Let’s try to figure out how to fix an RDP connection error This computer can’t connect to the remote computer. It occurs when you try to connect to a remote computer or Remote Desktop Server (RDS) using the built-in Windows RDP client (mstsc.exe).
The problem looks like this: when you try to connect to a remote Windows server/desktop via RDP, the mstsc.exe client freezes for a minute, and a window with the following RDP error appears:
Remote Desktop Connection
This computer can’t connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.
Check the RDP Network Connectivity
First of all, check if the remote computer is accessible from your device over the network, and the default Remote Desktop port (TCP 3389) is responding (and not blocked by firewalls).
Make sure the DNS address of the remote RDP host is correctly resolved from your computer. Use the following commands:
nslookup rdp_server_name1 ping rdp_server_name1
If the DNS name is not resolved properly, check your DNS settings or try connecting to a remote host using an IP address.
You can check the RDP port availability on a remote server from a client workstation using:
The Telnet client:
telnet rdp_server_name1 3389
PowerShell 4.0 and higher:
Test-NetConnection rdp_server_name1 -Port 3389 -InformationLevel Quiet
Note. If this command returned True, then the RDP port responds on the server and it’s not blocked.
PowerShell all versions:
New-Object System.Net.Sockets.TcpClient).Connect(‘rdp_server_name1’, 3389)
If port 3389 is unavailable, you should check if the Remote Connection is enabled on the remote server (right-click on Start button > Settings > System > Remote Desktop > Enable Remote Desktop).
You can remotely enable Remote Desktop on a Windows computer by changing the fDenyTSConnections registry.
Check the RDP Service Settings on the Remote Computer
If Remote Desktop is enabled, next you should check the setting which determines the maximum number of simultaneous users’ connections to a Remote Desktop. Open tsadmin.msc mmc snap-in (Administrative tools > Remote Desktop Services > Remote desktop Session Host Configuration). Click on RDP-TCP properties, and check the value of the Maximum connections property in Network Adapter tab.
The tsadmin.msc is missing in modern Windows versions (like Windows 10 or Windows Server 2016), so you should set the RDP service settings using Group Policies.
- Open the local GPO editor on the remote host: Win + R > gpedit.msc
- Navigate to the following GPO section: Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections
- Enable the policy parameter named Allow users to connect remotely using Remote Desktop Services (if this policy is disabled, the remote user will not be able to connect to this computer using Remote Desktop Services);
- Also, check if the Remote Desktop Services do not limit the number of simultaneous connections to the server. A maximum number of RDP connections can be specified in the section Connections using the policy Limit number of connections. Set unlimited connections by specifying 999999 in the option RD Maximum Connections allowed;
Use the netstat command to verify if TCP port 3389 is in the Listening state. Open a command prompt as administrator, and execute the command:
netstat -a -o|find "LIST"
As you can see, in our example, port 3389 is listening.
TCP 0.0.0.0:3389 DESKTOP-JOPF9:0 LISTENING 1096
Try to restart the Remote Desktop Services service. You can perform this action using the services.msc console or with the following command in the elevated PowerShell prompt:
get-service TermService| Restart-Service -force -Verbose
Check RDP Port and Windows Firewall Settings
In some cases, the administrator can change the RDP port number from default 3389 to something else (although Microsoft does not recommend this). To check the current port on which the Remote Desktop service is listening on the computer, open the registry editor (regedit.exe), and go to the registry key:
Note the value of the PortNumber REG_DWORD parameter. It indicates the current TCP port assigned to the RDP service. In our example, this is 3389 (d3d hexadecimal value). If you have a different port, you can change it to 3389 (in decimal), and restart the computer.
Also, check that the rule allowing incoming RDP connections is enabled in the Windows Firewall settings.
- To do this, go to the Control Panel\System and Security\Windows Defender Firewall;
- Press the “Allow an app or feature through Windows Defender Firewall” > Change Settings;
- Find the Remote Desktop rule, and make sure it is enabled for Private and Public networks.
If you use a third-party firewall or antivirus, make sure it does not block incoming RDP connections. You can temporarily disable your antivirus software.
Next, check your network connection properties. Verify the network connection status is set to Public. Change it from Private to Public if needed (Settings > Network & Internet > Status > Network status > Change connection properties).
