locked
Using RDP over Windows 10 VPN RRS feed

  • Question

  • Ok I need some background information or an explanation how this works.

    If I create a VPN server/client PPTP connection between home-remote PC's....AND I want to use RDP thru(?) the already established VPN tunnel, will RDP just know the VPN connection exists and use that connection automagically? Or do I have to configure RDP for the VPN connection somehow? Will RDP just use port 3389 on the VPN connection.

    Can anybody explain to me how this works or point me to a blog or url that explains it?

    More info:

    Ok I can create a PPTP VPN client/server connection. Where can I get config options on how to use either L2TP or IKEv2 VPN connections.

    I would like some microsoft config docs or url's that explain how to do this.

    TIA


    • Edited by rocketjetz Tuesday, April 30, 2019 4:33 AM
    Tuesday, April 30, 2019 12:39 AM

Answers

  • Hi,

    VPNs allow users to connect to private networks from the Internet in a secure manner.

    Using a VPN connection means that before attempting to reach your server, a connection must first be made to the secure private network. This private network is encrypted and hosted outside of your server, so the secure connection itself does not require any of your server’s resources.

    So, don't worry about the exposure of port 3389. All traffic is on the VPN tunnel and the VPN tunnel is encrypted.

    Please refer to the link below:

    https://www.liquidweb.com/kb/improving-security-for-your-remote-desktop-connection/

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by rocketjetz Wednesday, May 1, 2019 7:19 PM
    Wednesday, May 1, 2019 8:41 AM

All replies

  • Hi,

    RDP can be established over VPN tunnel automatically. 

    Yes, RDP will use port 3389 on the VPN connection. 

    which authentication protocol, VPN tunnel to use, how to authorize access of your VPN users 

    https://blogs.technet.microsoft.com/rrasblog/2009/03/17/remote-access-design-guidelines-part-3-tunnel-selection-authentication-authorization-and-accounting/ 

    Create an L2TP VPN Server in Windows Server 2016

    https://dailysysadmin.com/KB/Article/1847/create-an-l2tp-vpn-server-in-windows-2016/ 

    Create a IKEv2 VPN Server

    https://geekdudes.wordpress.com/2017/01/24/deploying-vpn-server-on-windows-server-2016/  

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, May 1, 2019 2:20 AM
  • Travis:

    If BOTS are out scouring the internet for open ports 3389 for example, how does VPN secure this from happening?

    Is the port  just opened up within in the vpn tunnel connection itself?

    Do I still have to do port forwarding on port 3389 on  my external wan router interface? 

    Isn't that exactly what I am trying to prevent by using RDP over/within a VPN? I measn opening the port leaves me open to BOTs scanning on that port,right?

    I'm just trying to understand what my exposures are.

    TIA

    Wednesday, May 1, 2019 2:56 AM
  • Hi,

    VPNs allow users to connect to private networks from the Internet in a secure manner.

    Using a VPN connection means that before attempting to reach your server, a connection must first be made to the secure private network. This private network is encrypted and hosted outside of your server, so the secure connection itself does not require any of your server’s resources.

    So, don't worry about the exposure of port 3389. All traffic is on the VPN tunnel and the VPN tunnel is encrypted.

    Please refer to the link below:

    https://www.liquidweb.com/kb/improving-security-for-your-remote-desktop-connection/

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.  

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by rocketjetz Wednesday, May 1, 2019 7:19 PM
    Wednesday, May 1, 2019 8:41 AM
  • Here's what Advanced IP Scanner shows on a RDP/VPN connection

    I also mapped to the C: drive 

     
    Wednesday, May 1, 2019 8:43 PM