Forum / Remote Desktop Manager Mac - Support

OS X 10.8.5 Unable to establish RDP - Error 131084

  • Create an Issue
  • Cancel

@Matthew: The RDP client in Mac and Windows are not the same. On the Windows version we use a component distributed by Microsoft and on the Mac version we use a third party named FreeRDP.
From what we can see in your log your server is sending us a response that we can't decrypt.
What is your Gateway server version?
Did you update it recently?

Best Regards

Benoît Sansregret

signaturesignature

Clock4 yrs

@bsansregret I get access denied on the .config folder. I am an administrator on this machine.

Clock4 yrs

@James Mayes:Even though you are administrator of your computer it doesn't gives you automatically access to every thing.
I have verified with a few of my colleagues and everybody has access to the .config folder. I don't know why you don't have access to the folder and I would suggest that you had access to folder to your user.

Best Regards,

Benoît Sansregret

signaturesignature

Clock4 yrs

What is your Gateway server version?
The gateways actually consist of a single 2008R2 Server and a 2012R2 server, behind a TMG that load balances the connections between the two. We have a few ways to test the connectivity through the TMG via url that prompts from user/pass, as well as being able to view or verify the certificate via the browser, all seems in working order and using any other client connect seems to be fine.

Did you update it recently?
No updates to speak of recently to the Gateway or servers attempting to connect through. Other than the update to the macbook i spoke of earlier.

I went back and started over, 3.5.1 and created a whole new connection for both the attempted RDP server connection object and the TS Gateway object, and the results were the same:

[10:42:05:559] [4763:b039f000] [DEBUG][com.freerdp.core.gateway.tsg] tsg_transition_to_state 1296 - TSG_STATE_AUTHORIZED
[10:42:05:559] [4763:b039f000] [DEBUG][com.freerdp.core.gateway.tsg] TsProxyMakeTunnelCallWriteRequest 819 - TsProxyMakeTunnelCallWriteRequest
[10:42:05:559] [4763:b039f000] [DEBUG][com.freerdp.core.gateway.tsg] TsProxyCreateChannelWriteRequest 1014 - TsProxyCreateChannelWriteRequest
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core.gateway.rpc] rpc_recv_fault_pdu 321 - RPC Fault PDU:
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core.gateway.rpc] rpc_recv_fault_pdu 328 - status: RPC_S_INVALID_TAG (0x000006C5)
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core.gateway.tsg] tsg_connect 1760 - tsg_check failure
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core.nego] nego_connect 154 - Protocol Security Negotiation Failure
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core] freerdp_set_last_error 692 - freerdp_set_last_error ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED [0x2000C]
[10:42:06:763] [4763:b039f000] [ERROR][com.freerdp.core.connection] rdp_client_connect 275 - Error: protocol security negotiation or connection failure
[10:42:06:763] [4763:b039f000] [DEBUG][com.freerdp.client.mac] -[MRDPIPCClient viewDidConnect:] 401 - viewDidConnect
[10:42:06:281] [4763:a4197000] [DEBUG][com.freerdp.client.mac] __39-[MRDPClient invalidatePasteboardTimer]_block_invoke 132 - timer stop

I'm pretty stumped. I'd love to say the gateway's goofed up, but I come at it with anything else, including the roughly 50 others using it, doesnt seem to be the case.

Clock4 yrs

@Matthew Grimes: We never tested our RDP connection behind a TMG server.

From what we see it might be caused by the conjunction of your load balancer and the 2008R2 server.
One possible work around is to add a rule to your load balancer to send all RDP session to the 2012R2 server and Force the Transport to Http
Screenshot+2016+03+31++11+30

We need your help to resolve the issue. If you are able to provide us access to one of your server it would greatly help us debug and fix the issue. I understand that it might not be possible.

The second option to help us fix the issue is to provide us with as much information as possible for us to reproduce your environment:
- Server OS and version.
- What do you use as TMG server?
- Online guide as to how you have configured the TMG server.
-Anything else that might help us understand what might affect the network traffic.

If any of the information I ask of seem to sensitive to post on the forum feel free to send me a private message or an email at bsansregret@devolutions.net

Best Regards

Benoît Sansregret

signaturesignature

Screenshot_2016-03-31__11_30.png
Clock4 yrs

@benoit I was able to give my user account read/write access and your application works perfectly now. Thanks!

Clock4 yrs

Great news James glad I could help

Benoît Sansregret

signaturesignature

Clock4 yrs

I was able to resolve this on the server side. Because the internal server cert is not trusted, NLA will fail with external connections that do not trust the internal domain cert. Disabling "Allow connections only from computers running Remote Desktop with Network Level Authentication" on the remote server resolved it for me.

2016-03-31_13-22-25.png
Clock4 yrs