Stuck with EC2 RDP Error “An internal error occurred”? We can help you.
Recently one of our customers informed us he can’t connect to Amazon Elastic Compute Cloud (Amazon EC2) Windows instance with Remote Desktop Protocol (RDP).
Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.
Today, let us see how we can fix this.
EC2 RDP Error “An internal error occurred”
The major causes for this error include:
- Wrong RDP port
- A wrong IP address
- Port 3389 is blocked
- Firewall or network configuration issues
How to resolve this error?
An internal error occurred
When we receive the RDP error message, we check the RDP port with the steps below:
1. We use the NETSTAT to check whether any other application uses port 3389:
Netstat -anob |more
2. Suppose another service or application other than Termservice.exe uses the 3389 port. Then our Support Techs recommend the steps below:
a) Stop the service that uses the 3389 services:
Stop-Service -Name <ServiceName> -Force
b) Then start the terminal service:
Start-Service -Name Termservice
3. If we cannot stop the application, or if this method does not apply, we change the port for RDP:
a) Firstly, we change the port:
Set-ItemProperty -Path 'HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name PortNumber -value <Hexportnumber> Stop-Service -Name Termservice -Force Start-Service -Name Termservice
b) Then we set the firewall for the new port:
Set-NetFirewallRule -Name "RemoteDesktop-UserMode-In-TCP" -LocalPort <NEW PORT (decimal)>
c) Later we update the network security group for the new port.
Troubleshoot using an instance screenshot
With an instance screenshot, we can view visibility into the instance’s status.
Suppose it indicates that the instance OS boots successfully but fails instance status checks. In such a case, our Support Techs suggest the following steps:
- Initially, create a secondary network interface.
- Then attach the secondary network interface to the instance.
- After that, we test connecting to the instance through RDP again.
Verify we use the correct IP address
We need to make sure that we connect to the instance’s private IP address if the instance is in a subnet that uses an AWS NAT Gateway.
Generally, the instance is unreachable on the public IP address behind the AWS NAT Gateway.
Verify that port 3389 isn’t blocked
There shouldn’t be any block by the AWS security group, Network ACL, OS firewall, or antivirus software on port 3389
Ensure we use the correct firewall and network configuration
1. To do so, we run the below command from the local device:
Test-NetConnection -ComputerName yourdomain.exampleco.com -Port 3389
2. From the output, we verify that TcpTestSucceeded is True.
This indicates that the EC2 instance is responding over the network. Hence, we can reach the required RDP port.
[Stuck with the error? We’d be happy to assist]
In short, we saw how our Support Techs fix the EC2 RDP Error for our customers.