andrew_2706
asked on
RDP fails externally but works locally
RDP fails from a Public IP address but works ok either locally or via a VPN. When I connect from a VPN RDP is successful and works as it should, when I try from the same PC to the Public IP address on the firewall I get the Login Box and enter the details which after waiting a few seconds generates a pop of An internal error has occured and yet I can't see anything in Event viewer on the PC I am trying to connect to.
ASKER
The firewall rule is in place and is secured against the remote stations IP so not a security risk.
As i said it works ok via the VPN put not when I connect to the Public IP address of the firewall which NAT'd to the sever in question (2008 R2) but I do get the login box so I know initially it is connecting but then fails after entering the username\password.
As i said it works ok via the VPN put not when I connect to the Public IP address of the firewall which NAT'd to the sever in question (2008 R2) but I do get the login box so I know initially it is connecting but then fails after entering the username\password.
Make sure that your Firewall is not killing the traffic because of an IDS rule (intrusion detection).
Try changing the security negotiation level / NLA RDP setting on your Windows 2008 server:
Go to Administrative Tools \ Remote Desktop Services \ Desktop Session Host Configuration.
Right click the RDP Connection and click Properties
In the General tab change the security from Negotiate to RDP Layer.
Check the box "Allow connections only from computers running Remote Desktop with Network Level Authentication" and see if it works.
If it doesn't try playing with these parameters, select/deselect the NLA option, change the Security Layer level.
This may fix your issue.
Otherwise, it's probably a network configuration issue...
This could then prevent your FireWall from killing the traffic.
Try changing the security negotiation level / NLA RDP setting on your Windows 2008 server:
Go to Administrative Tools \ Remote Desktop Services \ Desktop Session Host Configuration.
Right click the RDP Connection and click Properties
In the General tab change the security from Negotiate to RDP Layer.
Check the box "Allow connections only from computers running Remote Desktop with Network Level Authentication" and see if it works.
If it doesn't try playing with these parameters, select/deselect the NLA option, change the Security Layer level.
This may fix your issue.
Otherwise, it's probably a network configuration issue...
This could then prevent your FireWall from killing the traffic.
That is by design (as noted) and for increased security. You should not allow access from a public IP address that is not secured by VPN. Just use the VPN connection.
ASKER
This was only resolved when an issue visiting some websites was resolved. It appeared that access to HTTPS sites failed and this was eventually traced to the wrong MTU setting in the firewall. It was set at 1500 (default) and dropping it to 1492 resolved the website issue and also the problem with RDP.
https://www.sonicwall.com/support/knowledge-base/170505539088634/
https://www.sonicwall.com/support/knowledge-base/170505539088634/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That's going to be by design, if anyone could remote onto your internal PC that would be a massive security risk.
Also, when you say the public IP address, Are you telling me you've set up a route from your firewall, to this PC?
Is this an Remote Desktop gateway you're using?
You need to provide further details.
Thanks,
Alex