what's the difference between VPN and RDC

[Digoy]

i'm trying to setup my VPN which will NOT work, but if i connect using REMOTE DESKTOP CONNECTION it works fine

1- what am i doing wrong that the VPN won't work?

2- what's the difference between VPN and RDC?

3- are there security issues i need to know about when using VPN and RDC?

4- how many simultaneous connections can i have with VPN? RDC?

5- is there a speed issue with VPN vs. RDC?


i'm running a win2000 terminal server at main office, connecting remotely (several offices) with win2000pro and win98 machines/clients... the server has a STATIC IP address connection is via broadband/dsl.

[Maverick811]

Several things that come to mind off the bat..

For your VPN, do you have a VPN client on one end and a VPN server on the other? Depending on your setup (firewalls, pc's, routers, etc.) you may need to open ports or allow PPTP, ipsec, etc. traffic for your VPN to function...

[zencoder]

Originally posted here by Digoy
i'm trying to setup my VPN which will NOT work, but if i connect using REMOTE DESKTOP CONNECTION it works fine

1- what am i doing wrong that the VPN won't work?

We don't know. You haven't told us specifically what you are doing. Troubleshooting via osmosis has never really taken off as a popular method of techsupport.

2- what's the difference between VPN and RDC?

Ah, a question that can be answered. VPN stands for Virtual Private Network. It exists in a couple of high-level implementation ideas. The common one known to most technical users is a client-server or client-gateway model. Your remote workstation/laptop has some software/hardware on it, that will connect to a remote server/gateway, and direct network traffic to that gateway to be delivered onto the network behind said server/gateway. Terms that will help you google a more thourough description include "tunneling", "encapsulate", and "ipsec". Also, VPN traffic is pretty much always encrypted.

The other method is network-to-network. Basically, there is a gateway on each side that knows about its own network, and the other remote network. Any traffic on its own network that is intended for the remote network, it encapsulates and sends to the remote gateway. That way, two geographically (in internet terms, anyway) disparate networks can communicate with each other whilst not publicly broadcasting the info in the clear over the internet.

3- are there security issues i need to know about when using VPN and RDC?

Yes, several. Did you have something specific in mind?

4- how many simultaneous connections can i have with VPN? RDC?

That depends on the configuration of the serivces, and the limits set by the protocols in use. There is no single hard and fast rule for all. If you are talking about Microsoft Remote Desktop Protocol (terminal services, windows based terminal, and the many, MANY other names and acronyms it has used), Windows servers will by default only allow 2 Administrators to connect remotely at a time. In general. Depending on a lot of different factors.

5- is there a speed issue with VPN vs. RDC?

It depends. Is there a fossil-fuel consumption issue with watching television versus downloading a video file from the internet? The point I am making is, you are discussing apples and oranges. While both are impacted by network latency (as is ANY network application, service, or protocol), this isn't really a valid question.

i'm running a win2000 terminal server at main office, connecting remotely (several offices) with win2000pro and win98 machines/clients... the server has a STATIC IP address connection is via broadband/dsl.

Ok, so we get some info to work with...

You have multiple offices. What sort of connection does each office have to each other? Do they all connect out to the internet? What sort of gateway/firewall does each have? Is the server's RDP/Terminal Services ports forwarded from the external firewall?

OK, let me clear up a bit, and drop the sarcastic slant.

RDC, or RDP as it is commonly known these days, allows a user to connect to a remote Windows system and get a local graphical interface, very much like the desktop workspace on the remote computer. It is generally not safe to share this over a public network (the internet, cyber cafes, etc.) because of the threat of sniffing and exploitation. It should be encrypted or protected by other means, such as a ... VPN.

If users connecting to your server in the remote offices, and all those networks are controlled, all you need to do is configure Site-to-Site VPN rules for each office to the main office (including appropriate network routing info and whatnot). That makes it so users in remote offices can safely and easily connect to the server in the main office by RDP without having to worry about a local VPN client, etc.

[@tt!tud3]

They're completely different. Remote desktop is identical (at a network level) to something like HTTP -- there's one TCP connection between two hosts that transfers data back and forth. It's simple.

A VPN connection basically sets up a tunnel between two networks. Traffic for the far network is sent to the near VPN endpoint, which wraps it up and forwards it to the other VPN endpoint, which then unwraps it and forwards it on.

VPN protocols (there are several, you need to find out what you're using) tend to involve multiple ports and their own IP protocols (ie not just TCP/UDP). That makes them difficult to deal with in NAT devices, unless the NAT device itself understands the VPN protocol in use.

Work out which protocol you're using, then check the router to see if it supports "___ passthrough" or similar. If it does, that'll save you a lot of work. You might still need to forward the TCP/UDP traffic (eg 1723/TCP for PPTP) to the VPN endpoint host, but all the GRE/ESP/etc stuff should be handled automatically afterwards.