Varshini S
asked on
Unable to RDP to windows 10 pro machine
i am using "Cisco AnyConnect Secure Mobility Client" to RDP to the remote machine.
VPN is successfully connected but unable to RDP to the remote machine.
Remote desktop permission was enabled in remote machine and user also added in remote user group.
When i do the ping it is working fine. But telnet failed when using port 3389.
When i do RDP internally i can able to RDP to that machine.
RDP is enabled for the subnet in the firewall.
When in run the below command in the remote computer , i got the following response
netstat -an | findstr 3389
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
when i do the nslookup i got the following response
> 192.168.1.10
Server: xxxx.xxxx.xxxx
Address: 145.xx.xx.xx
*** xxxx.xxxx.xxxx can't find 192.168.1.10: Non-existent domain
Any help deciphering the cause would be appreciated.
VPN is successfully connected but unable to RDP to the remote machine.
Remote desktop permission was enabled in remote machine and user also added in remote user group.
When i do the ping it is working fine. But telnet failed when using port 3389.
When i do RDP internally i can able to RDP to that machine.
RDP is enabled for the subnet in the firewall.
When in run the below command in the remote computer , i got the following response
netstat -an | findstr 3389
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
when i do the nslookup i got the following response
> 192.168.1.10
Server: xxxx.xxxx.xxxx
Address: 145.xx.xx.xx
*** xxxx.xxxx.xxxx can't find 192.168.1.10: Non-existent domain
Any help deciphering the cause would be appreciated.
I think your Cisco gateway is cutting the RDP service...you need to specifical add it to the list of allowed services
Have you set an exception in Windows Firewall for incoming connection for port 3389?
ASKER
Jackie Man: Firewall for incoming connection for port 3389 is enabled.
Antivirus / Internet security software installed at your computer and remote host?
ASKER
Antivirus / Internet security not installed in remote host and my computer.
If you can RDP fine when on the internal network, but not when using the VPN then it sounds like a routing or firewall issue between the VPN and your internal network. In this case, the PC settings are fine and can be left as-is unless you've got some firewall rule in windows to only allow RDP connection from internal addresses/subnet.
Can you ping the computer when connected to the VPN?
Can you ping/connect to any other internal network systems while on the VPN?
When you connect to the VPN is the IP address given for the connection on the same subnet as your internal network?
Can you ping the computer when connected to the VPN?
Can you ping/connect to any other internal network systems while on the VPN?
When you connect to the VPN is the IP address given for the connection on the same subnet as your internal network?
Have you checked your firewall rules? Sounds like that's where your issue lies.
ASKER
Are you talking about internal network of my pc or remote pc?
Firewall on the remote PC side. And I also highly recommend that you double check all of the RDP related settings on the remote PC.
ASKER
Andy M: yes i can able to ping other pc in the network.
You need to do a PORT forwarding for port 3389 from your router at your remote location to the internal IP address of the remote machine if you want to do a RDP into that remote machine via the public IP address of the router.
By default, VPN does not allow the user to connect to the remote subnet unless you have enabled local LAN access in your VPN gateway.
VPN Client and AnyConnect Client Access to Local LAN Configuration Example
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70847-local-lan-pix-asa.html
You need to ask your network admin to help if you do not have access to the VPN gateway to change the setting.
Also, you need to check whether the VPN gateway is on the same subnet of the remote machine.
By default, VPN does not allow the user to connect to the remote subnet unless you have enabled local LAN access in your VPN gateway.
VPN Client and AnyConnect Client Access to Local LAN Configuration Example
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70847-local-lan-pix-asa.html
You need to ask your network admin to help if you do not have access to the VPN gateway to change the setting.
Also, you need to check whether the VPN gateway is on the same subnet of the remote machine.
Have you checked for a conflict involving that static IP?
Hi There,
Kindly paste the route print output from your PC before and after you connect to the VPN.
Kindly paste the route print output from your PC before and after you connect to the VPN.
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.