Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, April 11, 2018 2:32 AM
We have moved computers that were previously inside a Domain to connect directly to the external router (long story but cause = no DC).
Since moving the PC's the Windows 7 clients can successfully connect to our clients servers via RDP (mix of RDS Gateways and mapped ports).
However, for our Windows 10 clients we can connect to Windows Server 2008 R2 servers that have a port mapped for RDP but not to any Gateway Servers. We can connect to Windows Server 2012 and 2016 clients without any issues.
The users are still logging on to their local machines using their Domain user name and Domain Passwords. So the only change is the IP Address of the clients initiating the RDP Connections.
This issue is apparent across a number of different customer environments so I am almost certain that the issue will not be on the Gateway Server Side.
Edit: Forgot to mention the error that RDP is failing with...
"Unknown disconnection reason 50331671"
OR
"Your computer can't connect to the remote computer because a security package error occurred in the transport layer. Retry the connection or contact your network administrator for assistance.
Edit 2: Also should have mentioned that adding RDGClientTransport has also been tried per
Cheers,
Sean
All replies (2)
Wednesday, April 11, 2018 9:27 AM âś…Answered
Hi Sean,
Maybe some errant credential related to the gateway, removed it from Credentials Manager. Or follow the steps in the link below.
https://toggen.com.au/blog/it-tips/windows-10-pro-remote-desktop-client-login-fails
Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Have you used a proxy server?
Check the firewall, port and ip address.
According to the registry you provided, I suggest that you could check the registry to see if it is helpful.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\TerminalServerGateway\Config\Core
Type: REG_DWORD
Name: EnforceChannelBinding
Value: 0 (Decimal)
Note By default, the EnforceChannelBinding value does not exist on the Gateway server. You must create this value.
Hope it will be helpful to you
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, April 11, 2018 8:08 PM
Super, thanks Carl
The deleting credentials part per the posted link was what was required.