Unable to connect to RDP server

Hello,

Thank you for informing us of the issue. 

Yesterday we released the version 2023.1.8 that contained a fix for a connection problem with the RDP session. Could you try it and let us know if it fixed your problem?

In the meantime, we will investigate the logs.

Best regards,

Thanks for your reply.
I’ve just updated to 2023.1.8 and tested.
App is behaving exactly the same - “unable to connect to host”

Hello,

Could you resend the logs please? In the message could you write my name "Maxime Brousseau" to be sure that the logs get to me.

There are also specific RDP logs that you can send me manually to help investigate the issue.

1. Go in the application Options -> RDP and enable the setting "Enable logging"
2. Go back in your vault and launch the session.
3. After getting the “unable to connect to host”, go to More -> File Repository
4. In the folder RdpLogs, there should be a file name RdpLogs.log. Export the file.
5. You should now have access to the file in the RDM folder of the application.

Thank you,

Hello

I’ve uploaded trace logs directly from the app, added your name in message field.
I have also sent you via PM here RDP logs you’ve mentioned.
Hope this helps, there are in fact errors logged within - look for connections to IP address ending in .71 - there will be only one such connection.

To be 100% sure I’ve verified that the same IP .71 still works fine with Microsoft RDP app.

Hello

Thank you for sending the log files. I've had a look through them, but I don't quite understand what the problem is. I see you authenticate successfully against the server using NTLM; next the connection sequence starts. RDM sends the initial message and waits for a response; which is never received, and eventually times out.

I have to assume it's not a network timeout; my only guess is we're either sending (or not sending) some flag or option that the server wants (or doesn't want).

What is the difference between your test (low security) and prod (hardened) servers? Is it just that the test servers don't enforce NLA, or is there some other difference? In your logs I see a number of successful connections to servers using the old RDP security protocol; but I also see at least one successful connection to a server using NLA (although not the .71 example you cite in your last message).

Any insight you can give to the security hardening on your server would be helpful.

Thanks and kind regards,

Hello Richard

Unfortunately I’m not a Windows admin for organization owning these machines, so I don’t know exact details and settings - I’m just using these machines as jump hosts to different environments. I do know that secure machines do not allow clipboard sharing or drive mapping. If NLA is enabled by default it works with default settings. Other settings I’m aware of is ciphers hardening - all hardened servers have specific registry settings applied to exclude all ciphers for all Windows services that are not part of TLS 1.2 or newer suite.

Like you said, it can’t be a network issue - every time I test something within your app I verify the same functionality with Microsoft’s RDP app.
Consistent theme with such testing is that every time RDM doesn’t connect due to whatever reason Microsoft’s RDP does.

Hi WarDriver80

Thanks for the update. It sounds like everything should work.

On my side, I've taken a closer look at the logs you sent. I can see that it appears we are, in some cases, sending a corrupted connection create request to the server. In this case, I'm not surprised that the server doesn't answer.

I will need some time to investigate this on my side, and thank you for your patience. In the meantime - do you know if this connection worked in some earlier version of RDM?

Thanks and kind regards,

In regards to RDM working in the past.- that’s a mixed bag.
This is my first time using RDM on iPad - so in that regard it hasn’t worked previously.
I’m however a longtime user of RDM for Windows and that has been working flawlessly, I’ve used it today without issues for the same servers.

Hello again

On Windows, the default is to use Microsoft's own RDP engine (which supports embedding on that platform). It's not possible to embed MS RDP on other platforms, so we integrate an alternative RDP engine (FreeRDP). Unfortunately, sometimes there is divergence between the two integrations although our goal is to make them functionally equivalent.

There are two things you could check for me:

• On iOS, for the problematic connection - in the connection settings, under Advanced > Codec Level, try changing the codec level to 6 or 7 (the default is 8). Does it change something?
• Since you are an RDM Windows user; can you try going to the problematic connection on that platform and temporarily changing Advanced > RDP Version to "RDP (FreeRDP Latest)". Are you able to connect?

Please let me know if something isn't clear or you have further questions.

Thank you and kind regards,

Hello again

I realized that my earlier statement was wrong: the connection requests to the server look fine; it's just that there was some change in the logging between the two versions of RDM that your log file covers.

In this case, it will be really valuable to troubleshoot this if you are able to perform the two tests I wrote in my previous post.

Please let me know if something isn't clear or you have further questions

Thanks and kind regards,

Hello

I’ve been able to test your points:

1. On iOS it doesn’t make any difference what codec level I choose for connecting. None of them allow me to connect.
2. On windows version of RDM I can connect successfully using FreeRDP Latest, FreeRDP 7.0 and RDP 6.1 - I’ve checked all of them, by default I work with “Latest” option.

I’m starting to wonder if StageManager and working on external monitor with iPad can be the culprit. RDM is not the only RDP app that didn’t work with this server - regardless they were free or paid.

