Announcement

Collapse
No announcement yet.

RDP and FIPS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RDP and FIPS

    Here is my environment

    Windows 2k3 SP2
    RDP 5.2

    Windows XP SP3
    RDP 6.0

    I enabled
    System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing

    Domain wide and now I am having issues with RDP

    XP<>XP does not work
    XP>2k3 does work
    2k3>XP does not work
    2K3>2k3 does work

    On the boxes I am initiating the RDP I get the below error:
    The client could not establish a connection to the remote computer.
    The most likely causes for this error are:
    1) Remote connections might not be enabled at the remote computer.
    2) The maximum number of connections was exceeded at the remote computer.
    3) A network error occurred while establishing the connection.
    4) The remote computer might not support the required FIPS security level. Please lower the client side requried security level Policy, or contact your network administrator for assistance.

    On the xp boxes I have an error in the event viewer system log:
    The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client.

    Is there away to enable FIPS and allow RDP to work from:
    2k3>xp and XP<>XP

  • #2
    Re: RDP and FIPS

    Upgrade Server to RDP 6.0 and see if that helps.
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: RDP and FIPS

      I forgot to mentioned I did try that and it doesn't work.

      I did read this article:

      Remote Assistance connection to Windows Server 2003 with FIPS encryption does not work
      http://support.microsoft.com/kb/811770

      Does this mean FIPS needs to be disabled for RDP to work

      Has anyone ever got this working?
      Last edited by rdrucker; 26th May 2010, 16:10.

      Comment


      • #4
        Re: RDP and FIPS

        It mentions to disable FIPS on XP SP1.
        Did you get RDP TS Client from here? http://support.microsoft.com/kb/925876/

        Can you upgrade XP to SP3? Do one and see if that works.
        1 1 was a racehorse.
        2 2 was 1 2.
        1 1 1 1 race 1 day,
        2 2 1 1 2

        Comment


        • #5
          Re: RDP and FIPS

          My envirnoment is above. I am on Win XP sp3 already

          On my XP I am on the lastest RDP client.

          I am unable to RDP from XP to an XP machine

          I am unable to RDP from 2k3 to an XP machine.

          I am only able to RDP XP to 2k3
          Last edited by rdrucker; 27th May 2010, 19:06.

          Comment


          • #6
            Re: RDP and FIPS

            My apologies, I missed the SP3 in your first post. Put it down to old age.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment


            • #7
              Re: RDP and FIPS

              Originally posted by biggles77 View Post
              My apologies, I missed the SP3 in your first post. Put it down to old age.

              no problem, can someone else test this in a lab. I am thinking that XP doesn't support FIPS for RDP.

              Comment


              • #8
                Re: RDP and FIPS

                Please review: http://support.microsoft.com/kb/811833

                Windows XP clients that use the RDP 5.2 client program and later versions of RDP can connect to Windows Server 2003, Windows Vista, or Windows Server 2008 computers when you enable this option. However, remote desktop connections to Windows XP computers fail when you enable this option on either the client or the server.
                Marcel
                Technical Consultant
                Netherlands
                http://www.phetios.com
                http://blog.nessus.nl

                MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                "No matter how secure, there is always the human factor."

                "Enjoy life today, tomorrow may never come."
                "If you're going through hell, keep going. ~Winston Churchill"

                Comment


                • #9
                  Re: RDP and FIPS

                  Originally posted by Dumber View Post

                  I did see that article and wasn't sure if there was a work around besides disabling FIPS.

                  Comment


                  • #10
                    Re: RDP and FIPS

                    Besides upgrading since you are talking about an 9 year old OS I don't think there is an workaround for it.
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment

                    Working...
                    X