As an update to the VPN case study, we have to use Remote Desktop to access a workstation from an external site. The issue was that after connecting to the VPN, I was getting a logon failure to the workstation using RDP.
At first I thought it was an issue with the firewall since the Allow Remote Desktop Access to this Desktop had a line telling me to allow RDP to pass through the firewall, and in a sense, it was part of the issue.
Within the firewall, there were two entries for Remote Desktop – but one was managed by Group policy.
I had to add a GPO to allow an exception for RDP, so with group policy manager open, I created a new GPO and linked it. Edit the policy, and navigate to Computer Configuration, Policies, Administrative Templates, Network, Network Connections, Windows Firewall, Domain Profile.
Under Domain profile we see an entry for Windows Firewall: Allow inbound Remote Desktop exceptions. Double clicking pops a window open and we can set the status to Enabled.
Close the rest of the windows, run gpudate and the firewall entry should be allowed on the client machine.
Troubleshooting 2 and Solution
The issue remained. Logon failure. Rookie mistake. Since we are remoting in from a desktop that isn’t part of the domain, we need to specify the domain of the account. Otherwise, it would log in as local machine. Instead of RemoteDomain\User, it would log in as LocalMachineName\User.
Specifying the remote domain allowed me to RDP successfully.