Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 716
  • Last Modified:

RDP to win 7 pro fails

Hello all,
We are having this weired problem on some of our windows 7 workstations. Simply the problem is this;
Some of our PCs with Windows 7 Pro installed won't allow RDP connection. So far these are the things we have tried;
1. We have checked all the Remote Connection settings and make sure RDP is enabled.
2. Checked Windows firewall settings and tried the followings; disabled Win FW, Added an exception for RDP ports and RDP program none of them worked
3. Changed the default RDP port and tried to connect via the new port.
We have tried to reinstalling win 7 and it fixed the problem however there has to be an easier fix. We simply can not afford to reinstall win7 on all of these PCs with problem.
. Any suggestions?
0
dahter
Asked:
dahter
  • 15
  • 8
  • 6
1 Solution
 
dahterAuthor Commented:
In addition to my post;
Right now the windows FW service is disabled however the the machine can not be pinged from another PC on the same network.
0
 
Iain MacMillanIT ManagerCommented:
sounds like you might have a DNS issue with your Win 7 systems.  are they in separate OUs with correct policy settings?  have you tried giving some systems a static IP & DNS settings and see if they can be communicated with?

is the remote settings set to Allow Connections from computers running ANY version of RD.  What groups are listed under Select Users?

win 7 systems have 2 firewalls, incoming & outgoing, you need to disable both (we use a GPO for this).  what about AV or security software, could it be blocking remote or ping requests?

do you have 2003 or 2008 DC's??
0
 
dahterAuthor Commented:
Dear Ian,
Well some of the win7 systems are perfectly fine and they are configured in same way on AD or on same policy level. Yes I have tried the static IP and DNS but did not change the outcome.
Yes the remote settings set to connections coming from any versin of RD.
I simply disable the FW from it's console and stop the FW service
We are using MS Security essentials as AV or Mcafee however we disable the AV as well.
We have 2008 DC.
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
dahterAuthor Commented:
Also I want to add that when I browse the win Fw logs I do not see any dropped RDP requests.
0
 
dlb_ampCommented:
If the Windows FW is off and you still can't ping, then it sounds like a routing issue. Is the Win7 PC and the remote client on the same subnet?

dlb
0
 
dahterAuthor Commented:
Of course it is.
0
 
Iain MacMillanIT ManagerCommented:
do you have something like UltraVNC that you can test/use, to eliminate RDP from the equation?

can you RDP from the afflicted Win 7 system to another Win 7 box or server?  what if you use the IP address instead of name (to see if DNS is a factor)?  Under the RDP Experience tab, have you set it to LAN and the Advanced tab has Server Auth Fails set to Warn Me or Connect and Don't Warn?

Also make sure under Network & Sharing Centre --> Adv Sharing, Network Discovery is ON & File Sharing Connection is set to 40/56bit if you have a mixed server/desktop environment.

All my systems also have IPv6 disabled, but that's just a preference thing on our site, but may help.
0
 
Iain MacMillanIT ManagerCommented:
if the IP option works, then you need to fix your DNS issue -- the machines are likely not registering their details with DNS correctly when added to the domain (check your DNS suffix).

technically you should be able to ping the IP and get the name and vice versa.  if you are not getting that, then we need to focus on fixing the DC's and your DNS records.
0
 
dahterAuthor Commented:
I will check it out and will get back to you...
0
 
dahterAuthor Commented:
No we don't have ultra VNC.
Yes we can RDP from those particular machines to any other RDP available system.

Both IP or the systme name fail so there is no DNS issue.

Under the RDP experience tab we use highspeed broadband and under the Advanced tab  Server Auth Fails usually is set to Warn Me however since the connection can not be established these settings won't do anything as they are for performance issues.

Under Network & Sharing Centre --> Adv Sharing, Network Discovery is ON & File Sharing Connection is set to 40/56 - Yes

IPv6 is disabled.

I can not ping the windows 7 PV that can not be connected via RDP.
0
 
Iain MacMillanIT ManagerCommented:
what system are you doing the pings from -- XP, 7, Server 03 or 08??  If 7 or 2008, i think it needs to be an Admin enabled command prompt.  definitely smells of a firewall or security app issue  - are these systems on the same switch??

only other thing i can think of is your Windows FW is blocking the ICMP requests.  Check Control Panel > Windows Firewall > Advanced settings > Inbound Rules and enable File and Printer Sharing (Echo Request - ICMPv4-In) for the Domain profile (usually Public & Private will be listed & enabled too).  At least that will let you know that the systems are capable of receiving the request.

on the LAN adapter properties, is there anything else other than Client for MS Networks/VM Network Services\Qos Packet Sched, IPv6, IPv4 & Link Layer Discovery Mapper/Responder???

