Mindphas3r

Remote Desktop not working anymore (Win 7 x64)

Recommended Posts

Hi guys,

I have a desktop machine and a laptop, both running on Win 7 Pro x64. Both are running Online-Armor Premium (5.1.1.1395) and for antivirus protection Avira Antivirus Premium 2012. Both machines have all updates (incl. the Windows updates).

Until about 2 months ago I was able to use Win Remote Desktop into both directions without any problems. However, then suddenly it stopped working: Starting a RDP session from my laptop to the desktop works in a way that after clicking "Connect" it recognizes my desktop and asks for the credentials. After entering the correct credentials the RDP window then just disappears and that's it. On both machines the default RDP port (3389) for TCP In (svchost.exe) is allowed in the Ports table (under Firewall).

I don't think it has anything to do with any new installs, it is probably more likely it has to do with some updates from Online-Armor? In the log files I couldn't find anything meaningful for my RDP issue, other than a whole bunch of "Blocked by restricted port list (untrusted)" messages (TCP port 2869 and UDP ports 137, 138). "Close and Shutdown Online-Armor" doesn't fix the issue, I have to reboot both machines with the option "Launch Online Armor at next startup" unticked so both machines start up without any Online Armor service running from the beginning. With a freshly booted Win7 and no Online Armor running I can finally run Remote Desktop sessions without any problems. Strange enough, after I have established an RDP session, I can start OA on both machines and the RDP session is still working. However, as soon as I then close the RDP session and try to establish a new one...same issue, it wouldn't work the same way as explained above.

All my "Interfaces" are trusted and same applies to the "Computers" section. Does anyone have any idea???

Thanks!

Share this post


Link to post
Share on other sites

The blocked entries were from within my network, e.g.:

[05/01/12 12:28:22] 8444/20FC TCP <- 192.168.0.xxx:2869 [this is my laptop], 192.168.0.yyy:49404 [this is my desktop], System(4/0)

[05/01/12 12:28:22] 8444/20FC Blocked by restricted port list (untrusted)

I don't think this is related to RDP. In the "Restricted Ports" list port 2869 is marked as restricted by default by OA (ms-icslap), but as far as I know this is not an RDP port. Both IPs above are marked as trusted on each machine, interfaces and RDP port are trusted as well. Also, today I have been doing a couple of more tests with RDP, but couldn't find any entries in the OA logs, not on my laptop, nor on my desktop (although logging for blocked events is enabled). I started both machines again with OA turned off and RDP worked. I closed RDP and started OA only on the client (laptop) and tried to RDP into my desktop, didn't work (and no logs).I am puzzled what has changed, up until about 2 months (maybe only 4-6 weeks ago) it was working just fine for 2 years.

Share this post


Link to post
Share on other sites

It just seems strange that the restricted ports list entry has (untrusted) in brackets. Could be completely unrelated to the issue with RDP but Restricted ports shouldn't be blocked for local connections if the interface is trusted like yours is. I guess it's unlikely this would make any difference to the RDP issue, but perhaps try unchecking the Trust box for your interfaces and untrusting on the computer list etc, then recheck them and reboot and see what happens. If you are seeing the same entries in the log for the other computer, then you could try the same there also.

Share this post


Link to post
Share on other sites

Hmm, this is getting frustrating. I unchecked the trust boxes for all interfaces on both machines and untrusted each IP in the Computer list on both machines. After that I rechecked/re-trusted them all again and rebooted both machines. I also deleted the RDP port (3389) from the Ports list to enforce a new "trust check" when firing up the RDP session. Starting a new RDP session ended with the same result though, the Remote Desktop login screen disappears after entering the password and that's it. No error message, no entries in the OA logs (on both machines). I tried RDP sessions on both ways, no success. I have no problem seeing both computers on each networks list and I can ping both computers without any problems. But the RDP session still only works when starting up both computers without OA on startup. Really painful to restart both machines when you have multiple windows and programs running just to start an RDP session into the other machine. :( Any other ideas?

Share this post


Link to post
Share on other sites

If the firewall log is showing nothing being blocked at the time, then I really don't know. You could try enabling Learning mode and reboot both machines and then try connecting and see if it works and OA learns something it was missing before, but I imagine it's unlikely that would help.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.