In some cases, you need to try resetting the winsock and ip stack settings for the network adapter on the remote computer. Open a command prompt with administrator rights and run the commands:
netsh winsock reset netsh int ip reset ipconfig /release ipconfig /renew ipconfig /flushdns
In Windows 10, there is a special option to reset network settings in Settings > Network and Internet > Status > Network reset.
After resetting the network settings, you need to reboot Windows.
RDP This computer can’t connect to the remote computer: a possible cause
Another possible cause of the RDP error may be a high level of security, which is not supported by older versions of the RDP client.
In this case, open the General tab on the RDP-Tcp properties window, and change the Security layer from default Negotiate to less secure RDP Security Layer.
Tip. Snap-in tsadmin.msc and RDP-Tcp Properties dialog boxes are missing in Windows Server 2019/2016 and 2012 R2. But you can configure the Remote Desktop setting using the local Group Policy Editor (gpedit.msc). The necessary policies are located in the following GPO section: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security.
RDP security level can be specified using the policy named Require user of specific security layer for remote (RDP) connections. Enable this policy, and in the dropdown select the RDP Security level. This will change the Remote Desktop security layer from the default Negotiate to the less secure RDP.
RemoteApp Disconnected: Can’t Connect to the Remote Computer
In some cases, when connecting with Windows 10 to a remote desktop on Remote Desktop Gateway on Windows 2012 R2, an error occurs:
Your computer can’t connect to the remote computer because an error occurred on the remote computer that you want to connect to. Contact your network administrator for assistance.
To fix this problem, you need to perform the following steps on the RDP client:
- Open the Registry Editor (regedit.exe);
- Go to the registry key HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client;
- Create a DWORD parameter with the name RDGClientTransport and the value 1;
- Restart the computer.
The RDGClientTransport parameter forces the clients to use the RPC/HTTP connections instead of HTTP/UDP to connect to the server.
If the above solution didn’t fix the RDP connection error, try to change the collection settings on the RDSH server side. Open properties of your problematic application collection, go to the Security tab, and uncheck the option “Allow connections only from computers running Remote Desktop with Network Level Authentication”.
If the RemoteApp Disconnected error occurs on only a single not-domain joined computer, it is possible, that the different LAN Manager/NTLM policy settings are used on the RDSH host and the desktop computer. This can often cause authentication problems.
Check current Network Security: LAN Manager authentication level policy settings on RSDH using the command gpresult /r c:\tmp\gpreport.html (inspect html file) or using rsop.msc (this policy is located in the section Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options). If LM and NTLMv1 protocols are disabled on your RDSH server (Send NTLMv2 Response only policy value), you must change the appropriate policy settings on the client side.
- To do this, open the local GPO editor (gpedit.msc);
- Go to the GPO section above;
- Enable the policy “Network Security: LAN Manager authentication level”, and set its value to Send NTLMv2 Response only;
- Update the policies on the client with the command gpupdate;
- Check your RemoteApp connection.
Fix: Can’t Connect to the Remote Desktop Gateway Server
There is another error related to Remote Desktop Gateway, on which users run RemoteApps.
Your computer can’t connect to the remote computer because the Remote Desktop Gateway server address is unreachable or incorrect. Type a valid Remote Desktop Gateway server address.
This error looks like this:
Your computer can’t connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance.
If you are facing one of the errors above, then most likely the problem is your computer can’t resolve the public FQDN name of your Remote Desktop Gateway server. In some cases, the public RDGW name can’t match the hostname.
To fix this problem:
- Open the Internet Information Services (IIS) Manager on the Remote Desktop Gateway server;
- Go to the IIS section Sites > Default Website > RDWeb > Pages > Application Settings;
- For the DefaultTSGateway value, enter the server’s FQDN public name of your RD Gateway server, and then restart the web services with the command:
Also, check your RDGW certificate. Your certificate must not be expired.
You can find your SSL certificate info by going to Server Manager > Remote Desktop Services > Collections > Your_Collection > Tasks > Edit Deployment Properties > Certificates > RD Gateway > View Details. Check the certificate expiration date.
Go back to your client PC, and try to start a new RDP session. The connection should be established successfully.
- How to Setup Gmail in Outlook? - October 14, 2021
- How to Clear Browsing History in Safari on iPhone/iPad? - October 11, 2021
- Allow Non-administrators to Install Printer Drivers via GPO - October 1, 2021