none
TCP Socket RST on the port TCP Port 3389 RRS feed

  • Question

  • We are making the RDP Connection using TCP Tunneling on the port 3389 in C#.  But the TCP Socket is disconnecting in 50 seconds. 

    4145    213.992742000   source(my pc)   destination (remote server) TPKT    71  Continuation
    4146    213.998031000   source(my pc)   destination (remote server) TPKT    981 [TCP Retransmission] Continuation
    4167    219.778181000   source(my pc)   destination (remote server) TPKT    85  Continuation
    4191    224.575355000   source(my pc)   destination (remote server) TPKT    1354    [TCP Retransmission] Continuation
    4246    238.663506000   source(my pc)   destination (remote server) TCP 54  49322 > ms-wbt-server [RST, ACK] Seq=173138 Ack=27613 Win=0 Len=0

    In addition to that, I have gone through following the solutions provided. But it not worked for me.

    RDP connections might fail due to a problem with KB2621440 – MS12-020:

    Actually i have tried  this patch in the windows 7. But it already deployed in the machine.

    Socket.Disconnect Method (Boolean): 

    We are not disconnecting socket through code Explicitly. But the socket connection to the end machine (on the port 3389) is disconnecting internally after couple seconds. We have monitor this one using the wireshark. Eventhough, we have send the Keepalive packet in every 10 seconds, but its disconnecting the Socket after the 50 seconds. Due to this we are not able to send the datapacket to the end machine socket which is received from the  Tunneling.


    Please help me to resolve the issue.

    I have the gone the RD Gateway manager and Remote desktop services. Since I am testing the feature the in the corporate the network, I don't how to setup the RD Gateway Manager in the Windows 7 Machine. 

    Please forgive me for grammatically mistakes

    Thanks

    Thangamani

    Friday, September 23, 2016 3:12 AM

All replies

  • Hi,

    First, I suggest you run the command netstat -an to check the status of 3389.

    Then, I think you should check if the port number of RDP binding is 3389?

    To check the port number of RDP binding:

    1. Open registry
    2. Navigate to the path: HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\portnumber

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Sunday, September 25, 2016 1:06 PM
    Moderator
  • Hi Jay,

    Thanks for the response.

    I have verified the above mentioned items

    First, I suggest you run the command netstat -an to check the status of 3389.

    Active Connections

      Proto  Local Address          Foreign Address        State
      TCP    0.0.0.0:80             0.0.0.0:0              LISTENING
      TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
      TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
      TCP    0.0.0.0:2701           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:5357           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:6129           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:8045           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:9008           0.0.0.0:0              LISTENING
      TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING

    Port number of RDP binding in the Registry:

     HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\portnumber

    Portnumber is 3389

    Thanks in advance

    Thangamani

    Monday, September 26, 2016 5:23 AM
  • Hi,

    For disconnection session, I suggest you try to find related log in Event Viewer under the path below.

    Application and Services logs\Microsoft\Windows\TerminalServices-LocalSessionManager

    I have the gone the RD Gateway manager and Remote desktop services. Since I am testing the feature the in the corporate the network, I don't how to setup the RD Gateway Manager in the Windows 7 Machine. 

    >>>The RD Gateway need install on Windows Server OS, it cannot be installed on client.

    In addition, how did you RDP to target machine? Mstsc?

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, September 28, 2016 8:33 AM
    Moderator
  • Hi Jay,

    In addition, how did you RDP to target machine? Mstsc?

     I am trying to connect RDP through socket over internet through Tunnel. Actually we use the  Socket to connect the RDP on the port 3389.

    Thanks

    Thangamani




    Friday, September 30, 2016 2:27 AM
  • Hi,

    Here is a similar thread below for your reference.

    Tunneling a TCP/IP Connection through Remote Desktop Connection

    http://superuser.com/questions/130552/tunneling-a-tcp-ip-connection-through-remote-desktop-connection

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, September 30, 2016 1:02 PM
    Moderator
  • Hi Jay,

    I have gone through the link you have attached. But configuring the SSH will not be possible in my case. We have developed common Tunnel to accept the TCP Socket from both Server and client Side. Basically it will be used for connect RDP,Telnet,SSH and VNC. 

    I have developed applications through C#.

    Regarding the rdp2tcp, i don't find any links to configure the rdp2tcp and rdesktop in the windows machines. Please the share your know if you have knowledge.

