DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
RDP won't connect through VPN
- hornbyp
- Topic Author
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
25 Apr 2022 16:11 #101054
by hornbyp
That implies that some prior firewall rule (maybe the "default" rule) was blocking it...
... or perhaps your Router has some other type of VPN-access block set by default (I've seen it, for example, as part of the isolation settings for WiFi clients).
Which router is it:?:
Not quite. Some things (broadcast-based applications) tend not to work at all over Draytek VPNs. It's something that's implicit in 'routing', but other brands include 'helpers' or proxies to alleviate this.
(I'm thinking of things like DLNA, or I.O.T. mobile apps - anything which is trying to communicate over your network, but doesn't allow you to enter a target IP address, and relies on discovering it).
Re: RDP won't connect through VPN was created by hornbyp
keat63 wrote:
If I add a firewall rule allowing VPN to LAN, then RDP works.
That implies that some prior firewall rule (maybe the "default" rule) was blocking it...
... or perhaps your Router has some other type of VPN-access block set by default (I've seen it, for example, as part of the isolation settings for WiFi clients).
Which router is it
keat63 wrote:
I expected that once a VPN was established, then the remote client was as good as if it were in the building ?
Not quite. Some things (broadcast-based applications) tend not to work at all over Draytek VPNs. It's something that's implicit in 'routing', but other brands include 'helpers' or proxies to alleviate this.
(I'm thinking of things like DLNA, or I.O.T. mobile apps - anything which is trying to communicate over your network, but doesn't allow you to enter a target IP address, and relies on discovering it).
Please Log in or Create an account to join the conversation.
- hornbyp
- Topic Author
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
26 Apr 2022 15:07 #101058
by hornbyp
Makes sense to me
I've not tried using the "Default Block Rule " in anger - when I tried it, a billion things stopped working and I realised I'd need to add firewall rules for them all - so I backed out of it. In general of course, things from the outside-world are blocked by virtue of NAT anyway.
If you don't implicitly trust your VPN users, you could add your own 'Default block for VPN users ' rule to the Firewall. You can probably identify VPN users by IP address range (or static addresses).
Replied by hornbyp on topic Re: RDP won't connect through VPN
keat63 wrote:
The default rule is configured to block, so could this then block RDP even though the end user is connected.
Makes sense to me
I've not tried using the "Default Block Rule
If you don't implicitly trust your VPN users, you could add your own 'Default block for VPN users
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek