Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote Desktop and VPN

    Scheduled Pinned Locked Moved General pfSense Questions
    23 Posts 3 Posters 7.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kejianshi
      last edited by

      NAT is very transparent in one direction - and very non-transparent in the other.  I doubt its as easy as you think, but I'm going check it shortly.

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        OK - You will be happy to know that if I lower my firewall rules and allow communication between clients that my windows 7 VM and my ubuntu machine CAN browse the shares of the remote client.  I can also ping the virtual IP assigned to the distant windows 7 client.  Communications seem completely open in both directions as long as I deactivate my firewall rules that are in place to prevent such things.

        That distant computer is a Windows home machine and did not support RDP out of the box, but every other service on that laptop which is 2000 miles away, was open to any computer on my LAN.

        So, assuming you load a VPN client on the laptop, and only load 1 configuration and put a link to the openvpn client file in the startup folder as I have done, you should be in business.  I'll give it a shot with a Vista Ultimate machine in California.  If the communication is open and 2 way like the win7 machine I don't expect any issues.

        HAHA - Actually that machine is home premium…  Anyway - Try it.  (My fault - I have taken as many people off Windows as possible)
        I can't imagine that RDP is the only service running that wouldn't be accessible when everything else is.

        1 Reply Last reply Reply Quote 0
        • S
          Syntax42
          last edited by

          For anyone who comes across this in the future, my solution requires me to set the OpenVPN service to automatic in services.msc.  After doing so, the OpenVPN service attempts to connect to any configuration in the folder specified by the affiliated registry entry, and it does not need the use of the GUI.  Adding "auth-user-pass passwordfile.txt" to the configuration, and creating passwordfile.txt with the user name on the first line and password on the second line allows it to connect.  This can be a security vulnerability if you do not restrict what the VPN clients are allowed to access and is not suggested for most applications of VPN.

          I haven't tried it, but I'm fairly sure the GUI won't work after setting the service to automatic.  It doesn't bother me much, and it just means we will have to use IPsec on the computers which need a VPN connection to access our internal network.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.