What's new

Remote Desktop Access via VPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

IsaacFL

Regular Contributor
I am trying to access my Local Windows 10 Pro via Remote Desktop client from my iPhone.

When on local network, via wifi, can access it no problem.

So now I am trying to setup the VPN to do the same remotely. I can not seem to figure out how to setup the VPN.

after multiple trial and error I have gotten the iPhone to connect to the VPN. At least it shows it in the VPN status as a client with a virtual Address of 10.8.0.2. The PC is local 192.168.1.10.

However, I cannot connect to the PC remotely on the VPN.

First off, can't resolve the name of the PC. Tried to use HE utility on iPhone to ping PC, no good.

I have probably configured something incorrectly in the VPN server.

Is there a recommended setup to do what I want to do, which is access local resources from remote over VPN on iPhone using OpenVPN client?

Note: to even get it to connect at all I had to remove the dns entry for the IPv6 address of my router. I noticed that the VPN client was preferring to use the ipv6 address and no connection being made. Does OpenVPN on Asus not support ipv6?

I am using Asus Merlin 380.69 on RT-AC1900P.
I have a real domain with static IP's if that makes a difference.

I think I need OpenVPN for dummies level help.
 
on the Interface Type I have it set to TUN.

Prior I tried TAP, since it seems to me like I want to be in the same network as my local, but the iPhone OpenVPN client said in its log that TAP not supported.
 
on the Interface Type I have it set to TUN.

Prior I tried TAP, since it seems to me like I want to be in the same network as my local, but the iPhone OpenVPN client said in its log that TAP not supported.
I can't quite recall, but IPv6 might need to be disabled on the router for the VPN Server to work properly.
 
hmm. that will pretty much make not useable for me, since I have to have ipv6 for other things I have set up.

I am trying to decide if it is worth disabling ipv6 temporarily to test it, but that would disrupt other things.
I assume this is an Asus issue not Merlin?
I could switch to official firmware if needed.
 
well, I went and disabled ipv6, and seem to have the results, so I don't think that is it. I wouldn't think it would since I have dual stack running everywhere.
 
well, I went and disabled ipv6, and seem to have the results, so I don't think that is it. I wouldn't think it would since I have dual stack running everywhere.

I don't have access to IPv6, so not sure if this post still applies to the recent Alphas?
openvpn ipv6 setup
 
Last edited:
I did get it to work now. I had just tried to ping and it did not work, but the actual remote desktop did make a connection.

I think the ipv6 need to be disabled for enough time.

I do notice looking at the log in the VPN client on the iPhone that it is trying to still do ipv6 things though. I wonder if that is because I am on T-Mobile which only supports ipv4 via NAT64?

Regardless I will have to turn ipv6 back on. I do wonder if 384 will fix?
 
Hello.

Although the threat is a bit older, I have the same problem :(

I have successfully run a VPN server and can connect very well to my LAN. As soon as I am connected to VPN, I can easily use the addresses 192.168.1.XX and ping and log in (eg in the router or my NAS).
INSIDE my LAN (physically at home) I can connect without problems via Remote Desktop (RDP) too.

BUT via VPN, however, my RDP client does not find the server :(

What am I doing wrong? I do not have to forward any ports I think (therefore I use VPN).

Merlin 384.12, IPv6 disabled
RDP with Win 10

:)
Thank u

Ps: just followed this post to fix windows firewall problem... But with no effort :(
 
Last edited:
The only issue I had with getting rdp to work through ovpn is wondows firewall. Since ovpn puts you on another subnet (10.0.x.x by default), and the windows was on 192.168.x.x, windows firewall won't allow ovpn to connect rdp by default. I had to add a rule to windows firewall to allow rdp from 10.0.x.x and then it worked fine (I just added the single ovpn ip I usually rdp from... for example 10.0.0.1, not the whole .x.x subnet to reduce exposure).

Just to address above posts... I don't think ipv6 has anything to do with it. My openvpn server works (rdp included) with ipv6 enabled and disabled.
 
Thank u @truglodite

Do you configure your Win10 FW like in the post I linked? These VPN TCP rule?

Maybe i should clear, that I run my Win10 in a VM machine on my qnap NAS.
But it uses the same IP, and as I told: via WLAN I do not have any problems :(

Can u tell me about your Windows FW rule and how to configure that?

Thank u anyway for ur answer ! :)
 
I can not get this problem fixed :(
Does anyone uses an OpenVPN Server on his ASUS Router (merlin) and is able to connect with RDP App (Microsoft) from his Android Phone from external via VPN to a PC !?!?


My System:
Modem from ISP in Bridge mode --NEXT--> AUSUS Router 68U with OpenVPN Server --NEXT--> Qnap NAS, with running Virtual Machine (Win10 Pro)

What i want:
Now i want to connect from Outside my LAN via RDP and VPN from my Android Phone to my VM.

What i got:
I can connect to VPN Server with no problem. I can ping everything. I can surf via HTTP to my NAS on 192.168.1.X... i can use SSH Telnet the same way as in my LAN.

