You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: Remote Desktop Can't Connect to the Remote Computer
description: Helps resolve the Remote Desktop can't connect to the remote computer related errors.
ms.date: 01/10/2025
manager: dcscontentpm
audience: itpro
ms.topic: troubleshooting
ms.reviewer: kaushika, warrenw, franciscoang, v-lianna
ms.custom: sap:Remote Desktop Services and Terminal Services\Session connectivity, csstroubleshoot
Remote Desktop can't connect to the remote computer
This article helps troubleshoot errors when you connect to a remote machine.
When you use a direct Remote Desktop Protocol (RDP) connection to connect to a Windows machine, the connection fails with one of the following errors. The error occurs before or after entering credentials on the Remote Desktop connection application.
Remote Desktop can't connect to the remote computer for one of these reasons:
1) remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network
Make sure the remote computer is turned on and connected to the network, and that remote access is enabled.
This computer can't connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.
There are several possible root causes, but the main ones are the RDP-TCP listener not working and incorrect network configurations.
Verify if the error is related to the machine's state or performance
First, check if the machine is running. If it is andhas console access (for example, Integrated Lights Out (iLO) for physical machines, or Hyper-V console for virtual machines), test connecting to the machine through it. If successful, proceed to the verify if the error is related to the RDP-TCP listener.
Contact Microsoft Support for further assistance in the following scenarios:
You can't put the machine in a running state.
The machine is in a running state, but the web console access to the machine fails.
Verify if the error is related to the RDP-TCP listener
Run the qwinsta command to verify if the RDP-TCP listener is working for RDP connections to function.
C:\Windows\System32>qwinsta SESSIONNAME USERNAME ID STATE TYPE DEVICE services 0 Disc>console 1 Active rdp-tcp 65536 Listen
Back up the existing key on the affected machine. Then, delete it and replace it with the subkey exported from the functioning machine.
Note
You can't access the machine via RDP with the RDP-Tcp subkey deleted.
Contact Microsoft Support
If the preceding steps can't resolve the issue of RDP-TCP listener not working, contact Microsoft Support for further assistance.
Verify if the error is related to network
If the RDP-TCP listener is working, use the following steps to check if you can connect to the server through a console session (for example, iLO for physical machines, or Hyper-V console for virtual machines):
Type mstsc in the Run box to open the Remote Desktop Connection application.
In the Remote Desktop Connection application, type localhost in the Computer box and select Connect.
The DWORD value PortNumber has the value 0x00000d3d (3389).
If the value is different, Remote Desktop Connection connections should use hostname:port or IPaddress:port as the computer name.
Check Domain Name System (DNS) resolution
If the connection fails when using the machine's hostname, try connecting using its IP address.
If the connection works with the IP address, the issue is likely related to name resolution.
If the connection also fails with the IP address, proceed to the next troubleshooting step.
Check Firewall or Network Security Group configuration
Check if firewall rules allow RDP to the machine, or if the firewall is disabled.
Open wf.msc, select Inbound Rules and look for Remote Desktop – User Mode (TCP-In)Remote Desktop - User Mode (TCP-In) and Remote Desktop – User Mode (UDP-In)Remote Desktop - User Mode (UDP-In). Make sure they arethat they're enabled to all profiles.
You can get the same result with the following PowerShell cmdlet on an elevated session:
If other network elements are restricting traffic, they should be checked.
In case ofWhen using Azure Cloud, check if the Network Security Group (NSG) is configured to allow RDP to a subnet / or network interface card (NIC). NSG is mandatory if you use standard SKU for public IP addresses.
Check Anti-Virus (AV)
Anti-virus can negatively impactaffect RDP connections to machines. If possible, disable the AV service and test the connections.
To completely rule out the AV as the root cause, uninstall it and restart the machine.
Contact Microsoft Support
If the preceding steps can't resolve the issue, the RDP-TCP listener is working and the connectivity test result is False, contact Microsoft Support for further assistance.
Verify machine's configurations and roles
If the RDP-TCP listener is working, and the connectivity test result to the machine is True, other scenarios related to machine's processes, roles or configurations should be checked.
Check the concurrent process using the default RDP port
Run the following commands in an elevated command prompt or PowerShell window, and make sure the Process ID (PID) of TermService matches the one listening on port 3389:
tasklist /svc | findstr TermService
netstat -anob | findstr 3389
For example, TermService with PID 820 is listening on port 3389.
If the PID doesn't match, find what process is listening on port 3389 and stop it. Then, restart the Remote Desktop Services service (TermService).
Check Remote Desktop self-signed certificate
Check if you can re-create the Remote Desktop self-signed certificate by following these steps:
Open the Certificates Microsoft Management Console (MMC) snap-in. When you're prompted to select the certificate store to manage, select Computer account, and then select the affected computer.
In the Certificates folder under Remote Desktop, delete the RDP self-signed certificate.
Restart the Remote Desktop Services service on the affected computer.
If the RDP self-signed certificate has been re-created, go to the next step.
Check RDS roles
Check Remote Desktop Services (RDS) roles
Check if unnecessary RDS roles are installed, on Server Manager > Manage > Remove Roles and Features > Server Roles–- Remote Desktop Services.
If unnecessary roles are installed, uncheck the corresponding box and proceed to remove them (for example, Remote Desktop Connection Broker role). Restart the machine in the end.
Machines with the Remote Desktop Connection Broker role in RDS deployments maymight still encounter the issue if the following conditions are notaren't met:
Check if the Remote Desktop Connection Broker service (TSSDis) is running.
In the Computer Management (compmgmt.msc) snap-in, System Tools > Local Users and Groups > Groups > RDS Endpoint Servers group must contain the NT AUTHORITY\NETWORK SERVICE account.
Contact Microsoft Support
If the preceding steps can't resolve the issue, the RDP-TCP listener is working and the connectivity test result is True, contact Microsoft Support for further assistance.
0 commit comments