An improper RDP setting or local group policy security generally cause the error, Remote Desktop Connection: An Internal Error has Occurred.
Here, at Bobcares we have come across situations where RDP client freezes with this error.
Yeah, we hate it too. That’s why our Experienced Server Admins are here to help you.
Remote Desktop Connection: An Internal Error has Occurred
Since Remote Desktop Connection is used by many users for their business or personal purposes, this error can turn out to be quite the pain.
For example,
While trying to connect from Windows 10 to a server running Windows Server 2012 R2 using RDP, we received the following error:
This might be a result of installation and configuration of RemoteApps.
The RDP console message “An internal error has occurred” may appear in different cases and the cause can be either Remote Desktop server or client issues.
In this article, let us see a few methods our Support Techs use to solve the problem.
Causes of Remote Desktop Connection: An Internal Error has Occurred
- Connection settings:
For some users, their Remote Desktop Connection client settings can be a cause for this error.
- RDP Security:
In some cases, the error can appear due to the Security of the Remote Desktop Protocol. In this case, we have to change the security layer.
- Computer’s domain:
Another possible reason can be the domain to which the system connects. In such a case, removing the domain and then joining it again will fix the issue.
Solutions for Remote Desktop Connection: An Internal Error has Occurred
First of all, we should make sure that the RDP port 3389 accepts connection on the RDS server, and that the connection is not blocked by the firewall (Test-NetConnection your_rdp_server –port 3389
).
For instance, the Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational log once showed that it creates the RDP session:
The server accepts a new TCP connection from client (IP address):64379.
Connection RDP-Tcp#4 created
However, the RDP session terminates the later without any error:
The server has terminated main RDP connection with the client.
The disconnect reason is 0
We have to check the status of the Remote Desktop Services on our remote server and restart the service.
We can do it remotely through the Services.msc
console (“Connect to another computer” option), but it is easier to check a service status and restart it using PowerShell:
(Get-Service TermService -ComputerName ny-rds1).status
Once the service is running, we restart it:
Get-Service TermService -ComputerName ny-rds1| Restart-Service –force –verbose
Let us now see some more ways our Support Techs use to fix, Remote Desktop Connection: An Internal Error has Occurred
Here are some other ways to solve it
- In the EventID 1057 in the TerminalServices-RemoteConnectionManager event log , go to the folder
C:\ProgramData\Microsoft\Crypto\RSA,
here, we rename the Machinekeys folder into Machinekeys_bak and restart the TermService
- The RDP problem happen in Windows 10 1809 if the Configure H.264/AVC hardware encoding for Remote Desktop connections policy is enabled on the remote computer.It is located in the following GPO section: Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Remote Session Environment.To solve the problem, we need to disable the UDP protocol for RDP by creating the fClientDisableUDP parameter with the value 1 in the registry key
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client
- If the error appears immediately after clicking connect, we have to try increasing the maximum outstanding RDP connections limit.On Windows 10 the SKUs by default is set to 100, but on Windows Server is 3000.Run the
regedit.exe
and create the DWORD registry parameterMaxOutstandingConnections
with the value 10000 in the reg keyHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\.
- In the client machine, clear the RDP connection history in the registry key
HKEY_CURRENT_USER\Software\Microsoft\TerminalServerClient\Servers
Once it is done, reset the RDP cache inC:\Users\%Username%\AppData\Local\Microsoft\Terminal Server Client\Cache.
Prior to doing it, we have to close all running mstsc.exe sessions):del “C:\Users\%Username%\AppData\Local\Microsoft\Terminal Server Client\cache”
RRestart the computer.
Moving forward, our support techs found that there are various other possible ways to fix, ‘Remote Desktop Connection: An Internal Error has Occurred’. Let us discuss it in detail.
-
Change Remote Desktop Connection Settings
To start off, we will try to isolate the issue by changing the RDP settings a little bit. Some users have reported that their issue was resolved once they checked the ‘Reconnect if the connection is dropped’ box.
Let us see how we do it:
- Go to the Start Menu, search for Remote Desktop Connection, and open it up.
- Click on Show Options to unveil all the settings.
- Switch to the Experience tab and then make sure ‘Reconnect if the connection is dropped’ box is checked.
- Try connecting again.
Rejoin Domain
The error message is sometimes generated due to the domain we have connected our system to. In such cases, removing the domain and then joining it again will fix the issue.
Here is how we do it:
- Press Windows Key + I to open Settings.
- Navigate to Accounts and then switch to the Access work or school tab.
- Select the domain connected to our system to and then click Disconnect.
- Click Yes when prompted to confirm.
- Disconnect the system and then restart as prompted.
- Once done, join the domain again if required.
- Try using RDP again.
Change MTU Value
Another way of fixing the issue would be to change the MTU value. Maximum Transmission Unit is the largest size of a packet that can be sent in a network. Dropping the MTU value can help in fixing the issue.
Here is how we do it:
- To change MTU value, download TCP Optimizer.
- Once downloaded, open up TCP Optimizer as an administrator.
- At the bottom, select Custom in front of Choose settings.
- Change the MTU value to 1458.
- Click Apply Changes and then exit the program.
- Check if it fixes the issue.
Change Security of RDP in Group Policy Editor
In some cases, the error message pops up due to our RDP security layer in the Windows group policies. In such scenarios, we will have to force it to use the RDP Security layer.
Here is how we do it:
- Go to the Start Menu, search for Local Group Policy and open up ‘Edit group policy’.
- Navigate to the following directory:
Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security - On the right-hand side, locate the ‘Require use of specific security layer for remote (RDP) connections’ and double-click it to edit it.
- If it is set to ‘Not configured’, select Enabled and then in front of Security Layer, choose RDP.
- Click Apply and then hit OK.
- Restart the system so that the changes take effect.
- Try connecting again.
Disable Network Level Authentication
We can also try to fix the issue by disabling Network Level Authentication or NLA. The issue can, at times, be caused if we or the target system is configured to only allow remote connections that are running Remote Desktop with NLA. Disabling it will fix the issue.
Here is how we do it:
- Go to Desktop, right-click on This PC and select Properties.
- Click on Remote Settings.
- Under Remote Desktop, un-tick the ‘Allow connections only from computers running Remote Desktop with Network Level Authentication’ box.
- Click Apply and then hit OK.
- See if it isolates the issue.
Restart Remote Desktop Service
In some cases, restarting the Remote Desktop Service does the trick, so, in this step, we will be manually restarting it.
For that:
- Press “Windows” + “R” to open Run prompt.
- Type in “services.msc” and press “Enter“.
- Double click on “Remote Desktop Service” and click on “Stop”.
- Click on “Start” after waiting for at least 5 seconds.
- Check to see if the issue persists.
Disable VPN Connection
It is possible that our computer might be configured to use a proxy or a VPN connection due to which its internet connection might be routed through another server.
This might be preventing from being able to properly establish a connection. Therefore in this step, we will be disabling the internet explorer’s proxy settings and we also have to make sure to disable any VPNs running on the computer.
- Press Windows + R key on the keyboard simultaneously.
- A run dialog box will appear on the screen, type “MSConfig” in the empty box, and press OK.
- Select the boot option from the system configuration window and then check the “Safe Boot” option.
- Click apply and press OK.
- Restart PC to boot into the safe mode.
- Again, press the same “Windows” + “R” keys simultaneously and type “inetcpl.cpl” in the Run dialog box and press “Enter” to execute it.
- An internet properties dialog box would appear, select the “Connections” tab from there.
- Uncheck the “Use a proxy server for your LAN” box and then click OK.
- Open MSConfig again now and this time uncheck the safe boot option save the changes and restart computer.
- Check to see if the error message persists.
-
Reconfigure Local Security Policy
This is another way to fix the issue in which we should use the Local Security Policy utility. We can do it by proceeding with the following steps:
- Press “Windows” + “R” to open the Run prompt.
- Type in “Secpol.msc” and press “Enter” to launch the Local Security Policy Utility.
- In the local security policy Utility, click on the “Local Policies” option, and then select the “Security Option” from the left pane.
- In the right pane, scroll and click on the “System Cryptography” option
- Use FIPS 140 compliant cryptographic algorithms, including encryption, hashing and signing algorithms” option.
- Double click on this option and then check the “Enabled” button on the next window.
- Click on “Apply” to save changes and then on “OK” to close out of the window.
- Check to see if doing so fixes the issue.
Allow Remote Connections
It is possible that Remote Connections are not allowed according to some system configurations. In this step, we will be reconfiguring this setting from the Control Panel and then we will check to see if doing so fixes this issue on our computer.
In order to do that:
- Press “Windows” + “R” to launch the Run prompt.
- Type in “Control Panel” and press “Enter” to launch the classical control panel interface.
- In the Control Panel, click on the “System and Security” option and then select the “System” button.
- In system settings, click “Advanced System Settings” from the left pane.
- Click on the “Remote” tab and make sure that the “Allow Remote Assistance Connections to this Computer” option is checked.
- In addition to that, make sure that the “Allow Remote Connections to this Computer” tab below it is also checked.
- Click on “Apply” to save the changes and then on “OK” to exit out of the window.
- Check to see if doing so fixes this issue on computer.
Change the Startup of Service
It is possible that the Remote Desktop service has been configured in such a way that it is not allowed to start up automatically. Hence, we will be changing this configuration and we will allow the service to be started automatically.
To do it, we follow the steps below.
- Press “Windows” + “R” to launch the Run prompt.
- Type in “Services.msc” and press “Enter” to launch the service management window.
- In the service management window, double click on the “Remote Desktop Services” option and then click on the “Stop” button.
- Click on the “Startup Type” option and select the “Automatic” option.
- Closeout of this window and return to to the desktop.
- After doing so, restart computer and check to see if the issue persists.
Enable Persistent Bitmap Caching
Another possible reason is the “Persistent Bitmap Caching” feature being disabled from the RDP settings. In this step, we will launch the Remote Desktop Connections app and then change this setting from its experience panel.
In order to do this, we follow the steps below:
- Press “Windows” + “S” on keyboard and type in “Remote Desktop Connection” in the search bar.
- Click on the “Show Options” button and then click on the “Experience” tab.
- In the experience tab, check the “Persistent Bitmap Caching” option and save changes.
- Try to make the Remote Desktop connection and then check to see if the issue still persists.
Disable Static IP on Computer
One possible cause is that we might have configured our network adapter to use a static IP and it is not aligning with the Remote Desktop Connection properly. So, we will be disabling the Static IP on our computer through the network configuration settings.
For that:
- Press “Windows” + “R” to launch the Run prompt.
- Type in “ncpa.cpl” and press “Enter” to launch the network configuration panel.
- In the network configuration panel, right-click on the network adapter and select “Properties”.
- Double-click on the “Internet Protocol Version 4 (TCP/IPV4)” option and then click on the “General” tab.
- Check the “Obtain IP Address automatically” option and save changes.
- Click on “OK‘ to exit out of the window and check to see if the issue still persists.
Reconfigure SonicWall VPN
If we are using the SonicWall VPN client and use the default configurations with that application, this error might spring up. Therefore, in this step, we will be changing some settings from within the VPN.
For that:
- Launch Sonicwall on the computer.
- Click on “VPN” and then select the “Settings” option.
- Look for “WAN” under the VPN policies list.
- Click on the “Configure” option to the right and then select the “Client” tab.
- Click on “Virtual Adapter Settings” dropdown and select the “DHCP Lease” option.
- Check to see if doing so fixes the issue.
- If this issue still is not fixed, we will have to remove the current DHCP lease from the VPN.
- Navigate to the “VPN” option and then select the “DHCP over VPN” button.
- Delete the already existing DHCP lease and restart the connection
- Check to see if the issue persists after doing this.
Diagnose Connection through Command Prompt
It is possible that the computer that we are trying to connect to might not be available for connection. Hence, we will have to diagnose.
For this purpose, we will be using the command prompt to first identify the IP address of the computer and then we will use the command prompt on our computer to try and ping it.
If the ping is successful, the connection can be made, if it isn’t that means that the computer that we are trying to connect to is at fault.
For this purpose:
- Gain access to the computer we want to connect to locally and press the “Windows” + “R” keys on its keyboard to launch the run prompt.
- Type in “Cmd” and press “Enter” to launch the command prompt.
- In the command prompt, type in the following command and press “Enter” to display the IP information for the computer.
- Note the IP address listed under the “Default Gateway” heading which should be in the “192.xxx.x.xx” or a similar format.
- Once we have acquired the IP address of the computer, we can come back to our own computer for further testing.
- On personal computer, press “Windows” + “R” to launch the Run prompt and type in “Cmd” to open the command prompt.
- Type in the following command in the command prompt and press “enter” to execute it:
ping (IP ADDRESS of the computer that we want to connect to)
- Wait for the command prompt to finish the pinging of the IP address and note down the results.
- If the ping is successful, it means that the IP address is accessible.
- Now we will be testing the “telnet” capability of the computer by checking if telnet is possible over the IP address.
- For that, press “Windows” + “R” and type in “Cmd” to open the command prompt.
- Type in the following command to check if telnet is possible on the port which is required to be open by the RDP client:
telnet <IP address> 3389
- We should be seeing a black screen if this telnet is successful, if it is not it means that the port is being blocked on our computer.
Reconfiguring the Windows Firewall
If the black screen is not returned, it means that the port might not be opened on our computer due to which this issue is being shown while trying to telnet on the port.
Therefore, in this step, we will be reconfiguring the Windows Firewall to open the specific port on our computer. For that:
- Press “Windows” + “I” to open settings and click on “Update & Security”.
- Select the “Windows Security” tab from the left pane and click on the “Firewall and Network Security” option.
- Select the “Advanced Settings” button from the list.
- A new window will open up, Click on the “Inbound Rules” option, and select “New Rule“.
- Select “Port” and click on “Next”.
- Click on “TCP” and select the “Specified Local Ports” option.
- Enter in “3389” into the port number.
- Click on “Next” and select “Allow the Connection“.
- Select “Next” and make sure all three options are checked.
- Again, click on “Next” and write a “Name” for the new rule.
- Select “Next” after writing a name and click on “Finish“.
- Similarly, go back to the 4th step that we have listed and select “Outbound Rules” this time and repeat the whole process to create an Outbound Rule for this process as well.
- After creating both an inbound and an Outbound rule, check to see if the issue persists.
Turn off UDP on Client
It is possible to fix this issue by simply changing a setting inside the registry or from the group policy.
If we are using Windows Home version, we can try going about this solution using the registry method, and otherwise, implement the group policy method from the steps below.
Registry Method:
- Press “Windows” + “R” to launch the run prompt.
- Type in “regedit” and press “Enter” to launch the Registry.
- Inside the registry, navigate through the following options.
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client
- Inside this folder, set the fClientDisableUDP option to “1”.
- Save changes and exit out of the registry.
- Check to see if adding this value to the registry fixes this issue.
Group Policy Method:
- Press “Windows” + “R” buttons on keyboard to launch the run prompt.
- Type in “Gpedit.msc” and press “Enter” to launch the Group Policy Manager.
- In the Group Policy Manager, double click on the “Computer Configuration” option and then open the “Administrative Templates” option.
- Double click on “Windows Components” and then double click on the “Remote Desktop Services” option.
- Double click on the “Remote Desktop Connection Client” and then double click on the “Turn off UDP on Client” option.
- Check the “Enabled” button and save changes.
- Exit out of the Group Policy manager and then check to see if the issue persists.
Use PowerShell Command
If for some reason we are unable to add the registry value as indicated above, we can also implement this change using the Windows Powershell utility. For that purpose:
- Press “Windows” + “X” on keyboard and select the “Powershell (Admin)” option.
- Type in the following command inside the PowerShell window and press “Enter” to execute it:
New-ItemProperty ‘HKLM:\SOFTWARE\Microsoft\Terminal Server Client’ -Name UseURCP -PropertyType DWord -Value 0
- After the command is executed, check to see if the issue still persists.
[Still facing the error? We are here to help you fix!]
Conclusion
In short, the error, Remote Desktop Connection Error: Internal Error has Occurred is often caused by RDP settings or its local group policy security. But the fix involves various ways.
Today, we saw some solutions provided by our Support Engineers.
I am searching on google how to solve RDP connection error problem and I find your post, hopefully, it will work. Thanks in advance!
Thanks for the feedback Devid.