Windows Server 2012 - RDP over UDP not working

windows-server-2012 rdp udp

I have a Windows Server 2012 (not R2) machine, hosted within Hyper-V virtualization with RD Session Host & RD Gateway installed. It is used to run a desktop GIS application.

The performance over WAN is quite poor. I added UDP port to NAT in order to improve the performance, but the UDP connection is still not used.

In the LAN-testing environment (to avoid NAT / firewall misconfigurations), I connect from a Win10 machine. The Connection Info bar shows "excellent quality", but does not mention anything about UDP. In case of the reverse connection (Windows Server => Windows 10), the connection info bar says that UDP is enabled.

I completely turned off Windows Firewall installed on the Windows Server. I double-checked that UDP transport is enabled in RD Gateway. There is no difference if I connect using Gateway (443+3391) or Direct (3389+3389). I restarted whole machine twice and scrolled over all links in first three google result pages.

Do you have any idea what can be wrong?


I suspect a routing error. Run a wireshark to be sure the UDP packet get received. As I seen it's over a WAN, router usually does not allow well the packets.

1.5 Prerequisites/Preconditions

The protocol endpoints require UDP connectivity to be established. The network path between the endpoints should allow the transfer of UDP datagrams in both directions.

The prerequisites for this protocol are identical to those for the UDP protocol.

1.3.2.1

UDP Connection Initialization In this phase, both endpoints are initialized with mutually agreeable parameters for the connection. The terminal client initiates the connection by sending a SYN datagram. The terminal client also determines the mode of operation, RDP-UDP-R or RDP-UDP-L, as described in section 1.3.1. The terminal server responds with a datagram with the SYN flag set, along with an ACK flag, to acknowledge the receipt of the SYN datagram. The terminal client acknowledges the SYN datagram by sending an ACK. The terminal client can append the Coded Packets along with the ACK datagram. This datagram indicates that a connection has been set up and data can be exchanged. All datagrams in this phase – the SYN, SYN+ACK, and ACK – are delivered reliably by using persistent retransmits, irrespective of the mode that the transport is operating in.


Have you checked that UDP is able to pass through the host Hyper-v server?

If possible try using an alternate virtual network adapter type in the virtual switch manager and/or that the physical network adaptor config settings to identify any UDP related settings that maybe off.


I chased this issue around for quite a while and coudn't find the solution elsewhere. Same situation as yours, connecting directly to the RDS Server didn't work with UDP transport. UDP 3391 was listening and not blocked by firewall. Other non-RDS servers did work with UDP transport.

Configured the following GPO, ran gpupdate /target:Computer /force, and voila, it's working.

Set Computer Configuration > Remote Desktop Services > Remote Desktop Session Host > Security > Require use of specific security layer for remote (RDP) connections to Enabled (SSL)

Related

How to get SASL authentication to work with DIGEST-MD5 for OpenLDAP?
Is SNMP v3 supported in Windows Server 2016?
SSH through intermediate host fails only on myuser@mymac but works elsewhere
How to turn off 'protected-mode' in Redis?
Windows - turn off high contrast mode via GPO or script?
Networking between KVM VM and docker container on same host
Slow sequential speeds on 9x7-drive raidz2 (ZFS ZoL 0.8.1)
Nagios Monitoring Text on a Website
Cancel Database Take Offline
Adding 60TB Storage to an SLES 10 Server
Are there any pitfalls to DKIM?
Why are shared libraries on Linux executable?