My saved RDP connections through Remote Desktop Gateway server suddenly stopped working with error message:
Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance
However I can connect directly by IP without RDP Gateway
Windows 10 Pro v.1601
1
A customer gave me access to their Remote Desktop Gateway server to do some after-hour consulting. Every time I attempted to connect from my Microsoft Surface Book, I got the following error:
Your computer can’t connect to the Remote Desktop Gateway server. Contact you network administrator for assistance.
I assumed my account was not setup correctly, but the customer was able to successfully connect with the account they assigned me. When I attempted to connect from my Desktop PC [same Windows 10 build as my Surface Book], I was able to connect successfully. The following registry edit fixed the issue for me, although I am still baffled as to why it is needed, since it doesn’t exist on my Desktop PC registry which worked from the start.
- Open Regedit
- Go to HKCU\Software\Microsoft\Terminal Server Client\
- Create a new DWORD [32-bit] called: RDGClientTransport
- Give it a Value of: 1
As soon as I added that entry, I was able to connect. No reboot required.
*Posts on this site may contain affiliated links*
-
My knee jerk reaction is check your firewall rules/port forwarding/authentication groups pointing to any internal authentication servers using something like RADIUS.
Are you using RADIUS for authentication? If so, check your NPS authentication group[s].
-
Can you manually use the RDG from the outside?
If you sign into RDWeb with chome and download one of the .rdp files, open it up with notepad and make sure it has the correct RDG settings -
My recommendation is pretty much close to the other ones. Check that the RD gateway is accessible through the public IP as well. Trace the configuration same as your working environment and make sure it matches your configuration obviously with different IP addresses but same logic.
-
BBigford wrote:
My knee jerk reaction is check your firewall rules/port forwarding/authentication groups pointing to any internal authentication servers using something like RADIUS.
Are you using RADIUS for authentication? If so, check your NPS authentication group[s].
-
dbeato wrote:
My recommendation is pretty much close to the other ones. Check that the RD gateway is accessible through the public IP as well. Trace the configuration same as your working environment and make sure it matches your configuration obviously with different IP addresses but same logic.
-
I'm clueless, even with running BPA doesn't show any errors. Tried different remote locations and computers and they all seem to give the same result.
-
Thanks for the input guys. I figured out my issue. Based from the information I provided above and the BPA result, it kinda suggested that there wasn't an issue with my RDS config. I reviewed my network settings and updated it it to a simpler structure. Works well now.
-
fernanespiritu wrote:
Thanks for the input guys. I figured out my issue. Based from the information I provided above and the BPA result, it kinda suggested that there wasn't an issue with my RDS config. I reviewed my network settings and updated it it to a simpler structure. Works well now.
-
BBigford wrote:
fernanespiritu wrote:
Thanks for the input guys. I figured out my issue. Based from the information I provided above and the BPA result, it kinda suggested that there wasn't an issue with my RDS config. I reviewed my network settings and updated it it to a simpler structure. Works well now.
Well basically my main network is on 10.0.0.xx with 255.255.0.0 and I was trying to build the new RDS environment on 10.0.12.xx. I can ping everything from anywhere internally so I never thought it would be an issue. I would say, I haven't found the real cause of issue or mis-configuration I made. But placing the new RDS environment on the same octet with the prod network made it easier. My network is simple, no vlans or complex routing, but would need to revisit placing the RDS network to a different octet next time.
does that make sense?