I cannot connect or RDP to my PC on the network using Azure AD (Microsoft 365) credentials, although I can access shared files and folders on the Synology NAS on the same network as windows PC. FYI, Twingate was depolyed on the NAS using Docker.
So the twingate connector is deployed as a docker container on the synology NAS. This works and gives you access to files hosted on the NAS and thus the local network.
You are now trying to RDP to a PC that is within the same network as the NAS, correct?
Is the connection being established but just failing to authenticate via the Azure AD?
How are your resources setup in twingate? In the Admin console under the activity section are you seeing the connection established from client to connector?
If your docker deployed connector has access to PC:3389 and you have a resource policy for the PC or the subnet then this should be working for you.
Thanks for the reply. The PC that I am trying to connect is within the same network as the NAS, and the connection being established but just failing to authenticate via the Azure AD?
In fact, the message I get is “Remote machine is AAD joined. If you are signing in to your work account, try using your work email address”.
I tried using my work email credentials but it does not work. Logon attempt failed.
Am I missing something?
Running into a similar issue with my own quick setup.
Twingate Connector container setup in an UnRAID Docker setup. Then connecting in with my iPhone 13 Pro.
Resource-wise, I’ve shared my entire internal subnet (let’s call it 192.168.12.0/24) as a resource, all ports allowed. As wide open as you can make it. My user has access to it.
Many HTTP ports on the network including the router (192.168.12.1) and internal resources on HTTP and HTTPS, they’re doing quite well outside of Pi-Hole (and I see why that is).
However, my RD client does not want to make connections to the Windows hosts I have inside this subnet. Grant you, I could use some fancy workaround with Guacamole, but really I just want to make sure I can make the port work as we’d expect considering according to the Twingate setup, it should be open.
To be clear, I don’t even see a connection being established in the TwinGate logs for that IP address. Can test on a non-mobile device at some point soon if desired.
Thoughts?
EXTRA Edit: Not working from the iPhone to two Windows PC’s on the backend.
Welcome to the community @sav2880!!!
I assume the answer is yes, but are you able to RDP to your windows hosts when you are on the same network subnet?
When connected to Twingate are you receiving any authentication prompts, or just an error that the host could not be contacted?
Are you able to ping the windows hosts?
Hmmm, not pinging, but also now a web site that worked before isn’t working now. That might point to an issue with my container setup for the collector. I’ll mess with it.
understood. Keep us posted…
Have a spectacular day!!!
Switched my mode on the connector from “Host” to “br0” (so it had its own IP) … no change.
Definitely my next step is to try a different non-IOS device. We will see how that goes.
Interesting twist. I was on a guest Wi-Fi network, and I could RDP in from the iPhone here! But, when I’m on 5G, no dice.
Would something with the cellular network block 3389 over the Twingate?
The lack of good troubleshooting tools on IOS certainly doesn’t help me here, but the thing that rings as weird is that I don’t even see the access request hitting Twingate as a failed connection, although when I was trying to connect to the wrong IP, it did show that as failed.
More to mess with.
I see that you’re facing challenges with RDP access to your PC using Azure AD credentials, despite being able to access shared files and folders on the Synology NAS via the same network. It’s an interesting scenario, and I’d be happy to help you troubleshoot.
A few steps to consider:
- Check RDP Settings: Confirm that Remote Desktop is enabled on your Windows PC. Navigate to “System” → “Remote Desktop” → Ensure “Allow Remote Connections” is enabled.
- Azure AD Configuration: Verify that your Azure AD credentials have the necessary permissions for RDP access. Also, ensure your PC is registered with Azure AD.
- Twingate Configuration: Since Twingate is deployed on the NAS using Docker, make sure that the Twingate configurations are correct and that it’s not interfering with RDP connections. Check Twingate logs for any relevant information.
- Network Firewall: Confirm that the necessary ports for RDP are open on your network firewall. Additionally, check Twingate’s documentation for any specific requirements.
- NAS and PC Connectivity: Ensure there are no connectivity issues between your NAS and PC. Can you ping the PC from the NAS and vice versa?
- Synology DSM Firewall: Check the Synology DSM firewall settings to ensure that it’s not blocking RDP traffic.
- Windows Event Viewer: Review the Windows Event Viewer logs on your PC for any RDP-related errors or warnings that might provide insight into the issue.
Please share any error messages or additional details you may have encountered during your attempts. This information will help in diagnosing the problem more accurately.