Remote Desktop not working outside of network

If you have problems using Remote Desktop [RDP] with your Windows server, there are a couple of things you can fix. This troubleshooting guide aims to help rule out some of the most common causes for poor functionality.

Try UpCloud for free! Deploy a server in just 45 seconds

Problems connecting

Even while you might have trouble connecting using Windows Remote Desktop, you should always be able to log in to the web console at your UpCloud control panel, or by VNC connection, which settings are at your server details.

Once you’ve connected to your server, through either of the methods mentioned above, you should be greeted by Windows lock screen. Sign into your server with an account that has administrator privileges to continue troubleshooting.

If the connection shows something other than the lock screen, try if the server seems responsive. If it does not react to commands you might have to restart your server.

Windows Remote Desktop settings

When you are logged in and the server seems to be working, but Remote Desktop still cannot connect, make sure a remote connection is allowed. The easiest way to get to the option is to open sysdm.cpl by searching for it on the start menu. Then move to the Remote tab.

The Remote Desktop needs to allow connections from other computers for the feature to work. If your server was set to allow remote control with Network Level Authentication, make sure your own computer supports this or select to allow any connection. You can find more information about Network Level Authentication at Microsoft’s TechNet.

While still at the RDP settings, check the allowed users by clicking the Select Users or by pressing S. All users with administrator access are automatically permitted to connect. All normal users must be added to this list. If you were trying to connect with user credentials that do not have admin rights, add the username you wish to connect with to the list of allowed users.

Firewall

The Windows Firewall might be a little restrictive at times, for example, inbound ICMP protocol that ping connections use are disabled by default. Open the Windows Firewall with Advanced Security by searching for “firewall” in the start menu. Move to the Inbound Rules list and scroll down to Remote Desktop rules by pressing R.

Windows Server 2008 should show two rules: Remote Desktop [TCP-In] and Remote Desktop - RemoteFX [TCP-In]. Both of these would in most cases be enabled as long as the server still uses the standard 3389 TCP port for RDP connections.

With 2012 Windows Servers the rules are split between Domain and Private, or Public profiles as well as TCP and UDP protocols, which translates to 4 separate Remote Desktop - User Mode rules, all of which would usually be enabled.

Optionally while at the firewall settings, you may wish to enable ICMP for ping. Press F to find the rules, called File and Printer Sharing [Echo Request - ICMPv4 - In] and v6 for both IP versions.

When you are certain that the Windows Firewall allows Remote Desktop connections, also check the server specific firewall settings at your UpCloud control panel. If you have set the default incoming rule to reject, remember to add a rule to permit traffic to the port Remoter Desktop server is listening to, 3389 by default. Find out more about the UpCloud firewall at the tutorials.

Network connection

Test the internet connection on your server to make sure all your network resources work as they should. Start to ping out from your server. Open the Command Prompt and type cmd in the start menu search. Press enter then use the command below.

ping 8.8.8.8

If you enabled the echo requests from Windows Firewall, you can also attempt to ping your server from your own computer. Find the server’s public IP address on your UpCloud Control Panel under Network and Public Network.

In case the internet connection does not seem to work, check your IP configuration on Command Prompt with the following command.

ipconfig

The output will list all of your servers network connections, you should see 3 Ethernet adapters: the private network, public IPv4 and public IPv6. Check that these match with the network information in your server details under Network tab at your UpCloud control panel.

If you see differences in the ipconfig output and your server network details page, check that all network interfaces are set to obtain the IP addresses automatically. To do this, search for Network Connections in the start menu and press enter to open it. Open the Properties for one of the Ethernet adapters, select Internet Protocol Version 6 or 4 and click on Properties button underneath. Make sure both radial buttons are set to automatic and press OK to save. Check through all of the network adapters on the server the same way.

Slow connection

If your Remote Desktop connection works, but feels slow or disconnects at times, you should try updating the network drivers. Download the latest Virtio drivers for Windows.

After downloading the ISO file on your server, with Windows Server 2008 you will need to have a program like 7zip to unpack it. On Server 2012 you can simply mount the file as a disk.

With the files available, open the Device Manager simply by searching for it by name in the start menu and pressing enter. Browse down to Network adapters, select each adapter one by one and run the Update Driver Software. In the update wizard, select Browse my computer for driver software, enter the driver location to the search field and press next. Note to keep the Include subfolders selected.

If you were connected through Remote Desktop while updating the network drivers, you’ll probably get disconnected for a moment. The client should be able to restore the connection automatically after the drivers have been installed successfully.

Port conflict

In some cases, it is possible that another application unintentionally uses the same port as Remote Desktop. This can cause connection issues or prevent Remote Desktop from connecting.

Check the ports used by programs. Enter the command below on Command Prompt.

netstat -a -o

Netstat will print out a list of IP addresses and port numbers they use. Look for rows with your Remote Desktop port number [3389 by default] and check the program ID [PID] at the end of these lines. One PID will belong to the RDP service. If you see another PID that uses the same port, these will conflict with one another.

