Automatically connect to VPN when initiating RDP Remote Desktop connection and then disconnect VPN when done

5

1

I know I can create a batch file to initiate a VPN connection followed by an RDP session, however I want to know if it's possible (in Windows 7 and ideally Windows XP as well) to have the VPN connection tied to the RDP session status.

Scenario: user has to VPN first in order to be able to RDP. Ideally user would click one icon (batch file?) to initiate VPN connection and load RDP session. When they close the RDP session I want the VPN to then automatically disconnect so they don't accidentally route their subsequent non-RDP browsing + Internet activity through the VPN.

Josh Newman

Posted 2012-03-27T15:24:13.533

Reputation: 617

Are you in control of the VPN? – James Mertz – 2012-03-27T15:45:52.620

No but can request some changes if necessary. Why? – Josh Newman – 2012-03-27T15:47:25.357

Depending on how the VPN is setup traffic may not be routed through the tunnel unless it's for specific resources within that virtual network. Ultimately, no matter what the setup is your user will have to take the responsibility of turning off the tunnel. – James Mertz – 2012-03-27T15:51:30.103

Ok thanks - the disconnection was the key part. So I'll look at routing only RDP traffic through the VPN in case they leave it connected. Apparently if I uncheck ‘use default gateway on remote network’ under TCP/IP settings for the VPN, that should do it. – Josh Newman – 2012-03-27T17:52:48.340

Answers

5

I realise this question is very old but thought I'd add a method for anyone that stumbles across it.

@echo off

:: Connecting to VPN...
rasdial "VPN Name" user pass

echo Running RDP...
"Connect to Server.rdp"

echo Finished - disconnecting from VPN...
rasdial "VPN Name" /disconnect

Rasdial is builtin to Windows and is used to connect and disconnect. Replace "VPN Name" with whatever you called your VPN connection when you set it up. Replace 'user' and 'pass' in the first line with the actual username and password to connect to the VPN (even if you chose to have the credentials saved when you created the VPN, Rasdial requires you enter them).

Because batch scripts run synchronously rasdial will complete connecting to the VPN before opening the RDP file, and the whole time the RDP session is open the batch script will be waiting. As soon as the RDP session is closed the final command will run to disconnect the VPN. Simple!

I tend to put a shortcut to the batch script on the desktop and change its icon to the normal RDP one (from C:\Windows\System32\mstsc.exe). You can choose to start the script minimised if you don't want the user seeing the cmd window, but I like to leave it visible so they can see if there are any errors when connecting to the VPN.

Gechurch

Posted 2012-03-27T15:24:13.533

Reputation: 51

1

I was able to use @Gechurch's answer on Windows 10 by changing rasdial to rasphone as follows:

@echo off

:: Connecting to VPN...
rasphone.exe -d "My VPN"

echo Running RDP...
"Remote Server.rdp"

echo Finished - disconnecting from VPN...
rasphone.exe -h "My VPN"

Glenn

Posted 2012-03-27T15:24:13.533

Reputation: 1 045

1

If you have a standalone VPN client program (i.e. Cisco AnyConnect), use Google to find commandline options for that product to see if you can connect with a single command. For example: AnyConnect, the generic Cisco client, and the Windows VPN client all support this. This might require you to store your password in plaintext in a batch file or script, however.

Once you have that info, write a batch file which invokes the VPN client, probably sleeps a few seconds to make sure the VPN link is good, and then calls the remote desktop client from the command line.

If you wanted to be really fancy, instead of a sleep to verify connectivity, you could have a ping to some resource that's only accessible over the VPN, and have the script return an error if that ping doesn't succeed.

Take your batch file, put it (or a shortcut) on your Desktop or wherever, and then you have a one-click "connect to the VPN and then open Remote Desktop" app.

If, on the other hand, if your VPN client is such that you can't connect via the command line, I'd look into AutoIT or other mouse/keyboard macro scripting languages to see if you can automate VPN connection.

Zac B

Posted 2012-03-27T15:24:13.533

Reputation: 2 653

Asked: 2012-03-27T15:24:13.533

Viewed: 12 173 times

Active: 2018-07-28T20:08:33.040