Remote desktop between clients in the same OpenVPN

Is there a way OpenVPN clients can remote dekstop to another machine in the same VPN subnet? I’ve already set up 2 separate user log-ins for an employee’s home laptop and her office PC. OpenVPN is also set to allow communication between clients. RDP still won’t work for her in our setup. Thanks in advanced!

The IP pool for VPN users should be different than what is used onsite. This should force the traffic to route through the tunnel to the office PC. Just make sure that subnet is part of the VPN config.

Yes, I have it set with a different subnet/pool. Her office PC is not on the local LAN but is also a remote VPN client at the moment. I thought the two remote machines being in the same VPN, in the same pool , and allowing comm between VPN clients would just work but no dice…

I had no issues RDP from home to work over an openVPN, no special configuration. DNS was an issue so either set the DNS on the remote side to your local DNS server, or use the IP address of the computer to make the connection. If you can ping the desktop from the laptop over the VPN, then RDP should work. My laptop had an IP 172.30.x.x and local network had a 192.168.x.x range, the VPN and firewall handle all the work. You can save an RDP shortcut so no need to remember the IP address if that is the way works. Also my vpn was a site to site connection, and maybe that is different enough to make or break things.

Alternate if you wish, set up Apache Guacamole and have her HTTP to Guac which then opens an RDP to the desktop. This actually works well enough that you can edit video across this link, uses about 10mbps per connection when using it for video editing, significantly less if the video is not moving very much (typical office applications). Throw a few processors at this, it takes an entire thread (hyperthreaded) for each connection. This means that running it as a VM is not the greatest idea, but would work for a limited number of users.

You might need to create a hairpin rule that allows the flow, or you could run two different VPN pools so traffic can route between them.