To find out which programs the PIDs belongs to, use the following on Command Prompt.

tasklist /svc

Remote Desktop is listed as svchost.exe TermService, any other PID that uses the same port number causes issues.

Change RDP port number

If there is a port conflict, you can resolve it by changing the port used by one of the applications. Microsoft recommends to ideally change the port used by any other applications. If this is not possible, the port number Remote Desktop listen to can be changed with a couple of steps.

Change the port number because it can also help to reduce intrusion attempts through obfuscation. This should not be your only method of security.

To change the port number, you’ll first need to choose a free port not used by anything else on your server. Check the ports currently in use with netstat -a -o as described previously. The new port number can be anything from 1024 through 49151.

Add the port number you’ve selected to the Windows Firewall Inbound rules by creating a new rule. In the New Inbound Rule Wizard, select the following

• Rule Type: Port
• Protocol and Ports: TCP, Specific local ports,
• Action: Allow the connection
• Profile: all options ticked
• Name: Remote Desktop – TCP

In the steps above the is the new port you wish RDP to listen to. Make sure your new firewall rule is set up correctly. Once you change the RDP port you’ll need it to work to be able to connect again.

The port number for Remote Desktop was not designed to be changed, and the only way to do so is through editing registry. We highly recommend that you make a backup of your server before making any changes.

Open the editor by searching for regedit in the start menu and pressing enter.

Locate the following key in the registry file system.

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal SErverWinStationsRDP-TcpPortNumber

Open the PortNumber registry key for edit, change the display to Decimal, enter your new port number and click OK to save the changes.

For the changes to get applied, you will need to restart the RDP service. Open Services again by searching for it in the start menu and pressing enter to run the program.

In the Services [Local] list, scroll down to find Remote Desktop Service, and restart it. A confirmation popup asks to restart other related services as well, click Yes to continue.

You will get disconnected if you were using RDP to make these changes. Afterwards just reconnect to your new port by defining it in the Computer field on RDP connection.

windows.server.example.com:34567

With the new port, you should get uninterrupted reliable remote access.

Getting help

If you ran into deeper trouble or need help with something else, don’t hesitate to ask. When you contact UpCloud Support, try to explain the problem to the best of your ability. Include any steps you’ve already taken together with their results when you  troubleshooted the issue. It will help our support team to solve your problem.

Remote Desktop Connection allows you to connect to Remote Desktop enabled computers for troubleshooting and other purposes. However, when trying to set up or establish a connection, you may encounter the "Remote Desktop can’t connect to the remote computer" error.

This error can occur due to several reasons, mostly because of incorrect configuration and network issues. In this article, we look at the causes and some troubleshooting tips to help you get the RDC working again.

What Causes the Remote Desktop Can’t Connect to the Remote Computer Error?

This error may occur because of multiple reasons:

• The host computer must have Remote Desktop enabled. This feature is only available on Windows 10 Pro and above versions.
• Outgoing and incoming connections can be affected by the presence of antivirus on your machine. Check if your firewall is blocking the RDP connection and add it to the whitelist if required.
• Check if your account has sufficient permission to start the connection from the source computer.
• You have an incorrect configuration of listening ports, corrupt RDC credentials, or some network-related issues.

Now that you know the potential causes, let’s explore a few fixes you can follow to resolve this error on your PC.

1. Enable Remote Desktop on Your PC

Before attempting any fixes in this article, make sure that Remote Desktop is enabled on your PC.

To enable Remote Desktop in Windows 10:

1. Go to Start > Settings > System > Remote Desktop.
2. Toggle the switch under Enable Remote Desktop to enable the service.

Follow our guide on how to enable and set up Remote Desktop Connection on Window 10 for further instructions.

If the Remote Desktop is already enabled, then turn it off and restart your PC. As the PC restarts, turn on Remote Desktop again and check for any improvements.

2. Check Your Firewall Rules

Depending on how you have configured your firewall’s policy, it may block some inbound and outbound communications. Check your Windows Defender Firewall settings to see if Remote Desktop Connection is blocked. If yes, add the app to the allowed list.

To unblock Remote Desktop in Windows Defender Firewall:

1. Type Windows Defender in the Windows search bar and click on Windows Defender Firewall.
2. In the window that appears, click on Allow an app or feature through Windows Defender Firewall.
3. Click on Change settings to add or change apps permission. It will show a list of apps and features that are allowed for inbound and outbound connections.
4. Scroll down and check the Remote Desktop box for Private and Public columns.
5. Click OK to apply the changes.

3. Change Your Network Profile

In Windows 10, you can choose to make your network profile Public or Private. On a Public network, Windows disables the network discovery feature to hide your computer from other computers.

Try changing your network to Private to see if you can establish a connection with the network discovery feature enabled. Here’s how to do it.

1. Press Win + I to open Settings.
2. Go to Network and Internet. In the Status tab, check your network status.
3. To change the status, click on the Properties button and then set your network profile to Private. If it is already set to Private, change it to Public and check for any improvements.

