Can’t connect to Remote Desktop from different subnet

I disagree with network configuration being the issue here. If you look at my post linked below, I was able to use Wireshark to show that the Windows 11 PC just plain fails to respond to RDP requests coming from any subnet that the PC itself is not on. This seems to be new behavior and only affecting Some Windows 11 PC's I can find a workaround but can't make hide nor hair of it.

Why is it that some windows 11 Computers will not respond to RDP - Microsoft Community

Thanks for the feedback.

I can connect to the Win10 desktop without any issue when I have the Win11 laptop on the same subnet as the Win10 desktop. I would think that this means that it is actively listening, wouldn't it?

I'll check MTU and the NAT settings next time I am at the location so I can get to the Win10 desktop via the local network. I will also check the Event Viewer as well and work through your other suggestions.

Thanks for the suggestions. It will be several days before I'm back onsite. Please leave this thread open. I will respond when I get back to the location.

Thank you.

Hello Billy, My name is Jayshri. I'm an Independent Advisor and I'll be glad to help you today.

It sounds like you've done a thorough job troubleshooting so far. Given that ping works but RDP does not, here are a few more things to check:

1. Verify that the RDP service is actively listening on the Windows 10 desktop. You can check this using the command:

netstat -an | find "3389"

This should show you if RDP is listening on the correct port.

2. Ensure the network profile on the Windows 10 desktop is set to "Private."
3. Even with the firewall off, check Advanced Firewall Settings for any rules blocking RDP.
4. Verify that NAT settings on the UniFi router allow RDP traffic to the Windows 10 machine.
5. Adjust the MTU size on the VPN connection to see if that resolves the issue.
6. Ensure no isolation settings on the Meraki or UniFi devices are blocking RDP.
7. Temporarily change the RDP port on the Windows 10 machine (e.g., to 3390) to check if port 3389 is blocked.
8. Check the Event Viewer on the Windows 10 machine under Windows Logs > Security and Windows Logs > System for any errors or warnings related to RDP connections.
9. Since you submitted a packet capture to UniFi Support, consider doing the same on the Windows 10 machine to see if RDP requests are even reaching the machine.
10. If possible, use a different VPN client or configuration to test connectivity.

Reboot both the Windows 10 desktop and the VPN routers to ensure all settings are applied. Let me know if this helps!

Thanks for the reply.

I have firewalls on the Win10 desktop disabled. I have static route on the Unifi router routing between the subnet the desktop is on and the subnet of the WireGard VPN (172.16.3.0/24 - 172.16.10.0/24). I have submitted a packet capture to Unifi Support. They say they see the packets being routed to the desktop. The desktop handles and responds to the ping but does not respond to the RDP packets. When I connect the Win11 laptop to the same subnet as the desktop (172.16.3.0/24), Remote desktop works fine (even with the firewalls turned on).

Given that it works when on the same subnet, I thought it might be routing. But, with the static route, ping works. Thought it might be the Win10 client, so I turned firewalls off. Still nothing. What else should I look at?

Thanks for any help you can offer.

Thank you for reaching out! As an Independent Advisor and fellow Microsoft user, I'm happy to assist you.

The issue is likely due to misconfigured firewall settings, incorrect port forwarding, disabled RDP settings, or improper VPN configuration. Ensure that:

• Firewalls allow Remote Desktop connections.
• Necessary ports are forwarded correctly.
• RDP is enabled on the Windows 10 desktop.
• VPN configuration allows RDP traffic.

Addressing these areas should resolve the problem.