I have a very simple 3 questions :D, What does the VPN connection exactly do besides providing access to local resources & websites ??!! :D 1- If I'm connecting from a remote public connection, does it matter If my machine is in workgroup or joined the domain VPN established in ?? .. 2- Can I choose switch user & Logon with my domain account ??.. 3- Can I make RDP Over VPN ?? .. PLZ I want to know the scenario of each case : My machine I'm connecting from is in workgroup & If it is already joined the domain.. Thanks in Advance .. Tarek El-Touny MCTS : Windows Vista, Windows Server 2008 Infrastructure & Active Directory, Microsoft Student Partner Tarek El-Touny MCTS : Windows Server 2008 Infrastructure & Active Directory Microsoft Student Partner

Hi Tarek, Thanks for poring here. >1- If I'm connecting from a remote public connection, does it matter If my machine is in workgroup or joined the domain VPN established in ?? .. It is depend on which tunnel type and policies we are going to use, but technically Windows does support both Workgroup and AD environments. Different VPN tunnel types in Windows - which one to use? http://blogs.technet.com/b/rrasblog/archive/2009/01/30/different-vpn-tunnel-types-in-windows-which-one-to-use.aspx >2- Can I choose switch user & Logon with my domain account ??.. We can specify to use another credential for VPN connection on clients if we are going to connect by using Windows build in VPN client software: >3- Can I make RDP Over VPN ?? .. Yes, we can. But we have a better RDS solution with using Windows Server 2008 which can achieve that without deploying VPN service and could provide better performance and security : http://technet.microsoft.com/en-us/windowsserver/ee236407 For more information regard to VPN service please start form the link below: http://technet.microsoft.com/en-us/library/cc754634(WS.10).aspx http://technet.microsoft.com/en-us/network/bb545442 http://blogs.technet.com/b/rrasblog/ Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tarek, Thanks for poring here. >1- If I'm connecting from a remote public connection, does it matter If my machine is in workgroup or joined the domain VPN established in ?? .. It is depend on which tunnel type and policies we are going to use, but technically Windows does support both Workgroup and AD environments. Different VPN tunnel types in Windows - which one to use? http://blogs.technet.com/b/rrasblog/archive/2009/01/30/different-vpn-tunnel-types-in-windows-which-one-to-use.aspx >2- Can I choose switch user & Logon with my domain account ??.. We can specify to use another credential for VPN connection on clients if we are going to connect by using Windows build in VPN client software: >3- Can I make RDP Over VPN ?? .. Yes, we can. But we have a better RDS solution with using Windows Server 2008 which can achieve that without deploying VPN service and could provide better performance and security : http://technet.microsoft.com/en-us/windowsserver/ee236407 For more information regard to VPN service please start form the link below: http://technet.microsoft.com/en-us/library/cc754634(WS.10).aspx http://technet.microsoft.com/en-us/network/bb545442 http://blogs.technet.com/b/rrasblog/ Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thank you Sir I appreciate your answer but I have one more tricky question ;) If I made a connection to VPN Server Joined to the domain with the username & password specified in the VPN Policy (AD User) & then I pressed Ctrl+Alt+Del Then I chose Switch User Then I typed Domain\User (same VPN user I'm already connected with) , Will I login ?? , If yes , What will I see ??!! ;) ;) .. Tarek El-Touny MCTS : Windows Vista, Windows Server 2008 Infrastructure & Active Directory, Microsoft Student Partner

Hi Tarek, Thanks for posting here. By default ,connection will dropped if we logoff and switch to another user profile unless modify the registry key “KeepRasConnections”: To keep Remote Access Service connections active after you log off http://support.microsoft.com/kb/950918 But connection will remain if we just select “switch” to another user account. Meanwhile, If we had created this connection for all users on this computer (by selecting option “for all users” in VPN connection profile) then we can initiate the VPN connection during the logon procedure with a domain user account by pressing the “network logon” button at logon screen: Connect To VPN Before Logging In To Windows http://htipe.wordpress.com/2010/02/11/connect-to-vpn-before-logging-in-to-windows/ Important Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet. Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tarek, Thanks for posting here. By default ,connection will dropped if we logoff and switch to another user profile unless modify the registry key “KeepRasConnections”: To keep Remote Access Service connections active after you log off http://support.microsoft.com/kb/950918 But connection will remain if we just select “switch” to another user account. Meanwhile, If we had created this connection for all users on this computer (by selecting option “for all users” in VPN connection profile) then we can initiate the VPN connection during the logon procedure with a domain user account by pressing the “network logon” button at logon screen: Connect To VPN Before Logging In To Windows http://htipe.wordpress.com/2010/02/11/connect-to-vpn-before-logging-in-to-windows/ Important Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet. Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thank you Sir again , I get it all now but there is still something I don't get here:- If I logged in with my DOMAIN ACCOUNT , WHAT WILL I SEE ?? .. Will I see my DOMAIN ACCOUNT DESKTOP or just THE DESKTOP I'M LOGGED FROM ?? ;) ;) If I will see My DOMAIN ACCOUNT DESKTOP , Will it be considered as RDP then ?? Just a little more explanation on that If you may sir .. Thanks ..Tarek El-Touny MCTS : Windows Server 2008 Infrastructure & Active Directory Microsoft Student Partner

Thank you Sir again , I get it all now but there is still something I don't get here:- If I logged in with my DOMAIN ACCOUNT , WHAT WILL I SEE ?? .. Will I see my DOMAIN ACCOUNT DESKTOP or just THE DESKTOP I'M LOGGED FROM ?? ;) ;) If I will see My DOMAIN ACCOUNT DESKTOP , Will it be considered as RDP then ?? Just a little more explanation on that If you may sir .. Thanks ..Tarek El-Touny MCTS : Windows Server 2008 Infrastructure & Active Directory Microsoft Student Partner

Hi Tarek, Thanks for posting here. >If I logged in with my DOMAIN ACCOUNT , WHAT WILL I SEE ?? .. > Will I see my DOMAIN ACCOUNT DESKTOP or just THE DESKTOP I'M LOGGED FROM ?? ;) ;) You will see the desktop that administrator defined for this domain account and this computer . > If I will see My DOMAIN ACCOUNT DESKTOP , Will it be considered as RDP then ?? Just a little more explanation on that If you may sir .. I think maybe you are referring the roaming user profile scenario which will keep user to get same desktop environment wherever they logon on ? am I correct ? Roaming user profile http://en.wikipedia.org/wiki/Roaming_user_profile Managing Roaming User Data Deployment Guide http://technet.microsoft.com/en-us/library/cc766489(WS.10).aspx And of course RDP is also a solution that will provide the similar experience for user wherever they are (internal or external) without VPN service if we build it with Windows Server 2008 platform. We may get the better responses on this form terminal service forum : http://social.technet.microsoft.com/Forums/en-US/winserverTS/threads Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tarek, Thanks for posting here. >If I logged in with my DOMAIN ACCOUNT , WHAT WILL I SEE ?? .. > Will I see my DOMAIN ACCOUNT DESKTOP or just THE DESKTOP I'M LOGGED FROM ?? ;) ;) You will see the desktop that administrator defined for this domain account and this computer . > If I will see My DOMAIN ACCOUNT DESKTOP , Will it be considered as RDP then ?? Just a little more explanation on that If you may sir .. I think maybe you are referring the roaming user profile scenario which will keep user to get same desktop environment wherever they logon on ? am I correct ? Roaming user profile http://en.wikipedia.org/wiki/Roaming_user_profile Managing Roaming User Data Deployment Guide http://technet.microsoft.com/en-us/library/cc766489(WS.10).aspx And of course RDP is also a solution that will provide the similar experience for user wherever they are (internal or external) without VPN service if we build it with Windows Server 2008 platform. We may get the better responses on this form terminal service forum : http://social.technet.microsoft.com/Forums/en-US/winserverTS/threads Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thaaaaanks , I appreciate all your answers :) ..Tarek El-Touny MCTS : Windows Server 2008 Infrastructure & Active Directory Microsoft Student Partner

Thaaaaanks , I appreciate all your answers :) ..Tarek El-Touny MCTS : Windows Server 2008 Infrastructure & Active Directory Microsoft Student Partner