I have a desktop and a server connected by the same router at home. I also have a laptop that can connect to the desktop via Remote Desktop while it's connected to the home network. The laptop can also connect to the server with the OpenVPN software when I'm out in public.
While the laptop is connected to the VPN in public, is there a way the laptop can remote into the desktop? More specifically, if I'm on my school's wifi and the OpenVPN client is connected to my server at home, is there a way I can open Remote Desktop on the laptop to remote into the desktop at home? What should I add to my configuration files to accomplish this?
Additional Info
- If at all possible, I'd rather not open up port 3389 directly to the internet.
- Both the laptop and desktop run Windows 10; the server runs Ubuntu Server 16.04.
- I own the server and can alter the firewall rules/conf files however I want. I just need to know what to set them to (if anything).
- The server and the desktop are connected to the same router. Let's say the desktop has an IP of 192.168.1.150 and the server is 192.168.1.180. Both have their gateway set to the router at 192.168.1.254.
Best Answer
Actually, your setup is already pretty much as it should. An OpenVPN server somewhere on your LAN basically connects you to that LAN, and once there, you should be able to use Remote Desktop to connect to your other PC.
What might happen (and it is quite frequent in my experience) is that RDP won't work because you probably are trying to use the NetBios name of your target PC. If it has a static IP address (it seems to, with the 192.168.1.150 you mentioned), use that instead once you're connected via your VPN.
And yes, don't open port 3389 directly, or even RDP on any other port. There are too many exploits for that around to be safe.
One last thing: your router might also be at cause.... BT Home Hub 5 routers in the UK are notorious for being real pains for RDP users. Unless all PCs are connecting via cable, they can't RDP. I had to put another router behind it at home and have it deal with internet connection only.