In some cases, when connecting to remote computers/RDS servers via Remote Desktop (RDP), users may encounter an “An internal error has occurred” error. This error may appear due to various reasons related to both the settings of the RDP/RDS server and the client (Windows settings, or settings in the Remote Desktop Connection window).
The error “An internal error has occurred” usually appears after user credentials are entered in the mstsc.exe window or immediately after clicking the Connect button.
Since there may be several causes for this RDP error, try to use the following tips one by one until you find a solution that will help you.
The easiest way to fix the problem is to reboot the remote RDP/RDS host and the computer from which you are establishing an RDP connection. If you cannot restart the server right now, you should try to restart the Remote Desktop Service (together with the Remote Desktop Services UserMode Port Redirector). You can do this with the following commands running in the elevated cmd.exe:
net stop termservice net start termservice
Or you can restart Remote Desktop Services from the services.msc console.
Reset the DNS client cache on your computer by running the following command from an elevated command prompt:
ipconfig /flushdns
If you are using a VPN to connect to a remote network, try disabling the VPN connections and try reconnecting to the RDP host. You can find and disable all active native Windows VPN connections using PowerShell:
foreach ($item in get-vpnconnection | where { $_.ConnectionStatus -eq "Connected" })
{
Rasdial $item.Name /disconnect
}If you are using third-party VPN software, disconnect VPN sessions from its interface.
Open the properties of your RDP connection in Remote Desktop Connection windows and make sure the ‘Reconnect if the connection is dropped‘ option is enabled on the Experience tab.
Try to disable the Server Authentication warning in the Advanced tab of the RDC client. Set the If server authentication fails to Connect and don’t warn me.
Check the Security Event Log for the following event ID 5379:
Credential Manager credentials were read.
This event occurs when a user performs a read operation on stored credentials in Credential Manager.
Your RDP client may have tried to use saved credentials for RDP connections. You need to remove it from Credential Manager:
- Open Windows Credentials in Control Panel (or by running the command: rundll32.exe keymgr.dll,KRShowKeyMgr);
- Delete the saved RDP logon credentials for your remote host. Find the entry that starts with TERMSRV\your_rdp_host_name or TERMSRV\your_rdp_IP_address and click the Remove button;
Next, try to recreate the RDP certificate:
- Open local computer certificates MMC snap-in, by running the certlm.msc command;
- Go to the following certificate section: Remote Desktop > Certificates;
- Right-click your self-signed certificate RDP cert and delete it (if there are several RDP certs, remove them all);
- Restart the Remote Desktop Services as described above.
You can try to change the maximum outstanding connections limit on your RDP server via the registry. Set the following registry value via regedit.exe:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
DWORD: MaxOutstandingConnections
VALUE: 10000
Or with PowerShell:
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name MaxOutstandingConnections -Value 10000 -PropertyType DWORD -Force
Check the current MTU size in your Windows with the command:
netsh interface ipv4 show subinterfaces
If the current MTU size for your network interface is equal to or more than 1500 (default Windows value), reduce it by using the command:
netsh interface ipv4 set subinterface "vEthernet (vSwithcExternal)" mtu=1452 store=persistent
Try to change some Group Policy settings using the Local GPO editor (gpedit.msc) or domain Group Policy Management Console (gpmc.msc).
- Disable UDP protocol for RDP connection on client side: Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client > Turn Off UDP on Client = Enabled;
- Enable FIPS compliant algorithms: Computer configuration > Windows Settings > Security Settings > Local Policies > Security Options > System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing = Enabled;
- Disable the hardware encoding and enforced AVC:444 mode on the RDP server side: Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment > Prioritize H.264/AVC 444 Graphics mode for Remote Desktop Connection = Disabled;
- Try to adjust the RDP security level to RDP mode. Enable the policy ‘Require use of specific security layer for remote connections’ under the GPO section Computer configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security and set the Security level to RDP (according to the article). Restart the remote host to apply this setting.
After changing the local Group Policy settings on a remote server, you need to apply them on the client and server using the gpupdate command.
If you are using NIC Teaming on your Windows Server host, make sure that the receive side scaling is disabled.
- Open the Device Manager console (devmgmt.msc);
- Expand the Network adapters and open the properties of the Microsoft Network Adapter Multiplexor Driver;
- Go to the Advanced tab and set Receive Side Scaling to Disabled.
When you use a smart card certificate to authenticate on the Remote Desktop server, you may encounter the following events in the RemoteDesktopServices-RdpCoreT log on the Windows Server 2019/2016 RDS host:
Warning Event 226, RemoteDesktopServices-RdpCoreTS
General: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040)
Warning Event 142, RemoteDesktopServices-RdpCoreT
General: TCP socket READ operation failed, error 64
Make sure your certificate has not been revoked.
Now check that your RDP client connects to the remote host without errors.
- Installing Active Directory Users and Computers (ADUC) Snap-in on Windows 11/10 - October 5, 2022
- How to Enable Root Login on Ubuntu? - October 1, 2022
- Fix: StartTLS is Required to Send Email - October 1, 2022
I have had this issue. I had to turn off the server authentication warning under advanced of my client RDP connection.
I have had this issue for a couple weeks now and tried all your suggestions, but still continue to get “An internal error has occurred”. I am running Windows 10 pro. Any other ideas? I appreciate your help.
This issue is so frustrating. I have it when attempting to connect to several different bare metal servers running Windows Server 2012 from a Windows 10 Pro machine. This HAS to be a bug because the way I fix it is to attempt to connect over and over and over until finally it just works. Sometimes it takes 2 tries, sometimes it takes 10 tries.
As Web Developer stated, current workaround is to retry connecting ~10 times, and it works…
This is SHITE advice polease dont follow this as non of these address the issue.
This is due to security protocol being used mismatch.
tls to be exact
what should i do to fix the issue?
I had this issue on two 2019 Windows servers. A simple server reboot resolved this issue for me. Thanks for the tips!