RDP Suddenly Stopped Working

[Michael Martinek]

Greetings,

I have a Windows instance that has been running just fine. Some days ago, RDP suddenly stopped working. It is not a firewall issue, unfortunately. That would have made the solution very simple.

When connecting via RDP I was getting errors about network level authentication being enabled. However, I had made no changes to our domain configuration or the GCE Windows Instance. It has now started showing "This computer can't connect to the remote computer".

I am able to telnet to 3389. The IPSec tunnel to the environment is working, and my firewall rules allow me to RDP through the tunnel and publicly when originating from our office address. I am able to connect via serial console (command line) and access the system. RDP reports being in grace period for licensing still. 

Some events I'm able to pull from the RdpCoreTS/Operational event log show (descending order):

RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040).

TCP socket READ operation failed, error 64

The disconnect reason is 7

Interface method called: SetErrorInfo(0x7)

The server has initiated a multi-transport request to the client, for tunnel: 1.

Any thoughts?

Regards,

Michael

[Fady (Google Cloud Platform)]

The error code seems related to VPN according to point 12 on this website.[1] However, have you tried to restart (RDP) terminal services? You mentioned also it is not a firewall issue, but did you try to disable the firewall (temporarily) completely to try to RDP ?

To restart terminal services run powershell.exe in the command line through serial port console, and execute the following commands: 

Get-Service TermService | Stop-Service -Force 

Get-Service TermService | Start-Service 

To show the status of the service:

Get-Service TermService

To disable windows firewall :

netsh advfirewall set allprofiles state off 

I hope this helps.

[1] https://blogs.technet.microsoft.com/rrasblog/2009/08/12/troubleshooting-common-vpn-related-errors/

[Michael Martinek]

Thanks for the tips. Yes, I did try disabling the firewall and restarted RDP.

The issues has been found. Since we have tunnels with GCE, AWS, and Azure.. the problem came down to another server joining the domain with the same name. Strange was the NLA and complete issue it presented, even when registry updates were attempted to disable NLA (including term restart and server reboot)

Ultimately, it was just easier to delete the instances and re-build them with organizationally unique names. Re-naming the computers once RDP (Session broker especially) has been configured is too much effort, and in cases of Azure, impossible. Azure is impossible due to no serial access and RDP fails even for local admin accounts. GCE at least provides serial access but the effort to fix it through command line is greater than just a rebuild in my particular case. Fortunately these are just POC builds, the longest effort is installing RemoteApp support.