Error When Connecting via RDP

RDP is a protocol designed for remote connection to a Windows server.

The RDP connection process is quite simple, but sometimes, you can have difficulties logging on to a remote server using RDP. The system will display an error and its brief description; however, often the provided information is not enough to solve the problem.

This article will describe the two most frequent RDP errors when logging on to a remote server and how to fix them.

Error #1. "An internal error has occurred"

When connecting via RDP using the standard Windows utility, you may see an error window at the moment of logging on to the server.

That's how it looks:

As you can see in the picture, the error description does not explain anything other than saying that an internal error has occurred in RDP. There may be many reasons for this error. For example, it can occur due to incorrect connection settings or protocol security settings. 

Below, we will consider the causes and possible solutions that helped other users eliminate the error.

Solution #1. Check the port

The first thing to do is check that the RDP protocol listener is configured to work on port 3389 both on the server and the local machine. To do this, use the Registry Editor system application.

Before fixing the error, we will create a backup copy of the registry.

1. Press WIN+R and run regedt32.

2. Create a backup copy. To do this, click the File tab in the registry window and then Export. Then select the location where to store the registry files. If any errors occur after making changes, you will be able to restore the registry (File → Import).

3. Now you need to go to the RDP-Tcp folder. To do this, enter this path and click Enter:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

You also can get to the folder by searching for it. Go to the Edit → Find and search for RDP-Tcp.

After the first result is found, check the path to the folder. It should be exactly this:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

If the path differs, keep pressing the F3 button until you find the correct folder.

4. In the folder, look for the parameter called PortNumber and check If its value is 3389. 

If not, change it to 3389 (double click on PortNumber → select Decimal → enter the number).

5. Repeat the previous step, but this time for the remote server.

6. Restart the services. We describe how to do it in the Solution #2. 

7. Log in to the server again.

Solution #2. Restart the Remote Desktop services

Whether the ports were configured correctly from the beginning or you changed their values as described in Solution #1, now you'll need to restart the Remote Desktop service. 

Use the Computer Management utility to avoid restarting devices that may be in operation.

1. Use the WIN+R shortcut and run compmgmt.msc.

2. Go to the Services and Applications tab and open Services.

3. Find Remote Desktop Services and click Restart the Service as shown in the image below.

4. Perform the two previous steps again, but this time for the server. To do this, right-click on the Computer Management tab and then Connect to another computer.

5. After establishing the connection, repeat steps 2 and 3.

6. Try to connect to the server.

Solution #3. Check the protocol status on the server

To check the status of the RDP protocol on the server, use the Registry Editor application from Solution #1. 

1. Press the WIN+R key combination and run regedt32.

2. Click File → Connect Network Registry as shown in the image below.

3.  Go to the folder called Terminal Server. You can use search (keyboard shortcut CTRL+F) or go directly to the folder by entering the path:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

When using search, press the F3 key until the address of the folder matches the address above.

4. Look for the fDenyTSConnections parameter. It can take two values: either 0 or 1. The first one indicates that the RDP protocol is working successfully. The second indicates that it is disabled.

5. Change the parameter value to 0.

6. Perform the same for the Terminal Services folder:

• • Go to the path:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services

 

• • Find the fDenyTSConnections parameter.

  • Change its value to 0.

7. Try logging in to the server again.

Solution #4. Change connection settings

Another solution for the RDP internal error is to adjust the connection settings. 

1. In the Remote Desktop Connection program, click Show Options to open additional connection settings.

2. Go to the Experience tab.

3. Check or uncheck the Reconnect if connection is dropped box depending on what state it is in now.

4. Try to reconnect.

Solution #5. Clear the connection cache

Apart from the solutions listed above, you can try clearing the connection cache.

First, you should enable the display of hidden folders. To do this, open any directory on your computer, click View → Show and check Hidden items.

1. Go to the Cache folder located at:

C:\Users\%Username%\AppData\Local\Microsoft\Terminal Server Client 

2. Delete all its content.

3. Click Win+R and run regedt32 to go to the Registry Editor. 

4. Go to the Terminal Server Client folder, located here:

Computer\HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client

5. Delete all entries there as well.

6. Restart the computer and reconnect to the remote server.

Solution #6. Increase the limit on the number of connections

The "An internal error has occurred" issue in RDP can also be solved by increasing the registry parameter responsible for limiting the number of network connections. This parameter defaults to 3000 in network versions and only 100 in desktop versions. It can get clogged up very quickly, causing troubles when logging in.

To fix the problem, you should increase the size of the MaxOutstandingConnections parameter. To do this, launch the terminal as administrator and execute the command:

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536

Now restart Remote Desktop Services and try logging into the server again.

Error #2 "CredSSP: Authentication error"

Another frequent RDP protocol error is the authentication error that occurs at the authorization stage of connecting via RDP.

 

As you can see from the picture above, the system is pointing the user to a possible CredSSP-related error.

CredSSP is a Windows protocol that is used to transfer credentials securely from the local machine to the server. It protects the user from DDoS attacks or unauthorized access to the server.

Credential error often occurs due to a lack of security updates on the user's computer or the remote server itself.

After you successfully log in to the server, you can download the security updates from the official Microsoft site or in the Windows Update Center section of your system settings.

Solution #1. Windows Home

This solution will work for users running Windows Home.

1. Open the terminal as administrator.

2. Enter the command into the terminal line:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters /v AllowEncryptionOracle /t REG_DWORD /d 2

The command will adjust the Windows Registry by adding a key that modifies the CredSSP security policy. The value 2 sets the lowest security level.

3. Reboot the device.

4. Try to connect to the server.

5. Be sure to install the necessary security updates on the server.

6. After completing the updates, restore the initial security settings using the command from step 2. Only instead of 2 at the end, you should enter 0.

Solution #2. Windows Professional

The solution below will work for those who use the professional version of Windows.

1. Open the Local Group Policy Editor system application. Use the WIN+R key combination and open gpedit.msc.

2. Navigate to the Credentials Transfer folder (Computer Configuration → Administrative Templates → System → Credentials Delegation).

3. Find the Encryption Oracle Remediation setting and click on it twice.

4. In the next window, check the Enable box and select Vulnerable in the Protection level field.

^{Image source: anyviewer.com}

5. Reboot the device.

6. Try to connect to the server.

7. Install all security updates.

8. Once the updates are complete, return the Encryption Oracle Remediation parameter to its original state.

Conclusion

We have covered two prevalent connection errors in RDP: the "Internal error has occurred" error and the authentication error. We have provided solutions for each of them that will help most users eliminate the problems.