![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 23%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 89%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFD%3C/text%3E%3C/svg%3E)
Hi Gabriel,
I hope you are having a nice day.
Below are several troubleshooting steps you might try. Hopefully, it could help you solve the issue.
I) Recreate and Bind the Certificate
- Open Certificates (Local Computer) -> Remote Desktop -> Certificates
- Delete any existing certificate, then right-click -> Create Self-Signed Certificate
- In Registry (under
…\RDP-Tcp\SSLCertificateSHA1Hash) ensure the thumbprint matches your new certificate. - Restart Remote Desktop Services
II) Temporarily Disable Network Level Authentication
- Run
gpedit.msc-> Computer Config -> Admin Templates -> RDS -> Security - Set “Require user authentication for remote connections by using Network Level Authentication” to Disabled
- Restart the server or run
gpupdate /force
IV) Verify FIPS/Encryption Settings
- Open secpol.msc -> Local Policies -> Security Options
- Locate “System cryptography: Use FIPS compliant algorithms…” and set it to Disabled
- Reboot if you make a change.
V) Check Windows Firewall & Port Binding
- Confirm TCP 3389 is allowed in Windows Defender Firewall
- Run on the server:
netstat -ano | find ":3389". (Ensure the listening PID isTermServiceand nothing else is bound)
VI) Review Event Logs for Clues
- In Event Viewer, look under:
- Applications and Services Logs -> Microsoft -> Windows -> RemoteDesktopServices-RdpCoreTS
- … -> Windows -> TerminalServices-LocalSessionManager
- Even non-critical warnings there can hint at driver or security-layer failures
Give these a try and let me know which steps make a difference. If none of the above resolve it, we can dig deeper into RDS licensing, advanced TLS settings, or even reinstall the RDS role as a last resort.
Hope one of these gets you back in!
Best regards,
Finn Dang
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 0%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)