Link to home
Start Free TrialLog in
Avatar of Scott Lamond
Scott LamondFlag for United States of America

asked on

RDP Over VPN

I recently added a VPN to my office PC and I'm learning the ropes. I've learned to use route add x.x.x.x 192.168.0.1 to add special website/server connections to bypass the VPN.  And I've figured out that to access our remote servers at a colo, I need to use their public IP. A confusing situation is that I was expecting problems RDP'ing (Windows 7's Remote Desktop) to local PC's on our local network (BOT-PC that runs Scheduled Tasks and HOLD-PC that runs our phone system hold music). I can for some reason connect to the HOLD-PC (maybe I've forgotten having added a route but I don't know how to check that). When I attempt to connect to the BOT-PC I get what I was expecting:  "cannot connect". Where do we begin?
Avatar of bas2754
bas2754
Flag of United States of America image

A full network diagram with IP addresses, endpoints, routes, and VPN addresses would probably be needed to start with.  You are asking for a lot and we just don't have enough information from the above to make it happen.

Change your real IP's to fake ones in the diagram to keep your info private.
Avatar of Kash
your question is ambiguous.

one thing to make sure, that both office and the other site you are connecting are NOT on the same subnet as you won't be able to connect otherwise.

Post details and people will guide you.
Avatar of Scott Lamond

ASKER

I've done IPCONFIG/ALL for each device in the puzzle, sans the servers.
Let me know if you need more and specifically how to get the info.
RDPoverVPN-090415.txt
The IPConfig dumps show that you use the same network on SLAMOND-PC (192.168.0.115/24) and on the other PCs.
And that you use a TAP-based VPN. But no route info, no info about the infrastructure, and nothing about which VPN you use (my guess is OpenVPN). And why did you obfuscate the TAP IPs? Why public DNS servers on SLAMOND-PC? I also have no clue what you want say with

I've learned to use route add x.x.x.x 192.168.0.1 to add special website/server connections to bypass the VPN.  And I've figured out that to access our remote servers at a colo, I need to use their public IP.
as that sounds straight wrong.
you are using same 192.168.0.0/24 network on both ends hence why your vpn isn't working.
you need to change preferrably your IP subnet to some other i.: 192.168.10.0/24.

It is a very common issue which I have seen before.
After drawing this very crude diagram of my situation, it's likely not a VPN issue at all. When I ping 0.102 I get a reply (hold-pc to which RDP works) but 0.11 does not reply to ping (bot-pc).

I'm thinking the ping clue hold the key.
CrudeNetwork.pdf
The easiest way to find out if its your network or not would be to try it from a network where you are not getting same IP settings.

Or backup your router config (if thats doing DHCP), change IP range, test. if it fixes the issue then you know it is and if not, restore the config back.
Kash, I didn't really understand what you wrote. But I've added more information to my chicken-scratch network. Notably, that my understanding is that the Gateway is the Comcast modem. And that we have two servers (actually 3 including an unlisted email server) in a colo. It's NOT clear to me where that VPN line should be. WHen I first attempted RDP into our bordents2 it failed until I learned that I had to use the public IP. This is where I had assumed that every connection to every device is being done from my slamond-pc over the VPN. But then how am I able to connect to the hold-pc using its local IP 0.102?
CrudeNetwork2.pdf
I'm leaning towards this being a Windows7 security issue (I joke that Windows7 was designed so that no one can use it except hackers). When I attempt to map a drive to a share on the troubled, non-pinging bot-pc I get Error # 0x80070043.
ASKER CERTIFIED SOLUTION
Avatar of Scott Lamond
Scott Lamond
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial