Overview:
If you're unable to connect to a target machine through Remote Desktop Protocol (RDP) in GFI LanGuard, it may be due to incorrect settings on the target machine. This issue is often related to security configurations and user permissions. Below are common symptoms and their causes:
Symptoms:
- Inability to initiate an RDP connection to the target machine.
- Error messages related to security protocols during RDP attempts.
- RDP connection requests not reaching the target machine.
Solution:
To fix this issue, follow these steps:
Step 1: Modify the SecurityLayer Registry Key
-
Open the Registry Editor on the target machine:
- Press
Win + R
, typeregedit
, and press Enter.
- Press
-
Navigate to the following registry path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
-
Locate the
SecurityLayer
key. -
Change the value of the
SecurityLayer
key to0
or1
:0
: RDP connection uses standard security.1
: RDP connection uses SSL (Secure Sockets Layer).
-
Save the changes and close the Registry Editor.
Step 2: Disable "Allow connections only from computers running Remote Desktop"
-
Right-click on This PC or My Computer, and select Properties.
-
In the System Properties window, click on Remote Settings in the left-hand panel.
-
Under the Remote Desktop section, uncheck the option "Allow connections only from computers running Remote Desktop with Network Level Authentication (NLA)."
-
Click Apply, then OK to save the changes.
Step 3: Ensure the User Account Has Administrative Privileges
-
Verify that the user account being used to connect via RDP has administrative rights on the target machine.
- Navigate to Control Panel > User Accounts.
- Ensure the user is listed under the Administrators group.
-
If the account does not have administrative privileges, you will need to grant it access.
Summary
The RDP connection issue in GFI LanGuard can be resolved by modifying the SecurityLayer registry key, disabling Network Level Authentication (NLA), and ensuring the connecting user has administrative privileges on the target machine.