RPD client for windows 10 and NLA over a VPn does not work

Windows 10 OS trying to RDP over a VPN to a server 2012 R2 with Network  level Authentication enabled
Is bringing up a Windows security screen
the Credentials that were used to connect to XXXXXXXXX did not work. Please enter new credentials
The Logon attempt failed

Other testing
using a Windows 7 OS with older RDP works it brings up the normal windows logon screen and post password fill in brings up certificate of server RDP `ing to
Credentials are fine if a RDP from a server in the domain to this server it works ( so credentials are all fine.

1. We CANNOT remove NLA it MUST stay on the server in question
Who is Participating?
JakesCAuthor Commented:
Found the issue Local Group Policy was set to Send NTLM responses only on the local Group policy
Local computer policy> Windows settings> Security settings> >Local policies > security options
"Network security : LAN manager authentication level :
Had to set it to NTLM v2
Tom CieslikIT EngineerCommented:
Try run Remote Desktop Connection as Administrator, because maybe this is the reason why Windows 10 is rejecting certificate so all credentials are rejected.
Cliff GaliherCommented:
Double check your credentials. Windows 7 basically only knows local and kerberos, making it a port test comparison. Windows 8 introduced native cloud support. I can't tell you how often I've seen RDP fail because nobody noticed the user was MicrosoftAccount\name or similar.  Event logs, particularly the security log on the target, can tell you a lot.  It usually isn't an RDP version or client issue  but an underlying issue being overlooked.
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

JakesCAuthor Commented:
In security event log :
Event 4625
An account Failed to log on
Failure Information:
      Failure Reason:            Unknown user name or bad password.
      Status:                  0xC000006D
      Sub Status:            0xC000006A
Detailed Authentication Information:
      Logon Process:            NtLmSsp
      Authentication Package:      NTLM
      Transited Services:      -
      Package Name (NTLM only):      -
      Key Length:            0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
      - Transited services indicate which intermediate services have participated in this logon request.
      - Package name indicates which sub-protocol was used among the NTLM protocols.
      - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Tom CieslikIT EngineerCommented:
are you trying username and password or domain\username and password ?
JakesCAuthor Commented:
Assisted solution guided to event that provided the breakthrough in information
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.