3

I have a work PC (Win 7 Ent) (usually given to me by my clients) where I do work related projects and a home PC (Win 10 Pro) where I do my freelancing stuff. Both are connected to my home network.

Usually I just RDP from home PC to the work one, spawn the screen across all my three 27" monitors and work happily.

But now, I've got a work PC where I must use VPN to access some of the client's internal resources. The VPN client is Cisco AnyConnect Secure Mobility Client, v.4.3.01095.

Once VPN connects I cannot RDP anymore from my home PC, even though we are in the same local home network. I can ping it using local IP, but RDP won't connect.

Is there a solution for this? There is no way the client will change any settings on the Cisco server. All I can do is tweak the work PC only.

Please advise.

Eugen
  • 131
  • 1
  • 2
  • I also tried to use ngrok to create a tcp tunnel on port 3389, and it gets created fine, but RDP won't connect to address that ngrok is showing. Right now I can remote into work PC only via TeamViewer or SplashTop, but none of them allow to expand the screen as RDP does. – Eugen Oct 31 '17 at 21:34

3 Answers3

0

Can you add a 2nd network card to the work PC, assign a static IP address in a different network and connect that way?

Finny
  • 1
  • 3
  • No, the work PC is a laptop actually. Unless I can buy an USB network card. The question is, to what network shall I assign it? I only have one home network though. – Eugen Oct 31 '17 at 18:14
  • You could pick a completely random network, for example 10.1.50.0 and a subnet of 255.255.255.0. You wouldn't need a gateway as that traffic is only between your PC and the work laptop. – Finny Oct 31 '17 at 18:15
  • are you saying just to hardlink the 2 computers between them using a network cable? This might not work, as sometimes the Home PC (which is a laptop as well) is not in the home network, then I need to RDP from internet. (port forwarding is all setup on the router) – Eugen Oct 31 '17 at 18:24
0

The complete answer is somewhat complex and layed out here: https://superuser.com/questions/284709/how-to-allow-local-lan-access-while-connected-to-cisco-vpn

tl;dr AnyConnect is bulls*t, it messes with the local routing table. Use other VPN-Client software to create the tunnel. For example try Shrew to import the cisco profile and connect to your endpoint. Works perfect for me and is a lot more stable.

bjoster
  • 4,805
  • 5
  • 25
  • 33
  • Shrew looks like wasn't updated for past couple of years. Is it still ok? :) – Eugen Nov 02 '17 at 19:13
  • For me it is ... AnyConnect is still the same, even when installed through the store. – bjoster Nov 03 '17 at 19:29
  • This doesn't quite work for me, as the Cisco client is configured to use certificates which are configured with a non-exportable private key. No luck here, unless there a way to import the connection profile from Cisco directly into Shrew, which I could not find. – Eugen Nov 03 '17 at 23:38
0

You need to the client with the VPN to enable split-tunneling on their Firewall so you can RDP to your work machine at the same time as your on the VPN.

Here is a link on how to enable Split-tunneling on a Cisco ASA.

Jonathan Davies
  • 101
  • 5