BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Remote desktop connectivity is usually reliable, but things can -- and sometimes do -- go wrong.
There are five common remote desktop connection problems that come up: network failure, firewall problems, Secure Sockets Layer (SSL) certificate issues, authentication troubles and capacity limitations. You can prevent and solve these problems easily with a few pointers on remote desktop troubleshooting.
A lack of a valid communications path can prevent a client from being able to connect to a remote desktop session. The easiest way to diagnose this particular problem is through the process of elimination.
First, try to establish a session from a client that could successfully connect in the past. The goal is to find out if the problem is specific to an individual client or to the network.
If you do suspect that the network might be to blame, then try to narrow down the scope of the issue to find the root cause. In doing so, you might discover that the problem affects wireless connections but not wired connections. Likewise, you may discover that the problem is unique to VPN traffic or to a particular subnet.
It's easy to dismiss the notion that a firewall could contribute to a remote desktop not working, but it's actually quite common. To avoid problems with the firewall, ensure that the port your remote desktop software uses is open on any firewalls residing between the client computers and the server they connect to. Remote Desktop Protocol (RDP)-based tools use port 3389 by default.
You may need to configure multiple firewalls. For example, the client and the server may both run Windows Firewall, and there will probably be one or more hardware firewalls between the two systems.
Some public networks block RDP traffic. This is especially true of the Wi-Fi networks found on cruise ships, but some hotels, airports and coffee shops have Wi-Fi networks that block RDP traffic.
SSL certificate issues
Security certificates can also cause remote desktop connection problems. Many VDI products use SSL encryption for users who access VDI sessions outside the network perimeter. But SSL encryption requires the use of certificates, which creates two problems that can cause a remote desktop to not work.
First, if the remote desktops are going to connect properly, client computers must trust the certificate authority that issued the certificate. This isn't usually a problem for organizations that purchase certificates from large, well-known authorities, but clients won't always trust certificates that an organization generates in-house. Use a reliable certificate authority to ensure that clients establish remote desktop connectivity.
The client must also be able to verify the certificate that the server is using. The verification process can break down if the certificate has expired or if the name on the certificate doesn't match the name of the server that's using it. So, make sure your certificates are up to date.
Many common remote desktop connectivity problems can be traced to domain name system (DNS) issues. If an admin changed a host's IP address, then clients might not be able to connect to the host until the client's DNS resolver cache expires. Enter the following command on the client computer to clear the cache and force DNS names to be freshly resolved:
Clients may also have trouble connecting to a host if they are using an external DNS server that is unable to resolve hosts on the organization's private network. The solution to this problem is to modify the client's IP address settings to use one of the organization's DNS servers rather than an external DNS.
Finally, you could experience remote desktop connectivity issues if you exceed the infrastructure's capacity. One thing that might cause remote desktops to not be working properly is if you've run out of virtual desktops or VDI licenses. Some VDI implementations also refuse client connections if the server is too busy or if launching another virtual desktop session would weaken the performance of existing sessions.
You can prevent most of these connection problems with just a little preplanning, and good remote desktop troubleshooting skills help when other issues come up. Make sure your SSL certificates are updated, configure firewalls correctly and keep an eye on your VDI capacity.
Evaluating remote desktop connection brokers
Remote Desktop Connection tool resolves Vista and XP snafu
The basics of Remote Desktop Services: The connection broker
Enterprises of all sizes experiencing challenges in remote working