Can not RDP to 2012 R2 Standard server after September 2020 patching

Question

We recently patched to the last level on our Windows 2012R2 Standard servers, and for some reason we lost the ability to RDP to two of them. Not a firewall issue, Windows Firewall, and the require NLA is and has not been selected.
Upon immediate connection to the 2 servers, we receive the error "An Internal Error has occurred" and if you look at the server in question you will see the following Warning in the Event Logs:
Log Name: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
Source: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS
Date: 9/25/2020 10:15:16 AM
Event ID: 226
Task Category: RemoteFX module
Level: Warning
Keywords:
User: NETWORK SERVICE
Computer: SERVERNAME
Description:
RDP_TCP: An error was encountered when transitioning from StatePreparingX224CC in response to Event_ERROR_SendingX224CC (error code 0x0).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-RemoteDesktopServices-RdpCoreTS" Guid="{1139C61B-B549-4251-8ED3-27250A1EDEC8}" />
<EventID>226</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>4</Task>
<Opcode>19</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2020-09-25T14:15:16.262099200Z" />
<EventRecordID>9266</EventRecordID>
<Correlation ActivityID="{F420E4BD-57B4-48DD-BE4D-95AD20100000}" />
<Execution ProcessID="2600" ThreadID="3560" />
<Channel>Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational</Channel>
<Computer>SBFUNDSPFS10.PROD.FUNDS.SUNGARD.NET</Computer>
<Security UserID="S-1-5-20" />
</System>
<EventData>
<Data Name="StateTransition">RDP_TCP</Data>
<Data Name="PreviousState">1</Data>
<Data Name="PreviousStateName">StatePreparingX224CC</Data>
<Data Name="NewState">22</Data>
<Data Name="NewStateName">StateError</Data>
<Data Name="Event">29</Data>
<Data Name="EventName">Event_ERROR_SendingX224CC</Data>
<Data Name="ErrorCode">0x0</Data>
</EventData>
</Event>

You can RDP from these "broken" servers to another server without an issue. And this RDP error occurs when connecting from any Windows client version, etc.
I noticed that this recent (KB4578013) from this month's patching appears to be related to remote connections. Just wondering if anyone has experienced this type of issue and have a solution?

Thanks,

Chris

Answer 1

Hi,

Please try below setting to see if problem persists.

1. Open local group policy (gpedit.msc) on your 2012 R2 servers.
2. Under Computer configuration ->Administrative Templates ->Windows components ->Remote desktop services->RD Session host ->Security
3. Set "Require use of specific security layer for RDP connections" to RDP.
   
4. Run gpupdate.

Thanks,
Eleven

----------

If the Answer is helpful, please click "Accept Answer" and upvote it.

Answer 2

Might check the settings described here.
https://social.technet.microsoft.com/Forums/lync/en-US/627f1c9f-fa4a-47fe-9ae2-7e467d79b91d/rds-2016-remotefx-killing-connections?forum=winserverTS

--please don't forget to Accept as answer if the reply is helpful--

Answer 3

Does this matter if it is just a File Server and not an RDS server? We don't use RDS servers in our environment.

Answer 4

Well it relates to the RemoteFX module 226 warning you posted.

Might also try from PowerShell at source and target machines.

Test-NetConnection -ComputerName "192.168.49.142" -CommonTCPPort "RDP" -InformationLevel "Detailed"

--please don't forget to Accept as answer if the reply is helpful--

Answer 5

@Eleven Yu (Shanghai Wicresoft Co,.Ltd.) > Worked for me