Hi to all,
I have a question about port forwarding & VPN.

Just recently attempted to setup a VPN connection to my home PC over internet and what I notice is that port forwarding on router is not needed for other services to be accessed on a LAN PC that's behind router, say RDP to a home PC, once you are inside VPN

Say I want to RDP to my home PC on its WAN IP on port say 3389 without VPN (ignore for now that it could be a security issue) then I need to forward 3389 in router to the destination home PC on LAN.

However once I establish a VPN connection to the home PC, it works without port forwarding. All I needed to do was only forward the ports to establish VPN in the first place.

Is this how it’s supposed to be?

Thanks.

That's because the VPN session is encapsulating all of the packets to and from the client and VPN server. If you take a packet trace you will see that there will not be any RDP related packets. All of the packets will be VPN related.

Think of VPN was a wrapper. Once the packets reach the VPN sever they are unwrapped and then delivered as normal traffic. That's why VPN is called a "tunnel". While the packets are encrypted, you cant see inside this "tunnel". When the wrapper is removed, you have the unencrypted data. This data is encrypted between vpn client and vpn server. ON either side of the vpn tunnel, the traffic is not encrypted.

Hello,

A VPN connection effectively connects you to the local area network so port forwarding is not necessary because you are already inside the routers firewall and part of the LAN.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.