Solved: URGENT !!! RDP with Cisco 857

mannschaft · ‎06-05-2008

Hi experts,

i have configured a Cisco 857-k9 for remote vpn clients. all is working fine. but i have one question, is it possible on this 857 router to let my remote clients to start an RDP session with a server ?

thanks & regards

Farrukh Haroon · ‎06-06-2008

See there is no real answer to this. It all depends on your 'particular' network. If the VPN client can reach the RDP host with just the server-name (Via the DNS configued on its Virtual Adapter) then that is all you need. If there is no DNS server assigned (you need the hosts file bit). If the DNS server will not resolve the host without the FQDN, you need the domain assigned to the VPN adapter. Just do what works for you :)

Regards

Farrukh

View solution in original post

JORGE RODRIGUEZ · ‎06-05-2008

Upsolutely you can as long you are permiting the access from your RA vpn pool network to the inside server, and the server does accepts RDP connections.

Jorge Rodriguez

Farrukh Haroon · ‎06-05-2008

As stated by Jorge, it should work fine.

The port for RDP is TCP 3389. Make sure that traffic can flow from the end-points requiring access to the servers (having RDP enabled).

Regards

Farrukh

mannschaft · ‎06-06-2008

thanks guys for the unswers.

i tried the configuration using NAT to the server like this :

ip nat inside source static tcp 192.168.2.2 3389 interface Dialer0 3389

a last question in this topic please :), i saw that when i added DNS entry in :

crypto isakmp client configuration group vpn_groupe

key sharedkey

dns 192.168.2.2

domain domCisco.local

pool SDM_POOL_1

include-local-lan

the RDP works fine.

so if i remove the dns and domain entries, and i make a NAT for a simple WinXP Pro with RDP enabled, the RDP session will be established ?

thanks & Regards.

Farrukh Haroon · ‎06-06-2008

dns 192.168.2.2

This is used if the user wants to enter hostnames insted of IPs after establishing the connection, this is usually required for most networks to function properly, don't remove it (RDP or not RDP).

domain domCisco.local

This command is useful when a domain is entered which is not fully qualified (FQDN), for example if I do 'syslog-server' and that is not available in DNS, that will create problems. With this command the domain is appended to the hostname like:

syslog-server.domCisco.local

Regards

Farrukh

mannschaft · ‎06-06-2008

Hi Farrukh

Thanks for the explanation. but my issue is like this:

suppose that there is no domain or DNS or any Windows Server, and i have a simple machine with WinXP Pro and a remote user want to connect to using RDP over VPN; i can just remove DNS and domain entries ?

i already have an idea ! if i add the host in LMHOST file on the remote user machine will this help to establish RDP connection ?

scuse me for my bad english ;)

Thanks & Regards.

Farrukh Haroon · ‎06-06-2008

See there is no real answer to this. It all depends on your 'particular' network. If the VPN client can reach the RDP host with just the server-name (Via the DNS configued on its Virtual Adapter) then that is all you need. If there is no DNS server assigned (you need the hosts file bit). If the DNS server will not resolve the host without the FQDN, you need the domain assigned to the VPN adapter. Just do what works for you :)

Regards

Farrukh

mannschaft · ‎06-09-2008

Hi Farrukh

i followed your explanation, so when the router configured with Win2003 the RDP over VPN works fine. in other case, when configured with a simple WinXP Pro it doesn't work, but when i added the WindowsXP IP and Host in LMHOST of the remote client, the RDP works fine :)

thanks for your Help.

Farrukh Haroon · ‎06-09-2008

Glad to hear you have it working now :)

Regards

Farrukh