Remote Desktop Disconnected because of an error in data encryption

ian-a used Ask the Experts™
Windows 2003 server recently upgraded from w2k and up to date on patches.
Remote desktop user with win xp sp2.

When he logs in and starts a particular application and selects the help, the help file opens and an image (part of the help) slides in from the right. When the image is approx. half way in, he gets the error dialogu box:

Remote Desktop Disconnected
Because of an error in data encryption, this session will end. Please try connecting to the remote computer again.

This is systematic.

If I log in to remote desktop and do the same actions with either my desktop pc or my laptop, I don't get the error. I am using win xp sp1 with all patches up to date on both.

Can anyone help please?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Remote desktop requires a number of ports to be opened on the new Windows Firewall in SP2 to function properly. Port 3389 is the default for RDP (remote desktop protocol).

You might also try simply disabling the firewall to see if it works at all.  You can build an exception list at the application level using the windows firewall control panel applet as well.  just put in an exception for remote desktop if disabling it works and you should be able to leave it on.


any errors in the event viewer of the server?

as a side note..  I don't think this is it,  but it might not hurt to try it...
I found this::


    I have a W2K3 Terminal Server. This morning I installed the TS license server component on the same box. Now, I cannot connect to it. There is the error logged: Event ID 50 - "The RDP protocol componenet "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client." What is the matter?


    Most likely your clients do not support the FIPS encryption level.
    From: Start| Run: gpedit.msc| Computer Configuration| Administrative Template| Windows Components| Terminal Services| Encryption and Security| double click: Set client connection encryption level, and then set it to Disabled or to Not Configured (whichever suits you).
this is from microsofts site

Your session ends with a data-encryption error message

If the data encryption error prevents your client computer from communicating properly with the remote computer, the following message appears:

"Because of error in data encryption, this session will end. Please try connecting to the remote computer again."

Try again to connect to the remote computer.


    * You cannot use the version of the Administrators Tools Pack (ATP) included with Windows 2000 on a computer running Windows XP Professional. Remove this version of ATP before upgrading to Windows XP Professional. To remotely manage Windows 2000 servers from a Windows XP Professional–based computer, use Terminal Services to connect to a Windows 2000–based computer running the Administrators Tools Pack. Check the Microsoft Web site for updates to ATP that are compatible with Windows XP Professional.

OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.


you didn't mention if the machines are on the same subnet.  is the remote machine really remote?

the article above regards a linksys router...   with some versions of the firmware and with the DMZ enabled, people were
having this same issue.



it's not an access problem. he can log in and run the program. It's just the one action when he opens the help in this program.

I checked the event viewer now but no applicable errors in the logs.

The server is on a different subnet, although it is on site with us. We have a fixed ip which the Vigor router uses for nat to create the local network. We also have a seperate block of ip's which the router allows to pass through for ip routing and the server is on one of these. So users are on a 192.168.x.x local net while the server is on it's own wan ip address.

Cheers, Ian.



The problem looks to be solved.

One of my colleagues pointed me to a knowledge base article 323497 which seems to have pointed us in the right direction as the problem has stopped occuring. Link:;en-us;323497  "The RDP Protocol Component "DATA ENCRYPTION" Detected an Error..." error message.

This suggests removing the following registry values:

    Under this registry subkey, delete the following values:
       X509 Certificate
       X509 Certificate ID

We only had the "Certificate" value and since renaming it to "Certificate-1" (rather than deleting it) the problem has stopped.

On the subject of points, since you both gave me usefull info to check and get moving on the problem, I have decided to split them in the following proportions if possible (this is my first time!):

  150 to mslunecka
  350 to tanelorn

Let's hope the system lets me :-)

Cheers, Ian.


and I'm glad you got your problem solved!!


After a lot of searching!! I finally found out the solutions for the problem!!
I'm Using XP Pro SP3 and I've got the problem for about a month!
anyway, the first solution which helped others but not me
*is to delete the certificates in the registery as ***ian-a**" said above, taken from;en-us;323497
*another one is to uninstall "Virtual server 2005 R2 SP1" or any thing that related to this (helped others)
*the last thing that helped me!! is to disable the "Offload TCP LargeSend" on your NIC,
you can do it through the 'Device Manager' and then 'Properties' on your NIC, go to 'Advanced'
and switch "Offload TCP_LargeSend" to Disable.

Hope it helped, I know it helped me (almost changed back to Vista) :D

I Use Windows XP SP3 and have the same problem but none of the solutions did not work for me
the is no "Offload TCP_LargeSend" options in NIC properties
where is it and how can I solve the problem
Host and guest are Windows XP SP3
I had the same problem in windows 2008 web server edition. In NIC properties it's called IPv4 Large Send Offload. I disabled it and it fixed the problem.

I have same problem with my 2008 DC and disabled IPv4 large send offload. It looks like this has solved my problem.

I had the same problem and thank you gnsadmin.  Disabling the "Offload TCP_LargeSend" fixed the problem instantly.
I am running WIN 2008 64bit and had not issues until I installed Virtual Server 2005 R2 SP1 as well, I will report back if the "offload TCP _Largesend" diable does not work.

in open discussion it might be well to point out that you should check to see that the driver is updated for the NIC....mine did not show OFFLOAD TCP _LARGESEND as an option under properties......until I updated it.
i'm curious to know what isn't gonna work when i disable "Offload TCP_LargeSend"?

If it's not needed why does it exist?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial