Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Remote Access connects but I can't RDP to Win7 PC (or ping it)

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 851 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      newberger
      last edited by

      I've been working on setting up OpenVPN Remote Access all week.  Although the instructions are great and it seems to be a simple process, I am new to pfSense networking and am a home user.  Finally, I found all my mistakes and I can connect via a MacBook with Viscosity and a Win7 VM on the MacBook with OpenVPN Community Client.  I can access pfSense router, QNAP, etc.  However, I can't ping or RDP to my Win 7 PC on the LAN.

      Here's my setup: FW, OpenVPN setup, and the MS RDC error.  The Win7 PC has McAfee running, with port 3389 open and remote access allowed through Windows (NLA required).  Any help is appreciated!
      ![FW WAN.PNG](/public/imported_attachments/1/FW WAN.PNG)
      ![FW WAN.PNG_thumb](/public/imported_attachments/1/FW WAN.PNG_thumb)
      ![FW LAN.PNG](/public/imported_attachments/1/FW LAN.PNG)
      ![FW LAN.PNG_thumb](/public/imported_attachments/1/FW LAN.PNG_thumb)
      ![FW OPENVpn.PNG](/public/imported_attachments/1/FW OPENVpn.PNG)
      ![FW OPENVpn.PNG_thumb](/public/imported_attachments/1/FW OPENVpn.PNG_thumb)
      ![OpenVPN Setup.png](/public/imported_attachments/1/OpenVPN Setup.png)
      ![OpenVPN Setup.png_thumb](/public/imported_attachments/1/OpenVPN Setup.png_thumb)
      ![RDC Error.PNG](/public/imported_attachments/1/RDC Error.PNG)
      ![RDC Error.PNG_thumb](/public/imported_attachments/1/RDC Error.PNG_thumb)

      1 Reply Last reply Reply Quote 0
      • N
        newberger
        last edited by

        So, McAfee was not configured correctly.  I had to edit the firewall's port settings to specifically allow 3389 UDP and to allow PCs not on the same subnet - just opening the port in McAfee did not allow full access.

        Also, I don't think it had any impact on the problem, but I made some configuration changes - notes in red on attached screenshot.

        I can now access the Win PC remotely after connecting via VPN using the PCs IP - but not using the PCs name.  Is this typical?  I thought adding "DNS Default Domain - Provide a default domain name to clients" might allow access using the PC name.

        ![Revised OpenVPN Settings.png.png](/public/imported_attachments/1/Revised OpenVPN Settings.png.png)
        ![Revised OpenVPN Settings.png.png_thumb](/public/imported_attachments/1/Revised OpenVPN Settings.png.png_thumb)

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          opendns isn't going to know anything about your local hostnames or their addresses.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • N
            newberger
            last edited by

            Thanks for the reply.  Yes, that makes sense.

            I thought that when I connect via OpenVPN and run MS RDC on the remote computer, that RDC might be able to detect my home's PC's name, particularly since the home PC is set to accept remote connections.  I wasn't sure if any of the VPN settings might prevent or enable such detection.

            I also expect that the larger problem in resolving the computer's name is that the home LAN and the VPN are on different subnets?

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              You will need to configure some local DNS to resolve local hostnames and point your OpenVPN clients to that.

              People usually point at an Active Directory DNS server or something.

              You are correct. Service discovery that relies on network broadcasts is not going to work. You need something else like DNS.

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • N
                newberger
                last edited by

                Thanks, that's good to know.

                I will take a look at DNS options and investigate the Active Directory option.  (I recall reading some about Active Directory when resolving issues in setting up the OpenVPN.)

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.