Remote Desktop over VPN Connection

[- Anne]

Could someone tell me how to setup a remote desktop connection over a VPN
connection. Both a source and target computer run Windows XP Pro and I am
using the built in xp firewall.

 

[Pegasus \(MVP\)]

Could someone tell me how to setup a remote desktop connection over a VPN
connection. Both a source and target computer run Windows XP Pro and I am
using the built in xp firewall.

Does your VPN work? If it does then it is simply a question
of enabling Remote Desktop on the host machine and running
this command on the remote PC:

mstsc /v:aaa.bbb.ccc.ddd

where aaa.bbb.ccc.ddd is the IP address of the host
machine. If this does not work then you need to check
your VPN, e.g. by running this command on the remote
machine:

net use Q: \\aaa.bbb.ccc.ddd\SomeShare

You should also check if the Remote Desktop port
is open on the host:

telnet aaa.bbb.ccc.ddd 3389

 

[Doug Knox - [MS-MVP]]

Additionally, ensure that your network Adminstrator allows traffic on port
3389, via the VPN.

--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com

 

[- Anne]

Thanks Doug/Pegasus. I've got the remote desktop part working well, I've
been using it for a couple of weeks now. I'm just not sure how to setup the
VPN part of it.

 

[Pegasus \(MVP\)]

Hmm. In your initial post you wrote "Could someone tell me
how to setup a remote desktop connection . ." Are you now
saying that you need assistance with setting up a VPN instead?
Does your office (where the host is) have a fixed external IP
address? Did you create a tunnel so that your VPN packets
can pass through your office router? Have you considered
the simpler method consisting of setting up Remote Desktop
directly, without a VPN?

 

[- Anne]

Maybe I could have phrased it better - "remote desktop connection over a VPN
connection"....it was more the VPN part of it that I need help with...I've
never setup a VPN

Both computers are my own, and I do have a static IP on both. I have
thought about just remote desktop without VPN, but VPN further secures the
data from packet sniffing.

 

[Pegasus \(MVP\)]

Fine. As a first step you must create a VPN tunnel in the router
at the host end. It must pass port 1723 packets to your host
machine (which must allow incoming VPN connections). Many
routers have an inbuilt dedicated "VPN" setting.

To test the link, type this command at the remote end:

telnet aaa.bbb.ccc.ddd 1723

where aaa.bbb.ccc.ddd is the external static IP address of
the host.

 

[- Anne]

If everything is setup correctly, how do you confirm that the remote desktop
connection is travelling through the VPN tunnel rather then out in the open
over just the net?

Is there anything that needs to be done to remote desktop?

 

[Pegasus \(MVP\)]

Remote desktop uses port 3389 by default (unless you
have manually set it to a different port number). If your
router has no tunnel for port 3389 then you have no
direct connection for remote desktop. These commands
will prove it conclusively:

telnet aaa.bbb.ccc.ddd 3389
telnet qqq.rrr.sss.ttt 3389

aaa.bbb.ccc.ddd is the host's external IP address. The
telnet command must fail.

qqq.rrr.sss.ttt is the host's internal IP address. The
telnet command must succeed while the VPN is active.