    In addition to that I have analysed that the TCP Port 3389 will be blocked by default and if we connect trying to RDP over internet. 

    As per my research, TCP port (3389) should be enabled in the local Windows firewall.

    Thanks

    Thangamani


    Saturday, October 1, 2016 3:57 PM
  • Hi Thangamani,

    Is your program allowing the same communication flow as happens when a client connects directly to the host?  From your description it sounds like you are doing something different.  If you were to look at a decrypted network capture between your program and the RDP host it should appear to be a PC on the local network using mstsc.exe to connect to the host.

    Another way to look at it:  is the communication following the RDP protocol documentation?

    -TP

    Saturday, October 1, 2016 6:15 PM
    Moderator
  • Hi TP,

    I have went through the RDP Protocol documentation.

     Remote Desktop Services Protocols Overview

    As Mentioned in the above documentation, there is a two components that require to connect the RDP over Internet.

    1) RDP Client ( Windows 7 SP1 and more)

    2) RD Session Host Server ( Window server 2003 or more).

    Please clarify if we trying to connect RDP over internet, we have to  connect RDP from Windows 7 to any of the Server OS ( Windows Server 2003 or more ) with the help of the RD Session Host Server.

    We can't to connect the RDP over the internet from Windows 7 to Windows 7 Machine. Since  RD Session Host Server is not possible in the windows 7 Machine

    Thanks

    Thangamani

    Sunday, October 2, 2016 1:34 PM
  • Hi Thangamani,

    The target host does not need to be a server operating system.  It can be any host that supports incoming RDP such as Windows 7 Pro/Enterprise/Ultimate, Windows 8.1 Pro/Enterprise, Windows 10 Pro/Enterprise/Education, etc.

    For connecting over the Internet, one common method that is used is RD Gateway (RDG).  It may be helpful for you to consider how RDG works at a high level.  In essence, the client encapsulates RDP packets in HTTPs, sends them to RDG, RDG unpacks them, and RDG sends to target RDP host via 3389.

    -TP

    Sunday, October 2, 2016 2:29 PM
    Moderator
  • Hi TP,

    Bit Confusing to me. Since I have gone through several links to how to setup the RD Gataway(RDG) in windows 7 but it will be applicable to the Window Server OS.

    Additionally, I have developed three components to make remote connections via RDP,VNC etc..

    1) Device Side Component  - Its Window Service will run on the Target host Machine or Some other machine Based on the IP address mentioned in the config it will make the Connection (Target Host). There will be certificate available with this component. Using the certificate a TCP Socket Connection will made  through Mutual SSL handshake between Device Side and Tunnel. 

    2) Tunnel - (Window Service) - There will be a certificate is installed in this machine and this tunnel is exposed in the outside network via Public Domain name. The Public domain is referred in the Device Side Component and Client Side. With help of this domain name, both Device Side Component and Client Side will make the TCP Connection to this Tunnel Service.

    3) Client Side ( SE Side ) - its Console Application. There will be certificate is refferred to make the TCP connection to tunnel through the mutual SSL Handshake. 

    I am not able to share the images to explain the clearly.

    The following are flow of communication between three components.

    1) A Socket connection from the Device Side(RandomPort) <---- SSL Handshake----------------->Tunnel(443) and another socket Connection from the Device Side(RandomPort)< -------------->TargetHost(3389). These both Socket object will be bounded to the Connection object.

    2) when the Socket connection Device Side to Tunnel went successful and then the Service Engineer will initiate the Client Side Console applicaction and then this application  will make TCP connection from the Client Side(RandomPort) <------SSL HandShake------------> (443)Tunnel.

    3) When the TCP Connection between Client side and Tunnel went Sucessful and Tunnel Services will make connection between Device Side<------------------------------------->Client Side.

    The problem here is, If the Service Engineer intiate the connection from the Client Side within 50 seconds then RDP Connection successfully made without any problem. If the Service Engineer intiate connection after the 50 seconds or  a minute the RDP connection will not succeeded.

    Root Cause:

    We have identified the Socket connection will be disconnected in 50 Seconds between Device Side(443) -------------XXX--------------- TargetHost(3389).

    Please clarify me through RD Gateway will resolve  above mentioned issue.

    Thanks

    Thangamani


    Monday, October 3, 2016 2:12 AM