In some cases, when connecting to remote computers/RDS server via RDP, users may encounter an “An internal error has occurred” error. This error may appear due to various reasons related to both the settings of the RDP/RDS server and the client (Windows settings, or settings in the Remote Desktop Connection window).
The error “An internal error has occurred” usually appears after user credentials is entered in the mstsc.exe window or immediately after clicking the Connect button.
Since there may be several causes for this RDP error, try to use the following tips one by one until you find a solution that helps you.
The easiest way to fix the problem is to reboot the remote RDP/RDS server and your computer from which you are establishing RDP connection. If you cannot restart the server right now, you should try to restart the Remote Desktop Service. You can do this with the following commands running in the elevated cmd.exe:
net stop termservice net start termservice
Or you can restart Remote Desktop Services from the services.msc console.
Open the properties of your RDP connection in Remote Desktop Connection windows and make sure the ‘Reconnect if the connection is dropped‘ option is enabled on the Experience tab
Next, try to recreate the RDP certificate:
- Open local computer certificates MMC snap-in, by running the certlm.msc command;
- Go to the following certificate section: Remote Desktop > Certificates;
- Right click your self-signed certificate RDP cert and delete it (if there are several RDP certs, remove them all);
- Restart the Remote Desktop Services as described above.
You can try to change the maximum outstanding connections limit on your RDP server via the registry. Set the following registry value via regedit.exe:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server DWORD: MaxOutstandingConnections VALUE: 10000
Or with PowerShell:
New-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetControlTerminal Server" -Name MaxOutstandingConnections -Value 10000 -PropertyType DWORD -Force
Check the current MTU size oy your Windows with the command:
netsh interface ipv4 show subinterfaces
If the current MTU size for your network interface is equal or more than 1500 (default Windows value), reduce it by using the command:
netsh interface ipv4 set subinterface "vEthernet (vSwithcExternal)" mtu=1452 store=persistent
Try to change some Group Policy setting using the Local GPO editor (gpedit.msc) or domain Group Policy Management Console (gpmc.msc).
- Disable UDP protocol for RDP connection on clent side: Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client > Turn Off UDP on Client = Enabled;
- Enable FIPS compliant algorithms: Computer configuration > Windows Settings > Security Settings > Local Policies > Security Options > System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing = Enabled;
- Disable the hardware encoding and enforced AVC:444 mode on the RDP server side: Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment > Prioritize H.264/AVC 444 Graphics mode for Remote Desktop Connection = Disabled;
- Try to change the RDP security level to RDP mode (use the policy ‘Require use of specific security layer for remote connections’ according to the article.
After changing the policy settings, you need to apply them on the client and server using the gpupdate command.
Now check that your RDP client connects without errors.