URGENT !!! RDP with Cisco 857

Answered Question
Jun 5th, 2008

Hi experts,

i have configured a Cisco 857-k9 for remote vpn clients. all is working fine. but i have one question, is it possible on this 857 router to let my remote clients to start an RDP session with a server ?

thanks & regards

I have this problem too.
0 votes
Correct Answer by Farrukh Haroon about 8 years 6 months ago

See there is no real answer to this. It all depends on your 'particular' network. If the VPN client can reach the RDP host with just the server-name (Via the DNS configued on its Virtual Adapter) then that is all you need. If there is no DNS server assigned (you need the hosts file bit). If the DNS server will not resolve the host without the FQDN, you need the domain assigned to the VPN adapter. Just do what works for you :)

Regards

Farrukh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.3 (3 ratings)
Loading.
JORGE RODRIGUEZ Thu, 06/05/2008 - 02:34

Upsolutely you can as long you are permiting the access from your RA vpn pool network to the inside server, and the server does accepts RDP connections.

Farrukh Haroon Thu, 06/05/2008 - 06:09

As stated by Jorge, it should work fine.

The port for RDP is TCP 3389. Make sure that traffic can flow from the end-points requiring access to the servers (having RDP enabled).

Regards

Farrukh

mannschaft Fri, 06/06/2008 - 06:58

thanks guys for the unswers.

i tried the configuration using NAT to the server like this :

ip nat inside source static tcp 192.168.2.2 3389 interface Dialer0 3389

a last question in this topic please :), i saw that when i added DNS entry in :

crypto isakmp client configuration group vpn_groupe

key sharedkey

dns 192.168.2.2

domain domCisco.local

pool SDM_POOL_1

include-local-lan

the RDP works fine.

so if i remove the dns and domain entries, and i make a NAT for a simple WinXP Pro with RDP enabled, the RDP session will be established ?

thanks & Regards.

Farrukh Haroon Fri, 06/06/2008 - 07:24

dns 192.168.2.2

This is used if the user wants to enter hostnames insted of IPs after establishing the connection, this is usually required for most networks to function properly, don't remove it (RDP or not RDP).

domain domCisco.local

This command is useful when a domain is entered which is not fully qualified (FQDN), for example if I do 'syslog-server' and that is not available in DNS, that will create problems. With this command the domain is appended to the hostname like:

syslog-server.domCisco.local

Regards

Farrukh

mannschaft Fri, 06/06/2008 - 07:41

Hi Farrukh

Thanks for the explanation. but my issue is like this:

suppose that there is no domain or DNS or any Windows Server, and i have a simple machine with WinXP Pro and a remote user want to connect to using RDP over VPN; i can just remove DNS and domain entries ?

i already have an idea ! if i add the host in LMHOST file on the remote user machine will this help to establish RDP connection ?

scuse me for my bad english ;)

Thanks & Regards.

Correct Answer
Farrukh Haroon Fri, 06/06/2008 - 12:35

See there is no real answer to this. It all depends on your 'particular' network. If the VPN client can reach the RDP host with just the server-name (Via the DNS configued on its Virtual Adapter) then that is all you need. If there is no DNS server assigned (you need the hosts file bit). If the DNS server will not resolve the host without the FQDN, you need the domain assigned to the VPN adapter. Just do what works for you :)

Regards

Farrukh

mannschaft Mon, 06/09/2008 - 08:02

Hi Farrukh

i followed your explanation, so when the router configured with Win2003 the RDP over VPN works fine. in other case, when configured with a simple WinXP Pro it doesn't work, but when i added the WindowsXP IP and Host in LMHOST of the remote client, the RDP works fine :)

thanks for your Help.

Actions

This Discussion