Can't Connect to Azure VM Using RDP

0
votes

I'm setting up a new vanilla Windows Server 2016 VM on Azure cloud, and want to connect via RDP. I followed the steps in the Quickstart guide, but when I try to connect from a Windows 8 client on the company LAN, I get "An internal error has occurred." When I try to connect from an Android client on the public internet, I get "We couldn't connect to the remote PC. This might be due to an expired password. If this keeps happening, contact your admin or tech support for help. Error code: 0x207".

I've already tried the following.

  • Restarted the server
  • Deleted and recreated the VM from scratch
  • Checked the boot diagnostics screenshot (VM is on Ctrl+Alt+Del screen without showing any errors)
  • Checked the network interface rules (HTTP, HTTPS, and RDP allowed on 80, 443, and 3389 respectively over TCP from any source, allowed, prioritised)
  • Reset the configuration (Support + Troubleshooting > Reset password > reset configuration only)
  • Changed the private IP address to a new address within the subnet (10.0.0.4 > 10.0.0.5)
  • Pinged the VM using SysInternals PSPing on the public IP address, port 3389 (0% loss, average 24ms)
  • I can connect using Serial console, and have checked the following:
    • Installed IIS using PS Install-WindowsFeature -name Web-Server -IncludeManagementTools I can view the IIS start screen from my browser using the public IP address
    • Check if the RDP is disabled by polices.
      • reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server " /v fDenyTSConnections > returns 0
      • reg query "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v fDenyTSConnections > key does not exist
    • Check the current configuration of the terminal server. reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v TSEnabled > key did not exist, therefore added it using reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v TSEnabled /t REG_DWORD /d 1 /f > key added successully
    • Check whether set to drain mode reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v TSServerDrainMode > key does not exist
    • Check whether you can connect to the terminal server. reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v TSUserEnabled> returns 0
    • Check the current configuration of the RDP listener. reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp" /v fEnableWinStation > returns 0
    • Check whether you can connect to the RDP listener. reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp" /v fLogonDisabled > returns 0

So I've followed all the online help guides I can find, rebuilt the VM, and tried accessing the VM from two different clients on two different networks, and nothing works! Any ideas?

2
windowsazurerdp
You mentioned you changed the IP, are you trying to access the machine using a public or private IP?Sam Cogan
@Sam - using the public IP to access. I just mentioned the private IP because MS suggests that as a way to force restart the NIC.Ross J

2 Answers

0
votes

I suspect you have two different issues at play here.

  1. You corpnet is blocking outbound RDP (3389) to public IP addresses. This is a typical setup and you can confirm by contacting your network team. Work-around would be to use a VPN. A point-to-site VPN is the quickest way to test this.

  2. The old Android RDP client has some known issues connecting to Server 2016. Try the beta client, https://play.google.com/store/apps/details?id=com.microsoft.rdc.android.beta&hl=en

0
votes

Instead of clicking on Connect, Get the VM IP and try to RDP to it. You can get the VM IP from Networking tab.

enter image description here