Windows 7 remote desktop encryption error every few minutes

Because of an error in data encryption, this session will now end.

This is the error I've been getting more and more frequently over the past few days, to the point that I can't ignore it because it's happening consistently within 5 minutes of connecting - sometimes within a few seconds. Both the remote and local machines are Windows 7 Pro x64. The remote machine is behind a Linksys RV082, and I'm using UPnP to forward a remote port to the correct local port. This setup had been working fine for several months, and I can't think of any recent relevant changes that might have been made.

Things I've already tried:

Disabling unnecessary components of the network connection on the remote machine, until only IPv4 and Client for Microsoft Networks remain.
Disabling TCP large send offload on both the remote and local machines.
Confirming that the remote machine is not mentioned anywhere in any DMZ settings on the Linksys router.
Confirming that there are no x509-related registry keys screwing things up (this is the suggested fix for a slightly different error anyway).

These are the only solutions I've been able to find after about an hour of searching, and most of them apply to XP or Server 2003 in any case. If anyone could suggest something else, it would be much appreciated.

rfrankel

Posted 2011-01-26T21:03:07.563

Reputation: 171

I had this happen to me a few months ago. I would only get disconnected a few times a day, not as often or as quickly as it sounds like you did. Looking forward to seeing if anybody has any info, although mine has been fine for at least a month now. – G_P – 2011-01-26T21:34:32.560

Answers

I have been researching this as well and I feel like I went down the same road is you since every fix applies to vista/xp. However on Microsoft Technet I found someone who fixed this by deleting the certificate then reconnecting:

I just came across this error myself. I was attempting to remote desktop in from one XP machine >to another. To fix, I went into the Registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters

After exporting this for safekeeping, I deleted the Certificate keys. I restarted the target PC >and was able to successfully connect. I can only surmise that the problem is a corrupted >certificate or something. Deleting the certificate stored in the registry seems to have reset it. >The certificate key is different from the previous one, so maybe the target PC's certificate >expired?

Mostly just guesswork here, but this solution worked for me!

It may not be a definitive fix since this issue seems so random because it worked for months before now but I figured it's worth a shot for you to try.

Source

Update

Try deleting the string value for the machine you are trying to connect to under:HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default

Let me know how it goes I'll check back when I get to my hotel after dinner.

Supercereal

Posted 2011-01-26T21:03:07.563

Reputation: 8 643

Thanks, that's actually what I was referring to when I mentioned the x509 thing. That solves a slightly different error, and in any case, I didn't even have that key in the first place. – rfrankel – 2011-01-26T22:01:23.013

@frankel You don't have that key? I have windows 7 and I do. – Supercereal – 2011-01-26T22:05:20.527

@rfrankel check my update. – Supercereal – 2011-01-26T22:11:30.800

Correct, I do not have a Certificate key in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters on either machine. The only keys in that folder are (Default), ServiceDll, and ServiceDllUnloadOnStop - this is true on both machines.

The (Default) value for HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\ was already blank on both machines. – rfrankel – 2011-01-26T22:18:39.183

very odd @rfrankel I have a huge bank of string values for machines that I have RDP'd to in the past. – Supercereal – 2011-01-26T22:25:09.940

You might want to try a repair on windows. – