Having trouble using RDP over OpenVPN

We typically do not recommend using RDP over VPN; you're essentially trying to tunnel within a tunnel and this can cause connection & performance issues.

If you must, the best advice we can provide for this situation is to bypass the VPN traffic and prioritize it through QoS.

To bypass traffic:

You'll need to create two rules in Config > Network > Bypass Rules.

  • The first rule will have the condition Source Interface is OpenVPN​ and the action 'bypass'.
  • The second rule will have the condition Destination Interface is OpenVPN​ and the action 'bypass'.
  • Do not combine these rules into one rule; they must be two separate rules.


Once you have bypassed your VPN, we also recommend bypassing the specific port(s) used by your RDP software. If you're using the built-in Windows RDC, mstsc.exe, it's port 3389. Go to Config > Network > Bypass Rules and create a rule to bypass Destination Port is 3389​.


To prioritize the tunnel:

Go to Config > Network > Advanced > QoS > QoS Rules.

Set the 'OpenVPN priority' drop-down to 'Very High'.

This configuration is as transparent as we can make this traffic, which means it passes through the NGFW essentially untouched.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk