I will see if I can check the user's event viewer for potential issues. I don't know how their firewall could be configured to allow traffic to other HTTPS web sites, but not our remote desktop gateway I thought the problem may be related to tunneling RPC through HTTP, but 2012 uses "pure" HTTP through port 443. Note This setting doesn't need a restart of the Server or Remote Desktop Service. In general tab of properties dialog box under Security, select RDP Security Layer as the Security Layer. "Ĭan you inform me as to why you think it needs to be open? Right-click RDP Listener with connection type Microsoft RDP 6.1 and choose Properties. Of this network design to provide remote access connectivity across multiple firewalls. Because most corporations open port 443 to enable Internet connectivity, RD Gateway takes advantage RD Gateway transmits RDP traffic to port 443 instead, by using an HTTP Secure Sockets Layer/Transport Layer Security (SSL/TLS) tunnel. This is because port 3389, the port used for RDP connections, is typically blocked for network
This ended up being a silly issue - Plugging in the gemalto smart card before the driver was installed.
"Prior to this release of Windows Server, security measures prevented remote users from connecting to internal network resources across firewalls and NATs. Most of these 'fixes' were the same and was suggesting to disable NLA - not a possibility. Changes at the delegation/impersonation configuration of the object at the domain controller take time to propagate to the members (up to 15 minutes) and restarting. From Overview of Remote Desktop Gateway on TechNet: These errors ('No credentials are available in the security package') are typically given by the Kerberos library when impersonation is not properly setup in the environment. It is my understanding that port 3389 is not necessary for rdp sessions through a remote desktop gateway. Since the transport should be HTTP (instead of RPC over HTTP), I don't think this should be a problem.Īny help in pointing me in the right direction would be appreciated. On the gateway or if the customer has blocked traffic in some way that does not allow RDP. I'm having trouble trying to determine if I have not configured something correctly Use the following commands: nslookup rdpservername1 ping rdpservername1 If the DNS name is not resolved properly, check your DNS settings or try connecting to a remote host using its IP address. The do not have trouble connecting to normal secured web sites through port 443. Make sure the DNS address of the remote RDP host is correctly resolved from your computer.
The users that cannot connect are behind a firewall at a customer facility. Remote Desktop Gateway - Windows Server 2012 R2 (SSL certificate has been installed and chain verified)Ĭlient computer that cannot connect - supports RDP 8.1. Remote Desktop Session Host - Windows Server 2008 R2 Most users, connections are not a problem. "Your computer can't connect to the remote computer because a security package error occurred in the transport layer." For Make sure that RDP has been allowed on the local firewall of the RDP server, In the past Ive seen a bug on some versions of Windows when even with the firewall. A few of our users receive the following error when attempting to establish a remote desktop session.