CoNetrix Blog

Microsoft TMG Server Not Responding to RDP

Posted on April 28, 2011 10:58 PM

I had applied Windows updates to a customer’s Windows 2008 R2 server that had Microsoft Threat Management Gateway installed, and I could not RDP to the server after rebooting.  I connected to the server locally and could tell from netstat that the server was not listening at all on port 3389.

It turns out that there was a problem with the RDP-tcp protocol not working because it was configured to listen on all available network adapters.  This being a proxy server, it had internal and dmz network adapters.  To fix this issue, set the RDP-tcp protocol to only bind to the internal network adapter.

  • Open Remote Desktop Session Host Configuration.
  • Open th/e properties of the RDP-Tcp protocol underneath Connections.
  • In the Network Adapter tab, change the setting from “All network adapters configured with this protocol” to the specified internal network adapter and hit apply.
  • On the Actions bar to the right, click Disable Connection and then Enable Connection to reset it.
  • Run netstat to confirm that the server is listening on port 3389 again.
E-mail to a Friend | Comments (3)
Tags: , , ,    Category: Networking

Related Posts

Comments

Comment by Nilesh Lahoti

November 18, 2011 12:57 PM

If you ran into issue where you cannot access RDP. than you can also remotely check registry and make following setting changes.

fEnableWinStation under [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp] is set to 0. Set it to back 1 again. This will enable network adapter.


Comment by jose Freyre

February 20, 2012 1:04 PM

This was exactly the issue affecting my instance. Good stuff! Thanks for taking the time to document!

Joey

Comment by Brett

March 6, 2012 5:02 AM

Hi,

Just wanted to mention that this helped loads! Couldn't for the life of me figure out why I couldn't RDP my TMG server after applying updates. Oddly, the RDP-tcp transport in RD Session Host Configuration was allowing all adaptors for RDP, but netstat was only showing the external interface as listening on 3389. So I left the default RDP-tcp transport bound only to the external adaptor with 0 allowed sessions, and created a new connection for the internal adaptor allowing the Administrative limit of 2 - works a treat. Thanks for the post!

Add Comment





[b][/b] - [i][/i] - [u][/u]- [quote][/quote]