We help IT Professionals succeed at work.

RDP Over VPN

137 Views
Last Modified: 2015-09-19
I recently added a VPN to my office PC and I'm learning the ropes. I've learned to use route add x.x.x.x 192.168.0.1 to add special website/server connections to bypass the VPN.  And I've figured out that to access our remote servers at a colo, I need to use their public IP. A confusing situation is that I was expecting problems RDP'ing (Windows 7's Remote Desktop) to local PC's on our local network (BOT-PC that runs Scheduled Tasks and HOLD-PC that runs our phone system hold music). I can for some reason connect to the HOLD-PC (maybe I've forgotten having added a route but I don't know how to check that). When I attempt to connect to the BOT-PC I get what I was expecting:  "cannot connect". Where do we begin?
Comment
Watch Question

Commented:
A full network diagram with IP addresses, endpoints, routes, and VPN addresses would probably be needed to start with.  You are asking for a lot and we just don't have enough information from the above to make it happen.

Change your real IP's to fake ones in the diagram to keep your info private.
Kash2nd Line Engineer
CERTIFIED EXPERT

Commented:
your question is ambiguous.

one thing to make sure, that both office and the other site you are connecting are NOT on the same subnet as you won't be able to connect otherwise.

Post details and people will guide you.
slamondIT Manager

Author

Commented:
I've done IPCONFIG/ALL for each device in the puzzle, sans the servers.
Let me know if you need more and specifically how to get the info.
RDPoverVPN-090415.txt
Qlemo"Batchelor", Developer and EE Topic Advisor
CERTIFIED EXPERT
Top Expert 2015

Commented:
The IPConfig dumps show that you use the same network on SLAMOND-PC (192.168.0.115/24) and on the other PCs.
And that you use a TAP-based VPN. But no route info, no info about the infrastructure, and nothing about which VPN you use (my guess is OpenVPN). And why did you obfuscate the TAP IPs? Why public DNS servers on SLAMOND-PC? I also have no clue what you want say with

I've learned to use route add x.x.x.x 192.168.0.1 to add special website/server connections to bypass the VPN.  And I've figured out that to access our remote servers at a colo, I need to use their public IP.
as that sounds straight wrong.
Kash2nd Line Engineer
CERTIFIED EXPERT

Commented:
you are using same 192.168.0.0/24 network on both ends hence why your vpn isn't working.
you need to change preferrably your IP subnet to some other i.: 192.168.10.0/24.

It is a very common issue which I have seen before.
slamondIT Manager

Author

Commented:
After drawing this very crude diagram of my situation, it's likely not a VPN issue at all. When I ping 0.102 I get a reply (hold-pc to which RDP works) but 0.11 does not reply to ping (bot-pc).

I'm thinking the ping clue hold the key.
CrudeNetwork.pdf
Kash2nd Line Engineer
CERTIFIED EXPERT

Commented:
The easiest way to find out if its your network or not would be to try it from a network where you are not getting same IP settings.

Or backup your router config (if thats doing DHCP), change IP range, test. if it fixes the issue then you know it is and if not, restore the config back.
slamondIT Manager

Author

Commented:
Kash, I didn't really understand what you wrote. But I've added more information to my chicken-scratch network. Notably, that my understanding is that the Gateway is the Comcast modem. And that we have two servers (actually 3 including an unlisted email server) in a colo. It's NOT clear to me where that VPN line should be. WHen I first attempted RDP into our bordents2 it failed until I learned that I had to use the public IP. This is where I had assumed that every connection to every device is being done from my slamond-pc over the VPN. But then how am I able to connect to the hold-pc using its local IP 0.102?
CrudeNetwork2.pdf
slamondIT Manager

Author

Commented:
I'm leaning towards this being a Windows7 security issue (I joke that Windows7 was designed so that no one can use it except hackers). When I attempt to map a drive to a share on the troubled, non-pinging bot-pc I get Error # 0x80070043.
IT Manager
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.