Windows 7 RDP Issue

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
midnightblackwolf
OpenVpn Newbie
Posts: 1
Joined: Sun Jul 01, 2012 2:30 am

Windows 7 RDP Issue

Post by midnightblackwolf » Sun Jul 01, 2012 2:54 am

I'm having an issue getting an RDP connection to a Windows 7 server over the VPN. Using the same tunnel connection there is no problem with RDP to a Windows XP server, and if I open up a FW rule I can also successfully get a RDP connection to the Windows 7 server fine from the internet. But when I try and connect to the Windows 7 server using RDP over the VPN it starts and then hangs, eventually timing out. I've tried with Tunnelblick and OpenVPN Connect on OSX, and with OpenVPN Connect from a Windows XP client. All with the same result.

The Windows 7 Server happens to be running VMware Desktop hosting VMs for a Windows XP Server (RDP fine) and the OpenVPN Access Server Appliance.


Server Config
========
INSERT INTO "config" VALUES(1,'vpn.server.group_pool.0','5.5.16.0/28');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.client.netmask_bits','28');
INSERT INTO "config" VALUES(1,'vpn.server.port_share.ip_address','1.2.3.4');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.listen.port','443');
INSERT INTO "config" VALUES(1,'auth.ldap.0.name','My LDAP servers');
INSERT INTO "config" VALUES(1,'cs.https.ip_address','all');
INSERT INTO "config" VALUES(1,'vpn.server.daemon.enable','true');
INSERT INTO "config" VALUES(1,'vpn.server.daemon.tcp.n_daemons','1');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.listen.ip_address','all');
INSERT INTO "config" VALUES(1,'auth.ldap.0.timeout','4');
INSERT INTO "config" VALUES(1,'vpn.server.daemon.tcp.port','443');
INSERT INTO "config" VALUES(1,'vpn.server.port_share.port','1234');
INSERT INTO "config" VALUES(1,'vpn.tls_refresh.interval','360');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.server.ip_address','all');
INSERT INTO "config" VALUES(1,'vpn.server.routing.private_access','route');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.client.network','5.5.0.0');
INSERT INTO "config" VALUES(1,'auth.pam.0.service','openvpnas');
INSERT INTO "config" VALUES(1,'auth.ldap.0.use_ssl','never');
INSERT INTO "config" VALUES(1,'vpn.server.routing.private_network.0','192.168.X.0/24');
INSERT INTO "config" VALUES(1,'vpn.server.daemon.udp.n_daemons','1');
INSERT INTO "config" VALUES(1,'sa.initial_run_groups.0','web_group');
INSERT INTO "config" VALUES(1,'sa.initial_run_groups.1','openvpn_group');
INSERT INTO "config" VALUES(1,'host.name','XXXXXXXX.dyndns-remote.com');
INSERT INTO "config" VALUES(1,'auth.radius.0.acct_enable','false');
INSERT INTO "config" VALUES(1,'vpn.tls_refresh.do_reauth','true');
INSERT INTO "config" VALUES(1,'vpn.server.daemon.udp.port','1194');
INSERT INTO "config" VALUES(1,'vpn.server.port_share.service','admin+client');
INSERT INTO "config" VALUES(1,'admin_ui.https.port','943');
INSERT INTO "config" VALUES(1,'cs.https.port','943');
INSERT INTO "config" VALUES(1,'admin_ui.https.ip_address','all');
INSERT INTO "config" VALUES(1,'vpn.client.routing.reroute_gw','false');
INSERT INTO "config" VALUES(1,'auth.module.type','pam');
INSERT INTO "config" VALUES(1,'vpn.daemon.0.listen.protocol','tcp');
INSERT INTO "config" VALUES(1,'auth.ldap.0.ssl_verify','never');
INSERT INTO "config" VALUES(1,'auth.radius.0.name','My Radius servers');
INSERT INTO "config" VALUES(1,'vpn.server.port_share.enable','true');
INSERT INTO "config" VALUES(1,'vpn.client.routing.inter_client','false');
INSERT INTO "config" VALUES(2,'run_api.active_profile','Default');
INSERT INTO "config" VALUES(2,'webui.edit_profile','Default');
INSERT INTO "config" VALUES(2,'webui.welcome_shown','true');
INSERT INTO "config" VALUES(1,'aui.eula_version','1');
INSERT INTO "config" VALUES(1,'cs.ssl_method','SSLv23');
INSERT INTO "config" VALUES(1,'cs.beast_workaround','true');
INSERT INTO "config" VALUES(1,'vpn.client.routing.reroute_dns','true');
INSERT INTO "config" VALUES(1,'vpn.server.routing.gateway_access','true');
INSERT INTO "config" VALUES(1,'vpn.general.osi_layer','3');
INSERT INTO "config" VALUES(2,'show_profiles_header','true');
INSERT INTO "config" VALUES(1,'vpn.server.routing.allow_private_nets_to_clients','true');
INSERT INTO "config" VALUES(1,'vpn.client.config_text','');
INSERT INTO "config" VALUES(1,'vpn.server.duplicate_cn','true');
INSERT INTO "config" VALUES(1,'vpn.server.config_text','keepalive 10 240');
INSERT INTO "config" VALUES(1,'vpn.client.routing.superuser_c2c_access','false');

Client Config
========
setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote XXXXXXXX.dyndns-remote.com 1194 udp
remote XXXXXXXX.dyndns-remote.com 443 tcp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-user-pass
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 5
setenv PUSH_PEER_INFO

<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>

key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
Top
Post Reply

Return to “The OpenVPN Access Server”