When you end up giving support to the product vendor

Date: Mar 6, 2020

When you end up giving support to the product vendor

We came across a problem our client was struggling with and needed help to resolve.  We had a look at this "head scratcher" of a problem and roped in Microsoft support to expedite the resolution.  The problem was remote desktop onto another computer running Windows 10 over Direct Access (Microsoft's always on VPN) the session would lock up, it would connect but the screen would freeze and you could only disconnect.   If you used remote desktop onto a server computer over Direct Access it would work just fine.  If you used remote desktop to the Windows 10 pc over the local network it would connect just fine and would not lock up. 

This ruled out a couple of things, firstly it ruled out that remote desktop works over Direct Access because it worked just fine to servers.  Secondly it ruled out that the Windows 10 PC was freezing when a remote desktop session connected because it worked just fine when the connection was made over the local network.   The suggestions from Microsoft were not very helpful, it was basic troubleshooting that we had already done and already informed them about so they asked for logs and then made the same basic fundamental recommendations again which was not helping the situation as we had already done the things they were suggesting. 

In the mean time I decided to try an alternate remote desktop connection application rather than use the built in Microsoft client.  Interestingly the 3rd party remote desktop client would work over the Direct Access connection so again this helped narrow down the issue.  We compared the differences in how the connections were working between the Microsoft remote desktop client and the 3rd party client and we discovered that the Microsoft RDP (remote desktop) client tries to use UDP when connecting to a desktop over what it perceives is a local network.  

There is a group policy in Windows that allows you to kill off UDP over RDP sessions which is what we did next and as if by magic, the built in Microsoft RDP client would then successfully connect to the remote desktop running Windows 10 over Remote Access and would not lock up or have any issues.

In order to run this fix there are two ways it can be done.  Either through a local policy via GPEDIT.MSC or via a domain based group policy.  The location for both are in the same place so I will describe where it is in the local group policy manager. So.... launch GPEDIT.MSC and run as administrator then navigate to "Local Computer Policy\Administrative Templates\Windows Components\Remote Desktop Service\Remote Desktop Connection Client" and it is here that you set "Turn Off UDP On Client" to being Enabled.

When we found this fix we let Microsoft know so that if someone else encounters the same issue we did in future, they will be able to help them more speedily than us (hopefully if they don't go down the same route we were taken).  


We use cookies to give you a better service

By using this website or closing this message you agree to our use of cookies. For more information please view our cookie policy.