Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: VPN versus Remote Desktop Connection

26 Dec 2009   #11
pgordon

Windows 7
 
 

No luck.

First, I run Shrew Soft VPN Access Manager. I click on connect for "My-Office-PC" connection, and I eventually get the message "tunnel enabled."

Second, I run Remote Desktop Connection, and I get the message: Remote Desktop can't find the computer "My-Office-PC."

When I run RDC on a different computer at the office, I able to remote into "My-Office-PC," but when I do the same thing from home, I get the error message above, even through I have "tunnel enabled" and I use the same RDC settings that were successful on the office LAN. Suggestions?


My System SpecsSystem Spec
.
26 Dec 2009   #12
RedBirdDad

W7 Ultimate 64bit W7 Premium 64bit W7 Premium 32bit WXP Home 32bit
 
 

A VPN is actually a secure, encrypted pathway ("tunnel") from one machine to another. All data through the tunnel is protected. An RDP connection would traverse the tunnel. So under normal conditions the VPN must be up, then start the RDP.

In your case the tunnel may be up but not configured correctly. When Shrewshoft says the tunnel is established, can you ping any device on the other side? If not the tunnel isn't right. You can be authenticated but if the VPN client and Server parameters don't match *perfectly* you won't pass anything through the tunnel.

What VPN server are you using?
My System SpecsSystem Spec
26 Dec 2009   #13
pgordon

Windows 7
 
 

I was able to ping the DNS (WAN1) IP Address with success. Thus, I have "tunnel enabled" and I can ping the DNS. But when I try to establish a remote desktop connection, I get the following message:

"The remote connection was not made because the attempted VPN tunnels failed. The VPN server might be unreachable. If this connection is attempting to use an L2TP/IPsec tunnel, the security parameters required for IPsec negotiation might not be configured properly."

I am not sure what is meant by "VPN server." I am using a VPN router (Linksys RV042) put in Gateway Mode. Suggestions?
My System SpecsSystem Spec
.

26 Dec 2009   #14
RedBirdDad

W7 Ultimate 64bit W7 Premium 64bit W7 Premium 32bit WXP Home 32bit
 
 

The Linksys is the VPN server. A VPN tunnel is a point to point connection. The IP Address of the connection is probably the Linksys so that makes it the server.

Where is the WAN1 interface you refer to? Is it on the Linksys? Since the PC you want to RDP to is most likely on the other side of the Linksys (inside interface), that's where you need to be able to ping. If you can ping the inside interface or any PC on the inside the VPN tunnel is probably ok. If you can only ping the outside (WAN1 I'll bet), then you're not getting through the router. What kind of VPN connection is it? IPSec? PPTP?
My System SpecsSystem Spec
26 Dec 2009   #15
pgordon

Windows 7
 
 

First, you're being very helpful. Thank you.

Second, I am not able to ping my office computer on the other side of the router. I tried using both my office computer LAN IP and my office computer LAN IP with the listening port added. Both timed out.

The WAN1 port is attached to the router. Thus, the topology is as follows:

HomePC >> {{{Internet}}} >> DSLModem(Bridged) >> VPNRouter >> Switch >> OfficePC

All computers are using Windows 7 Professional. If I try to use the native VPN client, I set the connection to automatically cycle through four protocols: PPTP, L2TP/IPsec, SSTP, and IKEv2. I end up with the same error message.

I have multiple devices on the inside of the router, so I set my office computer (I'll call "My-PC") to listen to a particular port (I'll call "12345") and made all the necessary (I think) adjustments. I just checked my notes for the VPNRouter setting. Here are the settings (with changes to protect the innocent):

Router

Model - Linksys RV042Firmware - 1.3.12.19-tm (Feb 13 2009 13:03:21)ConfigurationLAN IP - 11.22.33.1Subnet Mask - 255.255.255.0WAN1 IP - 99.888.777.66PPPoEfake@fake.netpasswordconnect on demandMTU - autoWAN2 - obtain an IP automaticallyMTU - autoMode - GatewayRIP - disabledDNS (WAN1) - 222.444.3.66DDNS - offDMZ Host - disabledPrivate IP Address - 11.22.33.1Port Range ForwardingTCP 12345~12346 to 11.22.33.111UDP 12345~12346 to 11.22.33.111TCP 3389~3389 to 11.22.33.111Port TriggeringTCP 12345~12345;3389~3389]UPnP Function - noOne-to-One NAT - disabledDHCP Server - enabledMy-PC - 11.22.33.111Printer-Host - 11.22.33.116Partner1-PC - 11.22.33.103Partner2-PC - 11.22.33.108SNMP enabledDiagnostic - pingFirewall - enabledSPI - enabledDoS - enabledBlock WAN Request - enabledRemote Management - Port 80HTTPS - enabledMulticast Pass Through - enabledPorts 12345~12346 allowed to 11.22.33.111 (TCP)Ports 12345~12346 allowed to 11.22.33.111 (UDP)Port 1723 allowed to any destinationVPN Tunnel Group No. 1WAN1Local Security Group Type - subnetIP Address - 192.168.1.0Subnet Mask - 255.255.255.0Remote Client - shrew.netIPSec SetupIKE with Preshared keyPhase 1Group 2AES-256SHA1Perfect Forward Secrecy28800Phase 2Group 2AES-256SHA1Preshared Key - FakeKey3600Aggressive Mode - yesCompress - noKeep-Alive - yesAH Hash Algorith MD5 - noNetBIOS broadcast - yesNAT Traversal - yesVPN Client AccessMy-VPN - activeVPN Pass ThroughIPSec Pass Through - enabledPPTP Pass Through - enabledL2TP Pass Through - enabledPPTP Server - enabledRange Start - 11.22.33.200Range End - 11.22.33.204User - MyVPNPPTP (FakeVPNPassword)

Any ideas?
My System SpecsSystem Spec
26 Dec 2009   #16
RedBirdDad

W7 Ultimate 64bit W7 Premium 64bit W7 Premium 32bit WXP Home 32bit
 
 

When you said you changed the port numbers the Office PC listened to is that for RDP? You shouldn't need to do that. A VPN makes the remote PC look like it's directly connected to the local LAN. In fact you shouldn't need to change any ports at all. That may be part of the problem.

Can you ping any other device on the office LAN?
My System SpecsSystem Spec
26 Dec 2009   #17
pgordon

Windows 7
 
 

Because I am using a VPN router instead of box with WinServer2008R2, I thought I needed to change each office computer to listen to a unique port. For our purposes, my office computer is set to listen to Port 12345. The other office computers are set to listen to other ports. I thought I addressed this problem with port forwarding and port triggering. On my office computer, the Registry line item was originally set to listen to 3389, and I changed it to 12345. I then configered the forwarding and triggering settings on the router as follows:

Port Range Forwarding
TCP 12345~12346 to 11.22.33.111
UDP 12345~12346 to 11.22.33.111
TCP 3389~3389 to 11.22.33.111

Port Triggering
TCP 12345~12345;3389~3389

(With 11.22.33.111 representing my office computer's LAN IP Address.) Thoughts?
My System SpecsSystem Spec
26 Dec 2009   #18
RedBirdDad

W7 Ultimate 64bit W7 Premium 64bit W7 Premium 32bit WXP Home 32bit
 
 

Once the tunnel is set, the router will (should) assign an IP address to your VPN client so that it can route packets to the local LAN. I have a VPN setup similar to this and never had to change any ports.

VPN's are *very* picky and the settings on the server and client must match. You need to tell the Shrewsoft VPN what network it will be connecting to. It looks like your inside network is 11.22.33.0/24 (255.255.255.0) so that's what you'd configure in the Shrewsoft VPN client.
My System SpecsSystem Spec
26 Dec 2009   #19
pgordon

Windows 7
 
 

To answer your earlier question, I am not able to ping any computer or printer inside the router.

I want to make sure I understand: The "VPN Client" is my home computer. Correct? Whereas the "Shrewsoft VPN Client" is something different?

Also, I don't understand "/24" in your description of the network as "11.22.33.0/24 (Subnet Mask 255.255.255.0)." I just looked at the configurations for the Shrew Soft connection. I'm not sure which setting should be changed. Here are some possibilities:

Local Host Address
DNS Server Address
Maintain Persistent Security Associations (Topology entry)
My System SpecsSystem Spec
26 Dec 2009   #20
RedBirdDad

W7 Ultimate 64bit W7 Premium 64bit W7 Premium 32bit WXP Home 32bit
 
 

The VPN client would be the Shrewsoft VPN software on your home PC.

Sorry, the "/24" refers to the subnet mask: 255.255.255.0 which is a 24 bit mask.

There should be something in the Shrewsoft setup that tells it what remote network it's to connect to. Not to be confused with the router's outside address. It's the inside network where the router will send the packets from your home PC. Remember, the VPN is a tunnel. The tunnel itself terminates at the router's outside interface but packets *inside* the tunnel need to get to the inside interface.
My System SpecsSystem Spec
Reply

 VPN versus Remote Desktop Connection




Thread Tools




Similar help and support threads
Thread Forum
Identifying remote computer for Remote Desktop Connection
Remote Desktop Connection wants the IP or name of the remote computer to connect to. But suppose the remote computer is behind a router. The router has one WAN IP, say 192.45.63.98, which will be the same for all the computers connected off of that router, (when you google "my ip" from any of...
Network & Sharing
Remote Desktop Connection
I received a request to view a file via RDC from our tech rep people. I do not understand how one can create a RDC-connection zip file and then send it by email. What I received was ' XXX-Demo ' (compressed zip). When I unzip the file I have a RDC icon, named ' XXX-Demo'. It is type=remote...
Network & Sharing
[Ask]Remote Desktop Connection
Guys,I want to asking about Remote Desktop Connection. How do I can get remote desktop connection,I mean window server 2008 or some trial version.If existed,provide me download link or guide. By the way,what I wanted is remote desktop connection not team viewer,I'm still new in this topic. ...
Network & Sharing
Remote desktop connection
Hi I have just installed 7 to replace Vista. In vista i used to be able to connect to my office computer using Remote desktop connection. However when i try it in Windows 7 i get the message 'your credentials did not work'. Can anyone help to correct this? Thanks
Network & Sharing
Remote Desktop Connection: home network versus internet
So I got sick of my old VNC program not connecting outside of my home network and decided to figure out this whole RDC thing. Got it all set up, works great...inside my home network! If I try to use my external IP (or rather the external IP of my router) to connect to my desktop from my laptop it...
Network & Sharing
Can't use remote desktop connection - Need help
Hi all. I'm running two computers in WLAN both have Win7 Ultimate 64bit. I've noticed that if I want to have remote desktop connection, I must have a password as a user on both computers while I don't want to have a password when I use the remote desktop connection. Can someone help me please...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:20.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App