Hello again

Thanks for the follow up and your patience. If FreeRDP works on Windows but not on iOS for this server, I believe it to be a bug or a regression in our FreeRDP integration. This could make sense as RDM Windows is currently using a slightly older version of our FreeRDP code.

There is another test that could really help me to isolate this issue. If you can connect using FreeRDP on Windows, and generate a diagnostic log; I would be able to compare the log with the one you already supplied for iOS and that could give an important clue.

• Open RDM Windows
• In Options > Types > Remote Desktop > Logging, check "Enable Logging" and provide the path to use for the log file (e.g. c:\users\richard\desktop\freerdp-windows-log.txt)
• Close and reopen RDM
• Switch the problematic sessions to "FreeRDP (latest)" as before, and connect
• Confirm the log file is created
• Revert the change to the session and disable logging again in the options

Then, you can send the log file to me. The easiest way might be send it direct via a PM on the forum.

Please let me know if you have some questions, or something isn't clear

Thanks and kind regards

Hello

I've tried to do as yoou've asked. Unfortunatelly my Windows version of RDM doesn't create any logfile.
I've tried several different paths, I've tried tunring logging off and on again - doesnt work.
I can connect normally to RDP service, I just can't make Windows RDM to create a log file for my RDP connection.
None of my RDP connections on Windows create any logs when logging is enabled - it's not just the problematic connection.

There is one wierd app behaviour on Windows. While turning logging off and on, at one time I've got a info message box saying that I need to restart RDM in order to apply settings. I was changing logging settings several times back and forth but this message appeared only once, to make matters more wierd it appeard somewhere in the middle of my tries.

Hello

Just to check, you need to set the RDP Version in the Advanced tab of the session to "RDP (FreeRDP Latest)". You can just change this temporarily for testing.

Connections using MS RDP won't generate any log data; and besides we need an apples-to-apples comparison of Windows and iOS.

Please let me know if something isn't clear

Thanks and kind regards,

I have double and triple checked that I'm running on freerdp. I was. Still no logs.

Hi again

I'm sorry for the trouble. It's not possible to set up an ad-hoc support session via the forum directly, I think it might require you to create a support ticket. I'll check with the support team. Before going down that route, please can you try one more thing for me?

• Open RDM and ensure the logging option is unchecked (disabled)
• Close RDM
• Open cmd.exe and run the following commands:

set "WLOG_LEVEL=DEBUG"
"%PROGRAMFILES%\Devolutions\Remote Desktop Manager\RemoteDesktopManager.exe" > "%USERPROFILE%\desktop\rdm-rdp.log"

• RDM will launch when you press "Enter" after the second command
• Check the connection (the one that is failing on iOS) is configured to "RDP (FreeRDP Latest)"
• Open the connection; once connected you can just close it again

You _should_ have a "rdm-rdp.log" file on your desktop that you can send to me by PM.

Please let me know if something isn't clear

Thanks and kind regards,

Hello

I did exactly as you've described. Everything worked as expected beside the fact, that resulting rdm-rdp.log file was 0 bytes after closing session.

1. I've checked that inapp logging was disabled
2. closed runnign rdm
3. opened command line
4. set env variable for debug mode
5. launched rdm from cli
6. set RDP to FreeRDP Latest
7. connected to my server
8. closed the connection
9. closed rdm

0 bytes logged.

Can those problems stem from the fact I'm using free version of RDM on Windows?
I'm running Windows 11 if that changes anything.

Hello again

Thanks for the information. An empty log file seems to be because the connection is using MS RDP instead of FreeRDP - although I believe that you did change the setting, perhaps something is overriding it. I don't think it's a limitation of the RDM Free SKU.

I am concerned that we're spending time solving an unrelated problem, so let's try a different approach...

I asked the FreeRDP developers (it's an open source project) if they had any idea what could cause this behaviour. We _do_ think it's likely related to a setting or configuration on the client, but not sure. I'm going to do some tests against a Win2k12R2 server and see if I can't figure out some more information.

In terms of hardening, it's simply that TLS 1.0 and 1.1 are disabled on that server?

Thank you for your patience

Kind regards,

Hello

In regards to specifics of hardening I know that Windows team was obligated to (among others) disable EVERYTHING that is not TLS 1.2 compliant as a part of PCI-DSS certification.
https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
Unfortunatelly I don't know the specifics as I'm not on Windows team.

My suggestion to do a live troubleshooting session still stands. We can run it on PC or on iPad. We just need to agree on the date and time.

Hello again

I tried to emulate your setup on my side (Windows 2k12 R2, disabled everything not TLS1.2 compliant) and I didn't experience a problem. So I do believe the issue lies elsewhere.

First, RDM iOS 2023.2 has just been released and it does contain some updates to the RDP engine. I would appreciate if you can install the update and let me know if the problem persists.

If it does, please feel free to email support@devolutions.net, mentioning this forum thread, and they will be able to coordinate a support session with you.

Please don't hesitate if you have further questions.

Thanks and kind regards,