The Problem:
I can handle everything with no problem, EXCEPT the RDP to my Virtual Machine


What i already tried:
- Uses TCP instead of UDP on VPN Server
- Configure Win10 Firewall on my Virtual Malchin this way
- Disable Firewall on Router itself
- Change some VPN Server Configuration (Client <--> Client, DNS settings,...)
- Disable all other VPN Settings on my QNAP and/or VPN Client on ASUS AC68U

What i don't understand
- I can configure a Gateway on my OpenVPN Client on Android Phone (what to do here)
- It seems to be a problem with 10.8.0.X... i read, that i need an IP from my DHCP Pool (192.168.1.X).
Therefore i should use TUN instead of TAB - but Android do not support this VPN Type :(
- Can i configure some "route" to get a real LAN IP (192.168.1.X) via VPN


These are my VPN Server Settings at the moment
Unbenannt.jpg


Pls help me - i get totaly crazy with that :-o

Kind regards...
 
I can not get this problem fixed :(
Does anyone uses an OpenVPN Server on his ASUS Router (merlin) and is able to connect with RDP App (Microsoft) from his Android Phone from external via VPN to a PC !?!?


My System:
Modem from ISP in Bridge mode --NEXT--> AUSUS Router 68U with OpenVPN Server --NEXT--> Qnap NAS, with running Virtual Machine (Win10 Pro)

What i want:
Now i want to connect from Outside my LAN via RDP and VPN from my Android Phone to my VM.

What i got:
I can connect to VPN Server with no problem. I can ping everything. I can surf via HTTP to my NAS on 192.168.1.X... i can use SSH Telnet the same way as in my LAN.

The Problem:
I can handle everything with no problem, EXCEPT the RDP to my Virtual Machine


What i already tried:
- Uses TCP instead of UDP on VPN Server
- Configure Win10 Firewall on my Virtual Malchin this way
- Disable Firewall on Router itself
- Change some VPN Server Configuration (Client <--> Client, DNS settings,...)
- Disable all other VPN Settings on my QNAP and/or VPN Client on ASUS AC68U

What i don't understand
- I can configure a Gateway on my OpenVPN Client on Android Phone (what to do here)
- It seems to be a problem with 10.8.0.X... i read, that i need an IP from my DHCP Pool (192.168.1.X).
Therefore i should use TUN instead of TAB - but Android do not support this VPN Type :(
- Can i configure some "route" to get a real LAN IP (192.168.1.X) via VPN

These are my VPN Server Settings at the moment
View attachment 18613

Pls help me - i get totaly crazy with that :-o

Kind regards...

The problem is most likely as yorgi described. MS has gotten much more security conscious over the years and won't (at least by default) allow a local client to communicate with any device from a different local network. But there's an easier way to get around the problem then messing w/ the target's firewall; just NAT the traffic leaving the tunnel as it gets dropped on the local network (br0).

Code:
iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -o br0 -j SNAT --to $(nvram get lan_ipaddr)

IOW, all traffic from the OpenVPN client appears to be coming from the router (via its LAN ip) rather than the 10.8.0.x IP address assigned to the OpenVPN client, so the target now accepts it.

First try it from a shell (ssh) to verify it works. And if it does, it needs to be added as a nat-start script.
 
Last edited:
Thank u so much @eibgrad
Your post let me beleve, this can be handled in some way :D *pray*

i just try your command via SSH but got some error
Code:
Bad argument '192.168.1.1'
Try 'iptables -h' or 'iptables --help' for more information
I am at work and tried this command via VPN in a Shell from my phone *LoL*
 
Thank u so much @eibgrad
Your post let me beleve, this can be handled in some way :D *pray*

i just try your command via SSH but got some error
Code:
Bad argument '192.168.1.1'
Try 'iptables -h' or 'iptables --help' for more information
I am at work and tried this command via VPN in a Shell from my phone *LoL*

Oops, made a syntax error. Left out the "--to". Corrected above and below.

Code:
iptables -t nat -I POSTROUTING -s 10.8.0.0/24 -o br0 -j SNAT --to $(nvram get lan_ipaddr)
 
Thank u !!
Just testet it ad put these command in shell. Now everything seem to work.
After that i disconnect VPN and reconnect.
Then try to RDP to my VM, but got the same error - can not find my VM :(

Sorry - i am just at work and have not enough time.
I will test it little more in the evening. Thank you very much so far @eibgrad
I will report back later with a feedback !!
 
This won't be of specific help, except as some encouragement, but I routinely use Chromebooks to make an ovpn connection to my router over a TUN connection, and then RDP into my Windows 10 Pro desktops (not a VM). I can do that using either the ovpn in the Chromebook, or from the Android app or the Chrome Play app, and either from a wifi connection or tethered through my Android phone. I can do it from either RDP app I have installed. I didn't have to do anything special.

I have the same VPN settings, except I have "only user/password authentication" to yes, and my fallback cipher is GCM as well.

It doesn't relate to your problem, but RDP with W10 1903 is currently borked for most of the universe using onboard video with Intel drivers.
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top