm using the broadband card.  Thinking back to when i had this working previously it was via an IP address so i don't think that name resolution has ever worked on this machine.  
0
 

Author Closing Comment

by:ggi_brad
Comment Utility
I have follow-on questions related to my problem but i have a functioning solution therefore I'm happy. Thanks.
0
 
LVL 16

Expert Comment

by:cantoris
Comment Utility
Thanks!

Well we've proved the issue is one of name resolution rather than connectivity.

Can you print here the entire contents of  "ipconfig /all" both when working and not working along with the fully qualified hostname of the remote machine?  You might want to replace "yourdomainname.com"  with "topsecret.com" in the results  ;-)
0
 

Author Comment

by:ggi_brad
Comment Utility
Here is the ipconfig /all for the wired connection that can not resolve the name.

Windows IP Configuration

   Host Name . . . . . . . . . . . . : GGI-0008
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : pine.zone1.top_secret.com
                                       pine.zone1.top_secret.com
                                       hotspot
                                       westell.com

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . : pine.zone1.top_secret.com
   Description . . . . . . . . . . . : Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
   Physical Address. . . . . . . . . : 00-05-9A-3C-7A-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.89.24.108(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : 10.89.24.1
   DNS Servers . . . . . . . . . . . : 10.80.159.251
                                       10.24.7.123
   Primary WINS Server . . . . . . . : 10.80.159.251
   Secondary WINS Server . . . . . . : 10.100.36.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : F0-4D-A2-D0-5B-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, September 18, 2011 5:29:14 AM
   Lease Expires . . . . . . . . . . : Monday, September 19, 2011 5:29:29 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

And this connection via the broadband card can resolve the name

Windows IP Configuration

   Host Name . . . . . . . . . . . . : GGI-0008
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : pine.zone1.top_secret.com
                                       pine.zone1.top_secret.com
                                       hotspot
                                       westell.com

PPP adapter Verizon Wireless - VZAccess:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Verizon Wireless - VZAccess
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 75.253.152.54(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : 0.0.0.0
   DNS Servers . . . . . . . . . . . : 66.174.71.33
                                       69.78.96.14
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . : pine.zone1.top_secret.com
   Description . . . . . . . . . . . : Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
   Physical Address. . . . . . . . . : 00-05-9A-3C-7A-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.89.24.107(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : 10.89.24.1
   DNS Servers . . . . . . . . . . . : 10.80.159.251
                                       10.24.7.123
   Primary WINS Server . . . . . . . : 10.80.159.251
   Secondary WINS Server . . . . . . : 10.100.36.3
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : 1C-65-9D-E8-EB-68
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
0
 
LVL 16

Expert Comment

by:cantoris
Comment Utility
All I can spot is that on the non-working wireless connection, you have two default gateways.  Maybe it's trying to route traffic destined for your work LAN down the wired connection instead of down the VPN tunnel.

Try a ROUTE PRINT under both set of circumstances while the VPN is connected.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

For a while, I have wanted to connect my HTC Incredible to my corporate network to take advantage of the phone's powerful capabilities. I searched online and came up with varied answers from "it won't work" to super complicated statements that I did…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now