Let’s try to figure out how to fix an RDP connection error This computer can’t connect to the remote computer, which occurs when you are trying to connect to a remote computer or Remote Desktop Server (RDS) using the built-in Windows RDP client.
The problem looks like this: when you are trying to connect via RDP to a remote Windows server/desktop, the mstsc.exe client freezes for a minute and a window with the following RDP error appears:
Remote Desktop Connection
This computer can’t connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.
Check the RDP Network Connectivity
First of all, check that the remote computer is accessible from your computer over the network and the Remote Desktop port (TCP 3389) is responding (and not blocked by firewalls). You can check the RDP port availability on a remote server from client workstation using:
The Telnet client:
telnet rdp_server_name1 3389
PowerShell 4.0 and higher:
Test-NetConnection rdp_server_name1 -Port 3389 -InformationLevel Quiet
Note. If this command returned True, then the RDP port responds on the server and is not blocked.
PowerShell all versions:
New-Object System.Net.Sockets.TcpClient).Connect(‘rdp_server_name1’, 3389)
If port 3389 is unavailable, you should check that Remote Connection is enabled on the remote server (right click on Start button > System > Remote settings > Allow remote connections to this computer).
You can remotely allow RDP connection on the remote server by changing the fDenyTSConnections registry entire to 0 using the following guide.
Check the RDP Services State Settings on the Remote Computer
If Remote Desktop is enabled, next you should check the setting, which determines the maximum number of simultaneous users’ connections to a Remote Desktop. Open tsadmin.msc mmc snap-in (Administrative tools > Remote Desktop Services > Remote desktop Session Host Configuration). Click on RDP-TCP properties and check the value of Maximum connections property in Network Adapter tab.
Use the netstat command to verify if TCP port 3389 is in Listening state. Open a command prompt as administrator and execute the command:
netstat -a -o|find "LIST"
As you can see, in our example, port 3389 is listening.
TCP 0.0.0.0:3389 DESKTOP-JOPF9:0 LISTENING 1096
Check RDP Port and Windows Firewall Settings
In some cases, the administrator can change the RDP port from default 3389 to something else (although Microsoft does not recommend this). To check the current port on which the Remote Desktop service is listening on the computer, open the registry editor (regedit.exe) and go to the registry key:
Note the value of the PortNumber REG_DWORD parameter. It indicates the current TCP port assigned to the RDP service. In our example, this is 3389 (d3d hexadecimal value). If you have a different port, you can change it to 3389 (in decimal) and restart the computer.
Also, check that the rule allowing incoming RDP connections is enabled in the Windows Firewall settings.
- To do this, go to the Control PanelSystem and SecurityWindows Defender Firewall;
- Press the “Allow an app or feature through Windows Defender Firewall” > Change Settings;
- Find the Remote Desktop rule and make sure it is enabled for Private and Public networks.
If you use a third-party firewall or antivirus, make sure that it does not block incoming RDP connections. You can temporarily disable your antivirus software.
Next, check your network connection properties. Verify that the network connection status is set to Public. Change it from Private to Public if needed (Settings > Network & Internet > Status > Network status > Change connection properties).
RDP This computer can’t connect to the remote computer: a possible cause
Another possible cause of the RDP error may be a high level of security, which is not supported by older versions of the RDP client.
In this case, open the General tab on the RDP-Tcp properties windows and change the Security layer from default Negotiate to less secure RDP Security Layer.
Tip. Snap-in tsadmin.msc and RDP-Tcp Properties dialog box are missing in Windows Server 2019/2016 and 2012 R2. But you can configure Remote Desktop setting using the local Group Policy Editor (gpedit.msc). The necessary policies are located in the following GPO section: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host.
- RDP security level can be specified using the policy named Require user of specific security layer for remote (RDP) connections. Enable this policy and in the dropdown select the RDP Security level.
- Maximum number of RDP connection can be specified in the section Connections using the policy Limit number of connections. Set unlimited connection by specifying 999999 in the option RD Maximum Connections allowed
RemoteApp Disconnected: Can’t Connect to the Remote computer
In some cases, when connecting with Windows 10 to a remote desktop on Remote Desktop Gateway on Windows 2012 R2, an error occurs:
Your computer can’t connect to the remote computer because an error occurred on the remote computer that you want to connect to. Contact your network administrator for assistance.
To fix this problem, you need to perform the following steps on the RDP client:
- Open the Registry Editor (regedit.exe);
- Go to the registry key HKEY_CURRENT_USERSoftwareMicrosoftTerminal Server Client;
- Create a DWORD parameter with the name RDGClientTransport and the value 1.
- Restart the computer.
If the above solution didn’t fix the RDP connection error, try to change the collection settings on the RDSH server side. Open your problem application collection properties, go to the Security tab and uncheck the option “Allow connections only from computers running Remote Desktop with Network Level Authentication”.
If the RemoteApp Disconnected error occurs on only a one single not-domain joined computer, it is possible that the different LAN Manager/NTLM policy settings are used on the RDSH host and the desktop computer. This can often cause authentication problems.
Check current Network Security: LAN Manager authentication level policy settings on RSDH using the command gpresult /r c:tmpgpreport.html (inspect html file) or using rsop.msc (this policy is located in the section Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options). If LM and NTLMv1 protocols are disabled on your RDSH server (Send NTLMv2 Response only policy value), you must change the appropriate policy settings on the client side.
- To do this, open the local GPO editor (gpedit.msc);
- Go to the GPO section above;
- Enable the policy “Network Security: LAN Manager authentication level” and set its value to Send NTLMv2 Response only;
- Update the policies on the client with the command gpupdate;
- Check your RemoteApp connection.
Fix: Can’t Connect to the Remote Desktop Gateway Server
There is another error related to Remote Desktop Gateway, on which users run RemotApps.
Your computer can’t connect to the remote computer because the Remote Desktop Gateway server address is unreachable or incorrect. Type a valid Remote Desktop Gateway server address.
This error can looks like this:
Your computer can’t connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance.
If you are facing with one of the errors above, the most likely problem is that your computer can’t resolve the public FQDN name of your Remote Desktop Gateway server. In some cases the public RDGW name can’t match the host name.
To fix this problem:
- Open the Internet Information Services (IIS) Manager on the Remote Desktop Gateway server;
- Go to the IIS section Sites > Default Website > RDWeb > Pages > Application Settings;
- For the DefaultTSGateway value, enter the server’s FQDN public name of your RD Gateway server, and then restart the web services with the command: iisreset
Also check your RDGW certificate. Your certificate must not be expired.
You can find your SSL certificate info by going to Server Manager > Remote Desktop Services > Collections > Your_Collection > Tasks > Edit Deployment Properties > Certificates > RD Gateway > View Details. Check the certificate expiration date.
Go back to your client PC and try to start a new RDP Session. The connection should be established successfully.