Hello guys
I’m really can’t figure out if im doing anything wrong, or this just isn’t possible to do at all
What i’m trying to do is, RDP from my desktop at home to my work laptop standing right next to me also at home, on the same internet - The caviar is that my work laptop is connected to a VPN (Have got to be to connect to drives etc at work)
When not connected to VPN i can RDP to the laptop just fine - Just using the internal IP thats given to it
But as soon as i connect to Cisco Anyconnect, i can’t reach it anymore - Can’t ping the internal adress, internal gateway, the new IP adress it gets through work, or the work gateway
I’m not really familiar how the setting Remote Desktop Gateway actuallly works, but i tried putting in the gateway from work + internal gateway in that, but it still doesn’t work (Not even sure if thats how you should use that?)
Lastly i tried using the “Whats my IP” public IP adress thats given to me when i connect to the VPN - That didn’t work either
What am i doing wrong since it doesn’t work? Hopefully one of you smart guys can help me out <3 Thx alot
Update!
I figured it out - There is a setting in Cisco Anyconnect, located in “Preferences”
“Allow local (LAN) access when using VPN (If configured)” Checking this it just worked right away!
AnyConnect can be configured block access to the local LAN. There’s also a option in the AnyConnect client to allow access to the local LAN, if it’s not blocked too. The AnyConnect admin can also block VPN connection if you use RDP to connect to the machine. There’s heaps of options in AnyConnect. The AnyConnect client configuration profile lives in C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\ It’s a XML file so you can just read it’s options as configured and look up in the AnyConnect admin guide. The next time AnyConnect connects to the headend it will check the local profile matches the server side, if not it gets refreshed so if you make changes to the local profile they get lost as soon is you make the next connection.
Update!
I figured it out - There is a setting in Cisco Anyconnect, located in “Preferences”
“Allow local (LAN) access when using VPN (If configured)” Checking this it just worked right away!
For RDP to work, you have to make sure it’s turned on in advanced System settings and also make sure you’re user account is in the local RDP group in computer management.
The above is possible only if you have local admin access to the device.
Its probably the anyconnect client set to route all traffic through the vpn. Use a third party utility like teamviewer to get around this.
Thanks for the reply - I’ll check the settings when i get home
As a AnyConnect admin I always enable that option, luckily your admin didn’t block you enabling it.
Yo mate
I can RDP to the device when the vpn is turned off no problem - i get the problem when the VPN is active
I could also use that ofc
Cisco also make a tool called the AnyConnect Profile Editor. You can load the xml profile in to that see the options in a gui, however that’s not a public download and you need a valid contract to download it.
Caviar. Sorry, completely unhelpful!
RDP to the device then use the VPN?
There is no way to change the profile for me only right? Im pretty sure the network team wont allow any changes
I see what you did there! - Thanks for making me laugh tho
That doesn’t work.
It wont allow me to even connect with a running RDP session
You can edit the xml file, excluding anything, then reconnect. It will connect once on the edited profile and respect the edited profile but will then sync with the headend, wiping any changes, so on the next reconnection it will be back to what the administrator set. So effectively you change it once. But nothing stops you say scripting a change of profile file before each connection. If AnyConnect is set to automatically launch at login that becomes more difficult though.
Sweet - It doesn’t startup at lunch luckily
Looking forward to testing if it works with profile editing when i get home
Thanks alot mate!