mmujahed
asked on
This computer cannot connect to the remote computer
It would also help to know a little about the network. Single LAN? Are both computers on the same network? Firewalls are usually a good starting point. You have the RDP exception in the Windows firewall but do you have virus software that might have an addition internal firewall?
ASKER
Ray: Thanks for your reply
1)I am trying from IP
2)i can ping ip
3)yes i can get SMB access to destination machine ( \\ip\c$)
LockDown32:Thanks for your reply
yes single LAN
Both the machines are on same subset ( LAN)
yes when i do telnet from source to destination using port 3389 , its success.
I have uninstalled antivirus already
even turned off windows firewall.
- Still issue exist.
1)I am trying from IP
2)i can ping ip
3)yes i can get SMB access to destination machine ( \\ip\c$)
LockDown32:Thanks for your reply
yes single LAN
Both the machines are on same subset ( LAN)
yes when i do telnet from source to destination using port 3389 , its success.
I have uninstalled antivirus already
even turned off windows firewall.
- Still issue exist.
On the host open up a command prompt and type in netstat -an
Toward the top you should see that is listening on 3389
The only other thing I could find suggested that you couldn't use a really old RDP client to RDP in to a newer computer. Your initial error screen doesn't look like one that comes with a newer computer. What version of WIndows in on the client computer?
Toward the top you should see that is listening on 3389
The only other thing I could find suggested that you couldn't use a really old RDP client to RDP in to a newer computer. Your initial error screen doesn't look like one that comes with a newer computer. What version of WIndows in on the client computer?
ASKER
destination server ( effected server ) netstat result is 3389 listening
i have rdp from different different versions (2008 r2, windows 8.1, 2012 and R2)
- still issue exist.
i have rdp from different different versions (2008 r2, windows 8.1, 2012 and R2)
- still issue exist.
I will take that to mean you have tried to access it from several computers with several different operating systems and none of the will connect?
The fact that you can telnet to 3389 and netstat shows it is listening on 3389 would tend to indicated things are working fine. You have no virus software on the "server". Have you tried rebooting the server?
The only other thing I can think to try is to change the RDP listening port from 3389 to say 21230 and see if that makes a difference: HKEY_LOCAL_MACHINE\System\ CurrentCon trolSet\Co ntrol\Term inalServer \WinStatio ns\RDP-Tcp \PortNumbe r.
The fact that you can telnet to 3389 and netstat shows it is listening on 3389 would tend to indicated things are working fine. You have no virus software on the "server". Have you tried rebooting the server?
The only other thing I can think to try is to change the RDP listening port from 3389 to say 21230 and see if that makes a difference: HKEY_LOCAL_MACHINE\System\
What operating system is the remote server to which you are attempting to connect? (There was a patch specific to Windows 2008 Server, several years ago, which would prevent RDP connections, for example.)
Is the time on the server (and the clients from which you wish to connect) in sync... within a few minutes?
Is the server to which you are attempting to connect in a domain? Is network level authentication enabled for RDP in your environment?
Are there any messages in the Windows Event Logs in Application, Security, or System with timestamps which coincide with the times you are attempting to connect?
Is the time on the server (and the clients from which you wish to connect) in sync... within a few minutes?
Is the server to which you are attempting to connect in a domain? Is network level authentication enabled for RDP in your environment?
Are there any messages in the Windows Event Logs in Application, Security, or System with timestamps which coincide with the times you are attempting to connect?
ASKER
LockDown32:
yes, i tired from different OS but no luck .
NO virus on the server, yes i tried rebooting server several times. but still issue exist.
.
I tried changing RDP port and still issue exist with same error code.
Rich Weissler:
OS: 2012 R2
I am trying from different machine which has no issues with time ( i mean to say, even i tried connecting that server with same subnet network and exact time sync with AD)
yes, i can see 1 strange event log when ever i tried to connect to server :
Event D: 226
discription : "RDP_TCP : an error was encountered when transitioning from statePreparingX224CC in response to event_ERROR"
Capture.PNG
yes, i tired from different OS but no luck .
NO virus on the server, yes i tried rebooting server several times. but still issue exist.
.
I tried changing RDP port and still issue exist with same error code.
Rich Weissler:
OS: 2012 R2
I am trying from different machine which has no issues with time ( i mean to say, even i tried connecting that server with same subnet network and exact time sync with AD)
yes, i can see 1 strange event log when ever i tried to connect to server :
Event D: 226
discription : "RDP_TCP : an error was encountered when transitioning from statePreparingX224CC in response to event_ERROR"
Capture.PNG
From another thread here on EE. On the server:
1) Navigate to: C:\ProgramData\Microsoft\C rypto\RSA\ MachineKey s\
2) Copy the keys to a different directory for backup purposes - do not skip this step!
3) Delete the files in C:\ProgramData\Microsoft\C rypto\RSA\ MachineKey s\. (just the files inside of the MachineKeys directory, do not delete this entire path)
4) Reboot the server and then attempt an RDP connection.
1) Navigate to: C:\ProgramData\Microsoft\C
2) Copy the keys to a different directory for backup purposes - do not skip this step!
3) Delete the files in C:\ProgramData\Microsoft\C
4) Reboot the server and then attempt an RDP connection.
(Looping in the original ExpertsExchange thread to which LockDown32 is referring.)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
There are two ways to resolve this issue.
1) remove NLA option from remote desktop settings and then do the below registry settings.
i)HKEY_LOCAL_MACHINE\SYSTE M\CurrentC ontrolSet\ Control\Te rminal Server\WinStations\RDP-Tcp
ii) Find the value “SecurityLayer” and change the data to 0 (that is a zero).
2) If your organization is strict to use NLA . then you can apply below settings.
i) Navigate to: C:\ProgramData\Microsoft\C rypto\RSA\ MachineKey s\
ii) Search for RDP key "f686aace6942fb7f7ceb23121 2eef4a4_" ( staring key would be the same for all server next letters are GUID and more info
iii) reapply permissions on this key ( add, system into security group with full permission )
iv) restart Remote desktop services or reboot server.
1) remove NLA option from remote desktop settings and then do the below registry settings.
i)HKEY_LOCAL_MACHINE\SYSTE
ii) Find the value “SecurityLayer” and change the data to 0 (that is a zero).
2) If your organization is strict to use NLA . then you can apply below settings.
i) Navigate to: C:\ProgramData\Microsoft\C
ii) Search for RDP key "f686aace6942fb7f7ceb23121
iii) reapply permissions on this key ( add, system into security group with full permission )
iv) restart Remote desktop services or reboot server.
First question is how are you trying access the remote machine from the "originating" pc? By IP or computer name?
Can you ping the remote machine from the originating PC by the same method IP/name?
Have you tried browsing to the remote computer using a UNC path (IE: \\remotePCnameOrIP\C$ )?