Cannot connect to Remote Desktop on some workstations

I cannot to several workstations on a network at a remote site. The fact that I can connect to some indicates this isn't a routing problem, or a firewall problem. The error message is the standard one you get when Remote Desktop is turned off, but I checked this setting when last visited the site, and it was on.

I can't think what the cause could be.

I'm using IPSec to tunnel to the local network and using local IPs from the DNS list.

LVL 11
Who is Participating?
mattsamConnect With a Mentor Commented:
Have your checked that the service is started on the machines,  I think its the "remote desktop service"   I assume that they are xp pro machines and dont have any extra firewall software that could be blocking the rdp port.  

Also try to telnet to them on port 3389
nipponsoulConnect With a Mentor Commented:
Different clients (OS) use different authentications - for example in Windows 7, Remote Desktop uses Network Level Authentication.

Select "Allow connections from computers running ANY version of Remote Desktop" and see if that works ...

veaceslavzConnect With a Mentor Commented:
Did you include the username with which you try to connect to allowed to connect remotely?
Can you connect to administrative shares on remote computer?
Which operating system you (and on remote computer) are?
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

gkhnckrConnect With a Mentor Commented:
and please check with telnet 3389 tcp port for RDP service is on and waiting connection.
If it's not open can you ping that machines? If your answer yes please check your rdp service situations as my friends answered above.
Rob WilliamsConnect With a Mentor Commented:
Some things to check:
1-try connecting using the IP of the remote computer not the computer name
2-"allow users to connect remotely to this computer" must be enabled
3-you must be a member of the remote desktop users group of the local machine (administrators are by default)
4-if the workstation is a member of a server 2000/2003 domain you will have one of the 2 following check boxes, depending on the version, on the "Terminal Services Profile" of the users profile in Active Directory. Make sure it is checked appropriately. "Deny the user permission to log on to any terminal server", or "Allow Logon to Terminal Server"
5-if XP SP2 or Server 2003 SP1 the firewall needs to be configured to allow remote connections ( I would disable for now for troubleshooting purposes)
6-makesure any other software firewalls are disabled as well (for test purposes), including Internet security suites. Symantec's sometimes needs to be uninstalled or if using Symantec Antivirus some versions have "Internet Worm Protection" which can block Remote Desktop. Try disabling that as well.
7-Verify the Remote Desktop User group has the rights to log on using Terminal Services.  Go to Control Panel | Administrative tools | Local Security Policy | Local Policies | User Rights Assignments ...make sure Remote Desktop Users is included in "allow logon through Terminal Services"  
8-The terminal Services service must be running
If you have access to the remote machine make sure it is "listening" for your connection. To do so at a command line enter (substitute port # if not using default 3389):
 netstat  -an  |find  "3389"
You should get the following result:
TCP    listening
If not go to Start  | Run | services.msc and see if Terminal Services is started and set to automatic
9- Note also; only runs on XPpro, not XPhome
Jason210Author Commented:
All good answers but none of them solved the problem. Thanks.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.