How do I remote desktop to my work's Windows box from my Mac at home through VPN?

I would like to remote desktop from my Macbook to my Work's laptop from home. I connect to the work's network via Cisco VPN.

My Cisco VPN clients connects fine in Mac OS X but I am unable to remote desktop. I am also unable to ping my work laptop.

The laptop is powered on and not sleeping. I can access it via LogMeIn.

If I were to actually pug into our network at the building. I can remote desktop to my work laptop from my Macbook.

If I use a Windows virtual machine and connect using the Windows Cisco VPN client, I am able to RDP and ping my work laptop.

What is wrong with my OS X VPN connection?

CT.

Posted 2009-11-02T14:39:13.837

Reputation: 2 549

If you are trying to resolve the work laptop's IP via its hostname via DNS, verify that DNS is working across the VPN. – eleven81 – 2009-11-02T14:43:16.700

How should I verify the DNS is working? I know that once I connect via VPN. I can not ping my work laptop using its IP or hostname. I can however ping both using a Windows VM. – CT. – 2009-11-02T18:23:13.137

Answers

I know with my MacBook Pro, I can not connect to ANY machine via local DNS name (i.e. SERVER or OWNER-PC), but I can connect to remote DNS names (i.e. www.something.com). Can you connect via IP address after connecting with the VPN?

Canadian Luke

Posted 2009-11-02T14:39:13.837

Reputation: 22 162

This sounds like the Cisco firewall is blocking the RDP connection from the VPN to the LAN. Firewalls can be set up to have different rules for LAN to LAN traffic compared to VPN to LAN traffic. Admins often set up zones, similar to VLANS, inside the firewall. Each zone can have different rules for which ports are open and which packets are dropped. Most modern firewalls can identify a service and drop the packets based on the type of service.

For example, I was tired of the kids downloading movies on our public internet at work, so I configured the firewall to block all peer-to-peer protocols on the zone with the wireless connections. So peer-to-peer is still available for authenticated users on the LAN, but not to anonymous users on the WiFi. This is an example of granular rules for different zones.

Ask the person who contols the VPN/Firewall which ports are open, or maybe even do a port scan yourself. If you really want to make it work you could do something complicated to tunnel through the firewall over an allowed port using an allowed protocol. This is what LogMein does - the LogMein application tunnels over port 80 disguised as a web request. And it sends the traffic as a response to a request from the host behind the firewall, so it gets through.

But this really shouldn't be necessary. If you are trying to do legitimate work, just ask the person who controls the firewall how he/she wants you to make your connection.

steampowered

Posted 2009-11-02T14:39:13.837

Reputation: 2 109

I think it is because when you connect to you VPN-server the VPN-client disables any other network communication except for the communication which goes to the VPN itself. This is security feature of your VPN solution - not a bug. You should probably talk to you VPN administrators so they allow this communication when you are connected to VPN - it should be possible for them to set it.

Of course as long as you connect via third party tools like Logmein it will be possible to connect but the connection will have to pass through VPN-server to the internet.

maiklos

Posted 2009-11-02T14:39:13.837

Reputation: 118

Verify your home network. I specifically setup my home network on 192.168.0.XXX because my work addresses are on 192.168.1.XXX

If your home network's ip range is similar your router will route you to an address local to it, not to the remote address. (aka instead of hitting 192.168.1.123 at work your hitting 192.168.1.123 on your home network and there is likely nothing sitting on that IP) And DNS will still work because after your local router fails to resolve the remote DNS will return an address but then the router see the address and thinks its local because its within its range.

The VPN connects because it is going straight to the public IP

Shial

Posted 2009-11-02T14:39:13.837

Reputation: 179

Not sure I follow. Could you elaborate please. My home network is on 192.168.1.xxx and my work is on 199.5.83.xxx. – CT. – 2009-11-02T18:19:35.543

Is that the public or private IP range at work? Is 199.5.83.xxx an address your cisco connects to or is it the LAN address inside your network? What is your work computer's IP address? – Shial – 2009-11-02T21:18:26.417

199.5.83.xxx is the LAN address inside the office network. – CT. – 2009-11-02T21:43:32.967

Okay. Then this bit of troubleshooting doesn't apply to your particular situation. – Shial – 2009-11-02T22:38:27.817