When you are working remotely and need to access your computer in the office you will need to first connect to the office network by logging in with the VPN. Then you can connect to your computer via RDP.
What is 2FA?
Starting in 2024 we started to implement 2FA when connecting using the VPN. What is 2FA? 2FA stands for “Two-factor authentication”, which just means you will need two different things in order to login to a system. So in this case you’ll have your password, and (new for 2024) a physical token with a randomly generated (and timed) number. This helps improve security because even in the event someone obtains your password, without stealing this physical token as well, they will be unable to log in as you.
Connect with VPN
The first step is to connect to the VPN. To do this, open the FortiClient VPN program, you should see a shortcut to this program on the desktop. If not, check the Start Menu.
Once it is open, you’ll see a login screen like the one below. Enter your username if it’s not already populated, then enter your VPN password. Click on Connect.
You MAY see a Security Alert popup, if you do, just click on Yes.
2FA Enabled
If 2FA has been enabled for your account you will get a second screen like the one below asking you to enter the security Token.
On your FortiToken, press the red icon and it will display a six-digit code that will change periodically. Enter the code promptly and click on OK to login. If the code expired (as it’s on a timed life-cycle) just try again with a new security token.
It will take a moment to connect, once it’s done connecting it should look similar to the image below.
This now means you are directly connected to the PSAB Office network. You can now connect to your office computer directly using RDP.
Connect with RDP
To do this, you should have an RDP shortcut on your desktop pre-configured. Double-click on it to connect. If you are missing the pre-configured shortcut, please let IT know so we can add it to your desktop.
If the password isn’t saved to the shortcut, you will be asked to enter your computer password.
After you enter your correct password, it will begin to connect. In some instances you will be shown a warning about the certificate like the one below. This is normal, click on the Don’t ask me again for connections to this computer, and then click on Yes.
You should now be logged in.
This is caused by the fact the computers on our internal network don’t have a domain name associated with them which means we can’t apply an SSL/TLS certificate to them. So instead the computer itself generates it’s own certificate for use, but because it’s not a publicly created certificate it isn’t inherently trusted and is asking you to make the call. The name under the “Certificate name” should match your computer’s name.
Disconnect from RDP
If you are connected using full-screen, it’s often hard to tell if you are connected or not. Just move your mouse to the top and you should see a blue bar like the one below:
You can just click the X to disconnect from your remote session.
Disconnect from VPN
After disconnecting from RDP you now must disconnect from the VPN. As long as you are connected, you are directly connected to the office network and that can be a huge security concern if you’re not currently using that connection. So always be sure to disconnect. It’s simple, just go into the FortiClient VPN program and click on Disconnect.
Printing Remotely
If you are connected from your laptop to your office computer and have a printer connected to the laptop, you can print to that local printer but the connection must be configured to support it first.
Configure Connection
- On the laptop, right-click on the RDP shortcut and click on Edit
- In the Remote Desktop Connection popup, click on Local Resources
- Under “Local devices and resources”, check the Printers box
- Go back to the General tab
- Click Save to save your settings
- Make sure to re-connect to the remote office computer to see your changes take effect
- This should now be automatic on subsequent uses as well
Troubleshooting
Even with the connection properly configured, you may still not be able to print to it. Printing remotely is highly unstable and can be fairly unreliable. In which case here are a few options to consider.
- Reconfigure the connection and ensure that the Clipboard option is checked. You will then be able to copy and paste from the remote computer to your laptop. Then just print directly from the laptop.
- Is the printer powered on and plugged in directly to the laptop properly? Unless the laptop can properly see the printer, the remote computer won’t be able to see it.
- Is the printer installed properly on the laptop? It may be a driver issue specific to that printer that may require it to be re-installed in order for it to work properly with the remote computer.