Hot!Unable to RDP between FortiClients

Author
John HST
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/07/15 12:58:23
  • Status: offline
2020/07/15 13:04:38 (permalink)
0

Unable to RDP between FortiClients

Hi all. I'm most definitely a rookie at this, so please bear with me. I'm trying to get our FortiClients to be able to RDP to one another. As of now, when I'm connected to the SSL-VPN, I'm able to RDP into computer on the office LAN, but I'm not able to RDP to remote FortiClient users.
 
After I've had the SSL-VPN up and running, I've tried adding a policy from ssl.root to ssl.root allowing the SSL Users. Unfortunately I still can't RDP to other FortiClients. I've also run a sniffer trace and debug flow. When I ping with the debug flow, it shows that the packet is accepted by one of the policies, but I can't tell where it's getting stuck.
 
Can anyone help guide me?
#1
John HST
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/07/15 12:58:23
  • Status: offline
Re: Unable to RDP between FortiClients 2020/07/15 13:46:47 (permalink)
0
Of course I figured it out right after I posted this. I had to create a policy going from the IPsec VPN zone to ssl.root in order for this to work.
#2
Toshi Esumi
Expert Member
  • Total Posts : 2240
  • Scores: 215
  • Reward points: 0
  • Joined: 2014/11/06 09:56:42
  • Status: offline
Re: Unable to RDP between FortiClients 2020/07/15 14:14:00 (permalink)
0
So you meant an SSL-VPN client to/from an IPSec-VPN client then. They're completely separate interfaces at the FGT, which you need to be conscious about although both take dialup/remote access VPNs from FortiClient.
#3
bbilut
Bronze Member
  • Total Posts : 24
  • Scores: 4
  • Reward points: 0
  • Joined: 2019/07/29 07:01:03
  • Location: Chicago Area
  • Status: offline
Re: Unable to RDP between FortiClients 2020/08/05 08:41:47 (permalink)
0
I had to do something similar to get our softphones to work when the call was between two users on the VPN. The two clients need to talk directly to each other. Similar, but I was using ipsec.
#4
Jump to:
© 2020 APG vNext Commercial Version 5.5