Connecting through RDP Gateway on Windows not working
So, apparently there's a bug in the windows Remote Desktop Client (or at least a very confusing UI?).
When entering my credentials, nothing was happening (traffic-wise) whenever I submitted my credentials.
However, if I check the "Remember my credentials" box, wheels start turning, traffic starts flowing and I'm successfully able to log in.
I can only assume this is a bug in the RDP client, but feel free to give more insight.
Related videos on Youtube
Dauntless
Updated on September 18, 2022Comments
-
Dauntless over 1 year
I've set up some instances on Amazon AWS that have RDP enabled. I can log in to these instances just fine from my home network. There is no domain behind the instances, there are only local accounts.
However, I want to be able to access them from corporate networks that block RDP. In order to get around firewall restrictions, I've added an RDP GateWay server with a signed certificate. Using my OS X RDP client ("Microsoft Remote Desktop.app"), I can connect to the instances just fine through the RDP GW.
However, when I'm using Windows (7, 8, 10), it doesn't allow me to connect. The login prompt below jus keeps respawning, without any feedback whatsoever. I'm sure the credentials are correct. The title refers to the GW, but the target is the actual EC2 instance. I've tried credentials for both the GW and the EC2 instance.
What I've tried
- In the GPO, set
LAN Manager Authentication Level
toSend NTLMv2 response only
. I did this both on the gateway and my local computers. - Use different computers (Windows 7 without domain, Windows 8 with domain, Windows 10 without domain). (Only OS X works)
- Using the same credentials on the GW and the EC2 instance.
- Exporting the RDP configuration from OS X and opening it with windows.
Logs on Gateway
Logs from
Microsoft-Windows-TerminalServices-Gateway/Operational
-
When connecting from OS X:
The user "WIN-XXXXXX\USERNAME", on client computer "xx.xx.xx.xx", met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: "NTLM" and connection protocol used: "HTTP".
When connecting from windows, nothing is shown
Wireshark
When I monitor everything through WireShark, no traffic occurs when using the gateway (on windows), while I do see everything on OS X+GW and windows w/o gateway. It doesn't try to resolve my gateway dns, it doesn't try to connect to it; nothing! It just gives me the login prompt, I enter credentials and press enter, and the prompt resets.
-
BlueCompute over 8 yearsAnything in the event logs on the gateway server when you try and connect?
-
Dauntless over 8 yearsNothing for the windows login. I've added some info the post.
-
BlueCompute over 8 yearsAny login attempt recorded in security log?
-
Dauntless over 8 yearsThere's nothing about the login attempt in
Windows Logs > Security
. Any other logs I should check? -
joeqwerty over 8 yearsI'm confused. First you said
I can log in to these instances just fine from my home network
and then you saidIn order to get around firewall restrictions, I've added an RDP GateWay server
. Those two statements would seem to contradict each other. -
Dauntless over 8 yearsI can connect to them from home (=no RDP restrictions), but not from my corporate network (=RDP is blocked). I've actually set up a second router at home which blocks port 3389 to simulate the environment. I'll clarify it in the original post.
-
Dauntless over 8 yearsI added some more info on weird wireshark behavior
-
Greg Askew over 8 yearsThe log to check is the TerminalServices-Gateway/Operational log.
- In the GPO, set
-
Tommaso over 4 yearsIt took me 25 minutes of frustration untill I landed on your answer and it works. Thanks.