Time settings: check. Same/same No name resolution issues Dual NIC on SBS – I know ☺. NIC 2 was VM-VM only on dedicated virtual switch, using HOSTS file so only traffic to-from SERVER2 traverses it (they are on the same Hyper-V host) netstat -n -a -o | find "3389" shows 3389 open and listening
Doing more work, on security layer setting it to “RDP Security Layer” it did work, but “Negotiate” didn’t. Heeeeey….I found the issue! A couple weeks ago I ran a tool (IISCrypto) to disable TLS 1.0 and I think this was the first reboot. Flipping it back to “RDP layer” allows RDP to work. Re-enabling TLS 1.0 and restarting the Remote Desktop services once again allows the RDP session to work in its default config (and allowing the requirement of NLA). Learned something new today, even if it was self-inflicted…don’t turn off TLS 1.0 if you want to use “negotiate” or “TLS 1.0” settings with RDP Thanks everyone! Dave From: [email protected] [mailto:[email protected]] On Behalf Of Christopher Bodnar Sent: Wednesday, August 14, 2013 12:15 PM To: [email protected] Subject: Re: [NTSysADM] Odd RDP issue From an internal connection are there any name resolution issues (FQDN, NetBIOS) names both resolve? Can you RDP to it by IP from the internal network? Can you RDP to itself while accessing it from the Hyper-V console? Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: David Lum <[email protected]<mailto:[email protected]>> To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Date: 08/14/2013 02:49 PM Subject: [NTSysADM] Odd RDP issue Sent by: [email protected]<mailto:[email protected]> ________________________________ SBS 2011 (similar to 2008R2), Hyper-V VM. Two NIC’s on the VM. RDP has been working fine for months. I was able to RDP to the machine today to reboot it, but after the server came back up I cannot RDP to it. • Entering via Hyper-V console I can log onto the VM’s console. • From the Internet I *can* use https://remote.mydomain.com<https://remote.mydomain.com/> (which is the affected server) and use Remote Web Access to access other servers, shared folders, etc. but cannot RDP to the server itself • The only broken thing I am finding is RDP to the server • Changing RDP security levels (require NLA or not) has no effect Every time I try to RDP I get a corresponding “A fatal error occurred while creating an SSL server credential. The internal server state is 10013” in the servers event log. Google-fu comes up with a few ideas but nothing definitive for me. Anyone? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you.
<<inline: image001.jpg>>
