Cannot connect to Windows 2008 R2 Server via WyseS10 dumb terminal

To whom it may concern

I have a strange problem at one of my clients.  When trying to connect via Wyse S10 dumb terminal, it would hang on screen as per attachment (RDP Connection Hang).  So no RDP session opens.

What I tried:
Connect via my laptop with RDP on same address and port and it will open the remote desktop session and I am able to log on.  

I can make a new connection on the dumb terminal to another Windows 2008 R2 server and it will connect without a problem.

Address that I use to connect:
(RDP Connection Properties attachment, the attachment did cut off on the address, but the port is 3391)
Wyse Terminal System Settings:
(System Information attachment)

Server details that I connect to:
Windows Server 2008 R2 Standard 64-bit
Intel Xeon E5670 @ 2.27GHz
8GB Ram

Attached Remote Desktop Licensing Server Screen
(License Manager on Windows Server 2008 R2 Standard)

Server runs Kaspersky 10 Endpoint Security (Cloud version)

The terminals worked before, but after Kaspersky installation and reboot, the terminals did not want to connect.  This has been tested local on the network and now via the Public IP address.

Please advise and assist to sort out the problem and get the dumb terminals to connect via RDP to the server.

Please let me know if you require further details.

Kind Regards

Lourens van DykSenior Network EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Since the dumb terminal connects to other server instances then the problem is not on the dumb terminal.  Since you can connect to the server in question then the problem is not caused by the server running out of licences or sessions.  Most likely, the problem is that the dumb terminal already has an active session on the server that is currently locked for one reason or another.

A reboot of the server will resolve the issue.  If a reboot is not feasible at the moment, you will have to go through each of your sessions to find the one linked to this dumb terminal.  It may be difficult though since your dumb terminal is logging in as administrator.  Usually I recommend creating a user for each dumb terminal so that these kind of issues can be quickly resolved.

Shaun VermaakTechnical SpecialistCommented:
We had issues with this too. If I remember correctly we upgrade firmware/embedded OS
Lourens van DykSenior Network EngineerAuthor Commented:
Hi it_saige.  Thank you for the response.  I did disconnect the sessions for administrator on the server and created a new account with permission to RDP to the server, but the problem still remains.  It will basically hang as per attachment (RDP Connection Hang) and later will say connection failed.  

As per Shaun Vermaak 's response.  The unit is out of warranty and I tried going to Dell's website to download the firmware, but you need to be  registered and have some sort of an agreement in place to be able to download the firmware updates.  So if you have an account or can send me the files or where I can download, then I can do the firmware upgrade.  Also I have not done a firmware on these units before so if you can guide me, that would be great.
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

If this is the case, then the only legitimate option may be actually replace the terminal. Those are devices that came out 10 years ago, so support isn't really going to be an option at this point. S10 EOL was announced 5 years ago. Some of the 3010s (which replaced the S10) have EOL announcements, so I'd say get the 3030, which at least would have you replacing the hardware with the right stuff and would currently be supported.
Davis McCarnOwnerCommented:
1) Don't even begin to expect it to work from offsite until it works locally!
2) The security protocols have radically changed since Wyse OS 6.5 came out so testing with another O/S isn't going to help either.
3) If it was working before Kaspersky, the hits I found were in changing the firewall settings for Kaspersky so it would allow the traffic; but, there is not enough information here to know the exact name and version of the Kaspersky product you installed.
Did you think of uninstalling it to see if it started working again?
And/or does the product offer you the option of a custom install without the firewall component?
Tom CieslikIT EngineerCommented:
Double check on DC if user account you're trying use in connection has no limit to workstation he can connect from.
Lourens van DykSenior Network EngineerAuthor Commented:
Have checked with Dell and the support agent said that they do not support that unit any more and don't have the firmware updates.  They also advised that the units need to be replaced.  

The Kaspersky Version that we use:
Kaspersky Endpoint Security Cloud

Kaspersky Endpoint Security 10 -
Kaspersky Security Centre 10 Network Agent - 10.4.368

The Firewall portion is disabled as they have a Sophos UTM in place.

Normal RDP works.  When I would remote desktop from my laptop, there is no problem.  Only from the wise dumb terminal, I get the problem.  Is there anything port or service that needs to be added for Wyse Terminal?  But on the otherhand one can connect with the UTM in place.

I connect with administrator and even created a new user to test.  No time limit is configured for the accounts that connect via RDP.
Have you tried working with the Trusted Zone settings in Kaspersky? You'll probably have to add exclusions and trusted applications.

Your other choices would be to disable Self-Defense and Protection against external management, or to remove Kaspersky (which I doubt you want to do).

And to directly quote something from Davis: "Don't even begin to expect it to work from offsite until it works locally!"

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Davis McCarnOwnerCommented:
You can try temporarily disabling "self-defense" in Kaspersky to see if that does the trick:
Lourens van DykSenior Network EngineerAuthor Commented:
Good day

The dumb terminals are now working.  After disabling self defense from Kaspersky Endpoint Cloud for the Server and then restarting the server fixed the problem.  I basically created a security profile that has the self defence component disabled and linked it to the server.  Tested remotely and works 100%.  Will install onsite tomorrow to connect locally.  Firmware still the same.  Will try to replace on next upgrade as the age of the units is too old, but for now we can squeeze a bit of life out of them.  

Thank you for all the support and assistance.  Much appreciated.

Kind Regards

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.