In order for a PC/device to successfully connect to a remote PC via
Remote Desktop Connection (aka RDP), all layers of prerequisites
must be met on both sides.
Definitions
- RDP Host: The target PC* being connected into &
controlled
- RDP Client: The source PC/device used to initiate the
connection into the host
* non-PC device as RDP host is currently not
supportedLegend: Items in grey below are considered
advanced. SOHO users with consumer-style setup can safely skip over
them, presuming that they're either not applicable, or still at factory
defaults: untouched and uncorrupted.
RDP Host prerequisites:
- OS-level issues
- running Pro/Enterprise/Ultimate editions OS
- TS/RDP service installed, enabled & started
- "allow" remote desktop connections
- TCP/IP plumbing issues
- Perimeter Firewall
- in-bound custom port fwd in effect?
- MAC address filters
- IP address filters
- schedule-based blocking
- host-based firewalls
<<<<< multiple! cascaded!
- network zone (domain/private/public/home, which
determines "scope")
- WF exception TCP 3389 IN: allowed & enabled?
- SEP application rules & firewall rules?
- WAN-based socket establishment
- current public IP address
- Dynamic DNS name & associated "updating client"
- NAT/PAT port fwd/trigger issues
- private IP address (static/reserved/random)
- LAN-based name services
- NETBIOS name & resolution
- your local DNS Server records &
policies
- DNS caching & TTL issues (all
layers)
- RDP program-specific settings
- authentication & profile issues
- Windows account with non-blank password
- domain controller reachability
(if applicable)
- "remote desktop users" localgroup membership
- Network-Level Authentication (NLA) requirements
- account/password expiration (forcing console session to
change)
- Saved Credentials:
- NAT/PAT is flawed
- insurmountable conflict for multiple entries
- no provision for multiple identities at any given host
- must resort to "edit" / "remove from vault"
- local Group Policy (gpedit.msc)
- domain Group Policy
- RDP protocol version end-to-end
compatibility
- custom RDP port setting?
- advanced concurrent RDP issues (some
are app-specific)
- power-related issues
- in sleep mode?
- adjust power saving settings when on AC power
- wake-up hanging issues? update NIC
drivers
- implement WOL
- user turned off?
- had power outage, BIOS power-resume default?
RDP Client Prerequisites:
- TCP/IP plumbing issues
- perimeter firewall issues
- might not be within your jurisdiction (e.g. at a hotel)
- outbound port filters (e.g. restricted to only 80 & 443)
- client host WF in default out-bound blacklist mode?
- SEP (or other 3rd-party AV program) in default out-bound
blacklist mode?
- if whitelist, then add rule for exact outbound custom
port, for mstsc.exe
- DNS caching issues (at all layers)
- RDP program-specific issues
- RDP client version compatibility
- RDP client device app implementation compatibility
(Android only)
- Network-Level Authentication suite installed & running?
- cached credential issues (clear/edit via Credential
Manager)
- exact correct credentials used? (use XXX\yyy & avoid
numeric keypad)
SEE ALSO
|