Link to home
Start Free TrialLog in
Avatar of Varshini S
Varshini S

asked on

Unable to RDP to windows 10 pro machine

i am using "Cisco AnyConnect Secure Mobility Client"  to  RDP to the remote machine.
VPN is successfully connected but unable to RDP to the remote machine.

Remote desktop permission was enabled in remote machine and user also added in remote user group.

When i do the ping it is working fine. But telnet failed when using port 3389.

When i do RDP internally i can able to RDP to that machine.



RDP is enabled for the subnet in the firewall.

When in run the below command in the remote computer , i got the following response

netstat -an | findstr 3389
TCP    0.0.0.0:3389           0.0.0.0:0   LISTENING


when i do the nslookup  i got the following response

> 192.168.1.10
Server:  xxxx.xxxx.xxxx
Address:  145.xx.xx.xx

*** xxxx.xxxx.xxxx can't find 192.168.1.10: Non-existent domain

Any help deciphering the cause would be appreciated.
Avatar of John Tsioumpris
John Tsioumpris
Flag of Greece image

I think your Cisco gateway is cutting the RDP service...you need to specifical add it to the list of allowed services
Have you set an exception in Windows Firewall for incoming connection for port 3389?
Avatar of Varshini S
Varshini S

ASKER

Jackie Man: Firewall for incoming connection for port 3389 is enabled.
Antivirus / Internet security software installed at your computer and remote host?
Antivirus / Internet security not installed in remote host and my computer.
If you can RDP fine when on the internal network, but not when using the VPN then it sounds like a routing or firewall issue between the VPN and your internal network. In this case, the PC settings are fine and can be left as-is unless you've got some firewall rule in windows to only allow RDP connection from internal addresses/subnet.

Can you ping the computer when connected to the VPN?
Can you ping/connect to any other internal network systems while on the VPN?
When you connect to the VPN is the IP address given for the connection on the same subnet as your internal network?
Have you checked your firewall rules? Sounds like that's where your issue lies.
Are you talking about internal network of my pc or remote pc?
Firewall on the remote PC side. And I also highly recommend that you double check all of the RDP related settings on the remote PC.
Andy M: yes i can able to ping other pc in the network.
You need to do a PORT forwarding for port 3389 from your router at your remote location to the internal IP address of the remote machine if you want to do a RDP into that remote machine via the public IP address of the router.

By default, VPN does not allow the user to connect to the remote subnet unless you have enabled local LAN access in your VPN gateway.

VPN Client and AnyConnect Client Access to Local LAN Configuration Example
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70847-local-lan-pix-asa.html

You need to ask your network admin to help if you do not have access to the VPN gateway to change the setting.

Also, you need to check whether the VPN gateway is on the same subnet of the remote machine.
Have you checked for a conflict involving that static IP?
Hi There,

Kindly paste the route print output from your PC before and after you connect to the VPN.
ASKER CERTIFIED SOLUTION
Avatar of Ian Arakel
Ian Arakel
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial