none
Remote Desktop Encryption error at the client

    Question

  • I'm suddenly receiving a critical remote desktop error at the client stating the following (it differs from time to time)

    "Because of an error in data encryption, this session will end.  Please try connecting to the remote computer again."

    "Because of a protocol error detected at the client (code 0x1204), this session will be disconnected.  Please try connecting to the remote computer again."

    I've been running on the same windows 7 64 bit build on a Dell M4500 for well over a year in RDP sessions daily over VPN's without issue.  Suddenly one day last week i began receiving this error. I can, on occasion, connect to local LAN RDP's without the error immediately but have experienced the error even on LAN sessions after 3-5 minutes of use.  Sometimes on a LAN it will go much longer.

    Now, for remote sessions, i cannot authenticate at all.  I typically get to the login screen, enter my credentials, then immediately the error pops up and drops the connection.  Every time.  I've tried this to multiple different WAN's so i know it's not at the server level.  I also know it's not on my LAN as other PCs on the LAN connect fine without this error so it's local to this PC.

    After hours of diagnosing and reading articles i decided to just rebuild from the ground up, fresh install of windows, applied all service packs, updates and installed my VPN client and attempted the connection -- same error.  I even used a brand new HDD (SSD) as i was wanting to upgrade it anyway.

    Now i recognize that i should have tried the connection before all other patches were installed (troubleshooting 101, sorry) but trying to avoid a 3rd install and hoping for assistance.  I typically disable system restore so rolling back isn't an option.

    At this point i believe it's hardware related or an update causing the problem.  It's also worthy to note that I've updated NIC and WLAN drivers, disabled TOL, and tried the connections over both connections -- same problem.  I'm almost certain it's a client problem.  I receive the error trying to connection to server 2003, 2008, WIN7 or even XP remote desktop sessions

    Any ideas?  I know, it's a stretch.  If you could even point me to the root of these errors maybe it will trigger some thoughts.

    Best Regards,

    J


    Wednesday, August 08, 2012 3:11 PM

Answers

  • I did this to fix the issue:

    Change Security layer of the RDP-TCP session to "RDP Security Layer".  That seemed to allow us to bypass the schannel errors we were seeing in the logs.  Seems like when you have a second IP it does something to break the SSL host-specific certificate.

    Wednesday, August 08, 2012 4:22 PM

All replies

  • http://www.techzonez.com/forums/showthread.php/9868-Remote-Desktop-Encryption-Error-FIXED check out post #14 may be a solution

    Justin | http://patchmypc.net

    Wednesday, August 08, 2012 3:27 PM
  • I did this to fix the issue:

    Change Security layer of the RDP-TCP session to "RDP Security Layer".  That seemed to allow us to bypass the schannel errors we were seeing in the logs.  Seems like when you have a second IP it does something to break the SSL host-specific certificate.

    Wednesday, August 08, 2012 4:22 PM
  • Hi,

    You can try the following suggestsions.

    1. Disable security software temporarily on both sides to check the result.
    2. Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService\Parameters, in the right pane, delete the following value if they are present.

    Certificate
    X509 Certificate
    X509 Certificate ID


    Niki Han

    TechNet Community Support

    Thursday, August 09, 2012 6:37 AM
    Moderator
  • Can you answer how to Change the Security layer of the RDP-TCP session to "RDP Security Layer"?  
    Wednesday, February 20, 2013 5:42 AM
  • Could you please explain how you changed the security layer of the RDP-TCP session to RDP Security Layer? I am having the same exact issue with one of our computers here and no "fixes" seem to have any effect.
    Wednesday, April 24, 2013 2:44 PM
  • Can you answer how to Change the Security layer of the RDP-TCP session to "RDP Security Layer"?  

    This should be what you need.  http://technet.microsoft.com/en-us/library/cc770833.aspx

    To configure the server authentication and encryption settings for a connection
    1. On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration.

    2. Under Connections, right-click the name of the connection, and then click Properties.

    3. In the Properties dialog box for the connection, on the General tab, select the server authentication and encryption settings that are appropriate for your environment, based on your security requirements and the level of security that your client computers can support.

    4. If you select SSL (TLS 1.0), either select a certificate that is installed on the RD Session Host server, or click Default to generate a self-signed certificate. If you are using a self-signed certificate, the name of the certificate will display as Auto generated.

    5. Click OK.


    Wednesday, April 24, 2013 3:03 PM