Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Wireguard and RDP

Follow
Avatar
Jaison A

I am unable to RDP to my Windows clients when connected remotely (off site) via Wireguard VPN.????

I have confirmed the Windows Firewall is disabled for both Windows Clients.  I can successfully RDP to these same clients when connected on/at my home network.  Both clients have Internet access.  The FWG app sees both clients.  The clients have reserved IP's.  When connected via WG VPN, I am using the IP address of the windows client for RDP and Not DNS name.  RDP is running on the standard port????

These Windows devices are in a VLAN.  This specific VLAN assigns DHCP addresses via the FWG Not Windows DHCP.  The FWG vlan uses the IPs of my DC's as primary and secondary DNS.  The DCs use a forwarder that points to the gateway of the VLAN Network + 1.1.1.1

Can anyone shoot me an idea of what else I should be checking?  I am running out of ideas on my own.

Thanks in Advance

-J

0

Comments

9 comments

Sort by Date Votes
  • Avatar
    Firewalla
    • Edited

    First, ping the windows machine and see if you can get a reply. If you get a reply, then likely there is a setting on your RDP server preventing the connection. The most common cause is the windows defender firewall blocking connections.

    And if you don't get a ping reply, try another device on the same network, if nothing replies, your wireguard may not be connected

    0
    Comment actions Permalink
  • Avatar
    Jaison A

    Thanks for your reply.

    With the help of another community member I was able to figure it out.

    Had to do with the AllowedIPs=0.0.0.0/0 setting on my WG.conf profile, which I changed and everything worked.

    Thanks

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Was this WG.conf file generated by firewalla? or did you do some customization? 

    0
    Comment actions Permalink
  • Avatar
    Jaison A

    The wg.conf was generated by firewalla, and then I exported it to my laptop for use.

    No customization was done until the suggestion was made to try changing the allowedIPs.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    May I know if you are using iOS or android? What is the version of the app?

     

    0
    Comment actions Permalink
  • Avatar
    Jaison A

    iOS App ver 1.52 (99)

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Thank you, I have notified our developers on this already. The generated profile should not be missing that line, so they will go and try to reproduce it

    0
    Comment actions Permalink
  • Avatar
    Jaison A

    Apologies for any confusion on my stated issue.

    The line was Not missing from the wg.conf file.  The line/data was in the .conf file

    I had to adjust the .conf file to get it to work with my specific configuration.

    It was originally

    AllowedIPs=0.0.0.0/0

    and I had to change it to

    AllowedIPs=192.168.xxx.xxx/24

    Here is the thread where I was assisted if you want to take a look.

    https://help.firewalla.com/hc/en-us/community/posts/4551503823379-WireGuard-VPN-access-to-local-lan

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Okay, got it, so it is not a bug, thank you!

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post