4. Reset the Remote Desktop Connection Credentials

When you establish a new Remote Desktop connection for the first time, the client saves the credentials for quick login. However, corrupt or changed credentials can often result in the Remote Desktop can’t connect to the remote computer error.

A quick reset of saved credentials can resolve this error. Here’s how to do it.

1. Type Remote Desktop Connection in the Windows search bar and open the client.
2. Click the drop-down for Computer and choose your remote PC.
3. Click on the Delete link under the User name section and click Yes to confirm the action.
4. Once the credentials are reset, relaunch the Remote Desktop Connection client and try to connect again.

5. Add the Remote PC Address to the Hosts File

Another way to resolve the Remote Desktop can’t connect to the remote PC error is to add the remote IP address to the hosts file in your PC. Windows’ Hosts file contains information to map a connection between an IP address and domain name.

Manually adding the Remote PC address to the hosts file can help you resolve any issues that may occur because of domain name resolution. Here’s how to do it.

1. Press Win + I to open File Explorer and navigate to the following location: C:\Windows\System32\drivers\etc
2. In the etc folder, right-click on the hosts file, choose Open With, and select Notepad from the list of apps.
3. You may see a few entries in the hosts file commented out. All you have to do is add the IP address of the remote computer you want to connect to and save the file [Ctrl +S].

6. Enable RDP Protocol on a Remote Computer Using Registry Editor

For your Remote Desktop Connection to work, the RDP Protocol must be enabled in the Registry. Check the registry entry associated with the RDP Protocol to make sure it is enabled for your system. Here’s how to do it.

1. Press Win + R to open Run.
2. Type regedit and click OK to open the Registry Editor.
3. Next, navigate to the following path. You can also copy and paste the same for quick navigation: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server.
4. Right-click on fDenyTSConnection value and select Edit.
5. In the pop-up window that appears, enter 1 in the Value data field.
6. Click OK to save the changes.

Close the registry editor and then launch Remote Desktop Connection to see if the error is resolved. If the issue persists, verify the RDP listen port configuration in the Registry Editor.

Related: What Is the Windows Registry and How Do I Edit It?

7. Check and Configure RDP Listen Port

RDP uses 3389 as the default listen port. Similar to the RDP status, you can also configure the listening port using the Registry Editor. Here’s how to do it.

1. Open the Registry Editor and navigate to the following location: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
2. Select the RDP-Tcp key. Then, in the right pane, right-click on PortNumber and select Edit.
3. Set the value to 3389 and click OK.

8. Enable Remote Desktop Services in Group Policy Editor

If the issue persists, a Group Policy Object may be blocking the connection to your local computer. Here, you will have to manually enable the service using Group Policy Editor. Here's how to do it.

1. Press Win + R to open Run. Type gpedit.msc and click OK. This will open the Group Policy Editor. On Windows 10 Home Edition, you will need to enable GPE manually before you can access the tool.
2. In the Group Policy Editor, navigate to the following location: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
3. In the Settings section, locate and double-click on Allow users to connect remotely by using Remote Desktop Services.
4. Select Enabled and click Apply and OK to save the changes.

Close the Group Policy Editor and open Command Prompt as administrator. To do this, type cmd in the Windows search bar, right-click on Command Prompt, and select Run as Administrator.

In the Command Prompt, type gpupdate force and hit enter. This will force the recent changes made to the GPO.

9. Check Your RDP Services Status

Services in Windows OS are non-UI software applications that run in the background and are usually scheduled to run automatically. For Remote Desktop to work, services related to RDP should be running on both the remote and client systems.

To restart RDP services:

1. Press Win + R to open Run. Then, type services and click OK.
2. In the Services window, locate and right-click on Remote Desktop Services [TermService] service and select Properties.
3. In the Properties window, set the Startup type to Automatic and click Apply.
4. Right-click on the service again and select Restart.
5. Repeat the steps for Remote Desktop Services UserMode Port Redirector service as well.

10. Add the RDGClientTransport Key to the Registry

Another workaround to fix Remote Desktop connection-related issues is to tweak the Registry Editor to add the RDGClientTransport key. It will force the Remote Desktop Protocol to use RPC/HTTP connection instead of HTTP/UDP.

To add the RDGClientTransport key:

1. Press Win + R to open Run. Type regedit and click OK to open the Registry Editor.
2. In the Registry Editor, navigate to the following location. Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Terminal Server Client
3. Right-click on the Terminal Server Client key and select New > DWORD [32-bit] Value.
4. Rename the value as RDGClientTransport.
5. Next, double-click on the newly created values and enter 1 in the Data value field. Click OK to save the changes.

Now You Can Connect to Remote Desktop With No Error

Remote Desktop is a handy tool available in the Pro version of Windows 10. However, you may sometimes encounter connection-related issues for various reasons, including disabled Remote Desktop, offline host computer, and network problems. Depending on your PC's status, you may have to follow one or more troubleshooting steps to resolve this error.

Visit MUO.com