4

We have a bunch of Windows 2008R2 servers used as RDP servers that are (or at least should be) essentially identical in configuration (and are arranged in a RDP farm). When administrating from home, I use remmina on Ubuntu. For unknown reason, there is one server among these that I cannot connect to from home unless I use different client-side settings. So apparently there are server-side differences, but I'm unable to find them and would like to ask what I could be missing.

Specifically, I can connect to all servers (but one) with the following remmina settings (under advanced):

  • Quality: low (fast)
  • Sound: Off
  • Security: Negotiate
  • connect to console: checked

For the problematic host, I need to adjust the client-side setting to either TLS or RDP. I cannot use NLA or Negotiate.

Here are the server-side settings that I consider relevant (Properties of the connection, "general" tab) and are identical between "good" servers and the "bad" one:

  • Security: Negotiate
  • Encryption: Client compatible
  • Accept connections only from computers with Network level Authentication: NOT(!) checked
  • Certificate: (issued by our internal CA)

Who can explain the difference?

Reaces
  • 5,597
  • 4
  • 38
  • 46
Hagen von Eitzen
  • 824
  • 3
  • 17
  • 43
  • Check the problematic server's event logs when your login attempt fails, it may give you a clue on what's wrong. –  Jan 20 '15 at 16:55
  • @AndréDaniel I see no relevant entry whatsoever – Hagen von Eitzen Jan 21 '15 at 07:48
  • 1
    Erase ~/.freerdp/known_hosts and retry. You forget to tell if you got the same symptom if you connect from a windows host – yagmoth555 Jan 23 '15 at 13:52
  • Found similar question http://serverfault.com/questions/83884/require-tls-on-rdp-for-all-connections . Does it help? – tikend Jan 26 '15 at 14:50
  • 1
    Under the "Remote" tab in System Properties are all servers configured the same; i.e. "Allow connections from computers running any version of Remote Desktop (less secure)" vs "Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)? – John Ball Mar 21 '15 at 17:49

1 Answers1

0

From the start menu, pick administrative tools, remote desktop services and then remote desktop session host configuration.

In that window there's a Connections panel with all of your network interfaces listed. Double click on the connection that you're accessing and check the settings on the general tab.

Confirm this is the same as you expect and the same as your other servers.

anuff
  • 106
  • 4
  • I already said that the settings under properties of the connection were identical. However, this problem of January has been solved long ago, though I am unsure what the solution was back then - otherwise I might post that as answer. – Hagen von Eitzen Apr 21 '15 at 16:52