Also try this, go to Control Panel-->Networking and Sharing Centre-->change adapter settings link on top left.
Right click your local area connection and left click on properties.
Uncheck IPV6 then double click on IPV4 and click the advanced button.
Click the DNS tab, and go ahead and add the dns IP address(s) anyway.  
At the bottom you will find where it says "DNS suffix for this connection", put in your domain name
On the WINS tab, untick the LMHOSTS option
Click ok all the way out, you might want to ipconfig /release and then ipconfig /renew in an admin command prompt.

see if that has any effect.
0
 
Iain MacMillanIT ManagerCommented:
Windows FW can be turned off, but the service should still be running in the background -- if you have the service disabled, that when the problems can occur.
0
 
dlb_ampCommented:
If he's pinging the IP address then DNS won't matter. This smells more like a firewall issue.

I read that a reinstall of windows makes it work. Since you are disabling the win FW, there must be another program blocking the PC from being seen on the network. Try uninstalling McAfee.

dlb
0
 
dahterAuthor Commented:
We have  already discovered reinstalling windows works however this is allot of work and we don't want to go down to that route. I have already tried to disable the windows FW service and did not work (After I had restarted the PC I checked the Win FW and it was turned off and the service was disabled). I have already tried uninstalling AV and tried it like that no luck.
0
 
dlb_ampCommented:
I wasn't suggesting reinstall, Just noting that solution fixed it. Meaning something pre-installed on the PC is causing the problem. But that's assuming these are new PCs that are having this problem. If it's a case where it used to work on them but now doesn't, then it coudl be something entirely different.

dlb
0
 
dahterAuthor Commented:
yeah so far no clue...
0
 
Iain MacMillanIT ManagerCommented:
as i said above, FW can be turned off, but the service needs to be RUNNING.  this seems to fix a lot of network issues along with disabling IPv6 which you have done.

given that rebuilds fix the issue, it could be a 3rd party app or OEM installed package that is adding to the issue.
0
 
dahterAuthor Commented:
No idea? Anyone?
0
 
Iain MacMillanIT ManagerCommented:
have you set the firewall to OFF but left the service running?
0
 
dahterAuthor Commented:
I tried both. Set it off let the service run and set it off and set the service off too.. None of them worked. I tried win 7 SP1 too...
0
 
dlb_ampCommented:
Have you tried uninstalling and re-installing the NIC?

dlb
0
 
dahterAuthor Commented:
no but we have tried on both wireless and wired so technically 2 different nics.
0
 
dlb_ampCommented:
True, but if something was configured wrong by the mfg on both cards...
0
 
dahterAuthor Commented:
no did not work. I thought the media set might be broken but we used the same media set for setting up couple of PCs and only few of them have the problem. I thought this info might be useful.
0
 
dlb_ampCommented:
Have you tried taking one of the problem PC's and a good PC off the network and setup on a stand-alone hub/switch with static IPs to see if you could connect thereby eliminating your network as a problem?

dlb
0
 
dahterAuthor Commented:
Yes I did and failed.
0
 
Iain MacMillanIT ManagerCommented:
when you disable your AV software, are you shutting down the services (McAfee Enterprise has 3 and MSE has 1).  They would need to be stopped, to not be a factor in this.

Then on the flip-side you have other Win 7 systems with AV (I assume) that RDP fine, so it's a bit of an oddity.  Since a rebuild works, it has to be something that removed as part of your rebuild process that is the cause.  Are all your Win 7 systems up to SP1.  Have you run the DISM command to perm. commit the SP1 update and to tidy the patch/updates area of the system to free up disk space?
0
 
dahterAuthor Commented:
I have found the problem. Somehow Checkpoint VPN client interfere with RDP session. As soon as I uninstall the vpn clients, RDP works just fine.
0
 
dahterAuthor Commented:
I tried every solution from all the users but finally I have discovered what the problem is myself.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 15
  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now