Struggling with RDP setup from Warp to Warp

Greetings,

Hope you are doing well,

I have a functional Zero Trust Network, setup through a Tunnel install at the office. Private network segment is assigned and everything is working when accessed out of Office to the internal network.

There is no public hostname or domain associated with the Zero Trust Network since our domain is hosted elsewhere and moving it to Cloudflare isn’t an option right now.

Warp clients are configured, signed in and connection to the Office network from their remote locations are working as expected. All network resources are available and can be accessed as required, including RDP.

If I install the Warp client on my office PC, I am however unable to RDP to it at all. I can’t RDP to it internally or externally. Meaning, any PC with Warp installed and logged in to our Zero Trust account refuses to accept any RDP connection.

Any PC that does not have Warp installed, does allow an RDP connection from any connected Warp client.

So the remote PCs have Warp. The office PCs which are being connected to does not have Warp, since that’s rhe only way to establish an RDP connection. This would suffice in general terms, but since I administer the Zero Trust and apply config changes, I would prefer to have Warp functioning with RDP internally and externally.

I’ve spent the entire past weekend attempting to use guides and the official docs to get it working, but it’s a complete miss.

I am using Siplit Tunnels Include IPs and domains. The required domains and IP ranges are added as required.

I would sincerely appreciate some help on this. I may be inadvertently over complicating a simple solution.

Thank you,
Enjoy the rest of your week

Bump. Any help would be appreciated. Thanks

Bump2

I’m unsure how much help I can be, but can you perform a trace route via a Command Prompt window “tracert -d [target_rdp_machine_ip]” with/without the WARP client installed? I would also run the “route print” command, again with/without the WARP client installed, to see what routes are being configured; that should help you determine if traffic is being sent over the Zero Trust gateway when it shouldn’t.

You may also want to play around with the inclusive/exclusive split tunnels setting.

If you haven’t read it already, I would search for the “Connect to RDP server with WARP to Tunnel” support article.

From what I gather, you may not be able to have a WARP client allow local traffic and allow it over the Cloudflare tunnel; the route placed on the local machine will restrict you one way or the other. The way around this would probably be to force all machines to use the WARP client and route all RDP traffic over the tunnel.