Is there some port that needs to be allowed in a VPN to..

B

burritoincognito

Gawd
Joined
Sep 17, 2012
Messages
767
We have an external party that connects to our network for consulting purposes. They should just need 3389 as well as DNS ports, but that's it. For most users, the way they connect is just fine, but, these people are trying to connect to their local domain as well as ours, but it just fails when they try to RDP into our server. If I leave them as part of the group that has no filtering, they connect immediately

Split tunneling is in place, but I wouldn't think would be an issue, as the only difference in the filters for their groups are the ports allowed.

Is their a port I need to look at opening up?
 
When they're part of the limited group, they are unable to browse within their company's network access file shares. They can connect to our just fine. It seems rather counter-intuitive to me.
 
Make sure your router/firewall isn't blocking something. Years ago, I had a Juniper firewall that had a predefined RDP service you used for allowing RDP. After applying a new firmware, some RDP's quit working. Turned out that Juniper was 'updating' the predefined RDP service and had missed something. Had to add a 2nd service to the rule for the RDP folks until they released a fixed firmware.

If you are using Microsoft OSs, they have updated RPD in the last year or so. Might make sure everyone is on the same version.
 
Port 3389 is the only port you need for RDP itself. If they can't access it, it's being blocked, period. If you think it could be related to DNS or something, have them try connecting to the IP rather than the hostname and see if that changes anything.
 
What kind of VPN client are they using? Windows? If so, make sure the following option is unchecked.

Untitled_zps4wxkmina.jpg
 
Yeah, it's the Windows one. I'll bet it's checked, as most users aren't trying to navigate to and around their home network while remoted in..
 
burritoincognito said:
Yeah, it's the Windows one. I'll bet it's checked, as most users aren't trying to navigate to and around their home network while remoted in..
Click to expand...

Yea it's checked by default (in Windows 7 at least) so that could be your problem.
 
You must log in or register to reply here.
Back
Top