VPN to RDP to a PC then to another VPN disconnects the RDP

D2Flores
Here to help

VPN to RDP to a PC then to another VPN disconnects the RDP

Good Day,

 

Since the pandemic, we did resort to VPN-RDP to our office PC. This is required for security reasons. Unfortunately, whenever the user is on his RDP and tries to connect to another VPN the RDP gets disconnected. Do we have an option that the RDP will not disconnect whenever they connect to another VPN. The other VPN is Cisco Any Connect.

3 REPLIES 3
CptnCrnch
Kind of a big deal
Kind of a big deal

Well, you‘re switching VPNs, so you‘re basically cutting the branch you‘re sitting on.

 

Theoretically, you could configure your AnyConnect VPN to only tunnel specified traffic into the tunnel, but one would have to know the configuration for both setups.

BrandonS
Kind of a big deal

Yep, like @CptnCrnch said it sounds like based on the configurations of RDP machine and VPN clients you are disconnecting yourself.  I have had this happen myself although more often when trying to leverage both wired and wireless connection on a laptop I am RDP'd to.

 

Depending on the network configurations and what you have access to make changes to it is possible in theory to make it work.  I have sometime managed to create a simple static route on the Windows machine to help by forcing specific traffic one way or another to prevent being disconnected.

 

Good luck.

- Ex community all-star (⌐⊙_⊙)
PhilipDAth
Kind of a big deal
Kind of a big deal

Cisco AnyConnect has an option "Allow Local LAN Access" which the head end you are connecting to controls.  It is specifically meant to stop people doing things like what you are to preventing posting the destination network getting exposed to other unexpected uncontrolled source networks.

 

So I would say this is working exactly as designed by the company you are connecting to.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels