Posted: Wed May 23, 2018 11:19 Post subject: RDP and VPN solution?
Hi All,
Seeking some advice if possible.
I run a R7000 on Kong and run a permanent VPN using OpenVPN. All is well. I would like to be able to set up a way of RDP into machine on my LAN from outside the LAN. Obviously using DYNDNS and a VPN on the router stops the ability to simply port forward RDP to an IP and thus connect, plus also I would not want to open RDP ports to the web any way as is not safe. So as such - what is the best action to take? So I guess the short question is:
How do I remote into a PC from outside the LAN when my router is running a permanent VPN?
Thank you in advance for any support or direction here.
Thanks for the reply but I think I have perhaps not been clear. If I run VPN on my router there is no way to access it or local IP addresses it may work with as the VPN does what it is meant to and masks things so as such once VPN on router is enabled there is no way to access an IP inside the land from outside the lan as the VPN set up ensures this. No VPN and a fixed IP or DNS does the job. But not when VPN on. With VPN on I have no issues inside the lan. Any ideas further to this extra detail?
Thank you for taking the time to help and to share this code and information. I think either solution 4 or 5 will be best for me but as you say I will need to test them and find what works best.
One last question. If 4 and 5 sort of reverse update info to the router then does this then not in effect reverse the solution of using an openvpn solution. So as such I have not re routed traffic? Sory if this is obvious and a silly question.
Fully understood and a fair statement of facts. thank you. I need to go and test these and get my head round best implementation. I really appreciate your time helping me out - thank you.
Posted: Sat Oct 20, 2018 23:38 Post subject: Re: RDP and VPN solution?
Lights_On wrote:
Hi All,
Seeking some advice if possible.
I run a R7000 on Kong and run a permanent VPN using OpenVPN. All is well. I would like to be able to set up a way of RDP into machine on my LAN from outside the LAN. Obviously using DYNDNS and a VPN on the router stops the ability to simply port forward RDP to an IP and thus connect, plus also I would not want to open RDP ports to the web any way as is not safe. So as such - what is the best action to take? So I guess the short question is:
How do I remote into a PC from outside the LAN when my router is running a permanent VPN?
Thank you in advance for any support or direction here.
VPN won't stop access to the router over WAN if you use PBR. You could use PBR then your RDP should be exposed to WAN, or maybe you will need to forward it.
Posted: Sun Jan 12, 2020 22:21 Post subject: Using PBR is the easiest option
You have a VPN client running on a router behind a modem. In order to have connections to your router from outside the LAN of your router, using PBR is a very good option.
If you want, you can include all your LAN clients in PBR by using suitable IPs and netmasks in PBR. This way, except your router, every device on your LAN will be channeled through the VPN as usual.
By using PBR, your router will be able to accept and respond to connections coming to it from external networks (through port forwarding or through its own VPN clients).
This works because by using PBR, you are leaving the router itself out of the VPN and so it can now work as usual and receive connections from outside its LAN.
Otherwise, the router becomes part of another LAN and becomes inaccessible to anything that is not part of that LAN, unless that LAN is itself configured for some nasty port-forwarding, and connections are made to come through that LAN which we are certainly not interested in!