Remote Desktop IPv6

Maciej Stopa

Security is a breeding ground for ideas 🙂 Today I took up the challenge of getting into a laptop with forced tunneling VPN enabled. The normal RDP connection – although enabled in the system – was not usable. I tried to hammer routings with the appropriate metric for connections from specific IPs, but the VPN client was gradually overwriting them. What to do? Remote Desktop via IPv6 to the rescue!

Remote Desktop IPv6 is here to help

Out of curiosity, I checked whether the laptop is not forcibly turned off IPv6 and voilà, we are at home. Since I’m trying to punch in a local address on the local network, I take advantage of Link-local IPv6 Address.

C:\Users\flexray>ipconfig

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : fd64:2315:1135:c400:5c2b:f7f0:8eb4:287b
   Temporary IPv6 Address. . . . . . : fd64:2315:1135:c400:9c7f:b2c3:da6d:aabb
   Link-local IPv6 Address . . . . . : fe80::5c2b:f7f0:8eb4:287b%4
   IPv4 Address. . . . . . . . . . . : 192.168.8.160
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.8.1

For Linux, it would be like this (inet6 … scope link)

flexray@DESKTOP:~$ ip ad sh

4: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:15:5d:61:6d:57 brd ff:ff:ff:ff:ff:ff
    inet 172.24.104.137/20 brd 172.24.111.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::215:5dff:fe61:6d57/64 scope link
       valid_lft forever preferred_lft forever

We connect!

Then it seemed “downhill”… The problem appeared in typing the IPv6 address to the RDP client in Windows 😀 it turns out that you need to Google it for a while to come up with the fact that the address must appear in square brackets…

Zdalny pulpit po IPv6

In the case of Linux and SSH, the matter is extremely simple, remember to add -6 when connecting using name resolution to have DNS return us an AAAA record.

flexray@DESKTOP:~$ ssh maciej@fe80::215:5dff:fe61:6d57
or
flexray@DESKTOP:~$ ssh -6 maciej@wazny.host.address

It took me a few moments, but I hope that a short post will save you time.

Leave a Reply

Your email address will not be published. Required fields are marked *