Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN Remote Access connects but I can't RDP to Win7 PC (or ping it)

    OpenVPN
    2
    6
    336
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      newberger last edited by

      I've been working on setting up OpenVPN Remote Access all week.  Although the instructions are great and it seems to be a simple process, I am new to pfSense networking and am a home user.  Finally, I found all my mistakes and I can connect via a MacBook with Viscosity and a Win7 VM on the MacBook with OpenVPN Community Client.  I can access pfSense router, QNAP, etc.  However, I can't ping or RDP to my Win 7 PC on the LAN.

      Here's my setup: FW, OpenVPN setup, and the MS RDC error.  The Win7 PC has McAfee running, with port 3389 open and remote access allowed through Windows (NLA required).  Any help is appreciated!
      ![FW WAN.PNG](/public/imported_attachments/1/FW WAN.PNG)
      ![FW WAN.PNG_thumb](/public/imported_attachments/1/FW WAN.PNG_thumb)
      ![FW LAN.PNG](/public/imported_attachments/1/FW LAN.PNG)
      ![FW LAN.PNG_thumb](/public/imported_attachments/1/FW LAN.PNG_thumb)
      ![FW OPENVpn.PNG](/public/imported_attachments/1/FW OPENVpn.PNG)
      ![FW OPENVpn.PNG_thumb](/public/imported_attachments/1/FW OPENVpn.PNG_thumb)
      ![OpenVPN Setup.png](/public/imported_attachments/1/OpenVPN Setup.png)
      ![OpenVPN Setup.png_thumb](/public/imported_attachments/1/OpenVPN Setup.png_thumb)
      ![RDC Error.PNG](/public/imported_attachments/1/RDC Error.PNG)
      ![RDC Error.PNG_thumb](/public/imported_attachments/1/RDC Error.PNG_thumb)

      1 Reply Last reply Reply Quote 0
      • N
        newberger last edited by

        So, McAfee was not configured correctly.  I had to edit the firewall's port settings to specifically allow 3389 UDP and to allow PCs not on the same subnet - just opening the port in McAfee did not allow full access.

        Also, I don't think it had any impact on the problem, but I made some configuration changes - notes in red on attached screenshot.

        I can now access the Win PC remotely after connecting via VPN using the PCs IP - but not using the PCs name.  Is this typical?  I thought adding "DNS Default Domain - Provide a default domain name to clients" might allow access using the PC name.

        ![Revised OpenVPN Settings.png.png](/public/imported_attachments/1/Revised OpenVPN Settings.png.png)
        ![Revised OpenVPN Settings.png.png_thumb](/public/imported_attachments/1/Revised OpenVPN Settings.png.png_thumb)

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          opendns isn't going to know anything about your local hostnames or their addresses.

          Chattanooga, Tennessee, USA
          The pfSense Book is free of charge!
          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • N
            newberger last edited by

            Thanks for the reply.  Yes, that makes sense.

            I thought that when I connect via OpenVPN and run MS RDC on the remote computer, that RDC might be able to detect my home's PC's name, particularly since the home PC is set to accept remote connections.  I wasn't sure if any of the VPN settings might prevent or enable such detection.

            I also expect that the larger problem in resolving the computer's name is that the home LAN and the VPN are on different subnets?

            1 Reply Last reply Reply Quote 0
            • Derelict
              Derelict LAYER 8 Netgate last edited by

              You will need to configure some local DNS to resolve local hostnames and point your OpenVPN clients to that.

              People usually point at an Active Directory DNS server or something.

              You are correct. Service discovery that relies on network broadcasts is not going to work. You need something else like DNS.

              Chattanooga, Tennessee, USA
              The pfSense Book is free of charge!
              DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • N
                newberger last edited by

                Thanks, that's good to know.

                I will take a look at DNS options and investigate the Active Directory option.  (I recall reading some about Active Directory when resolving issues in setting up the OpenVPN.)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post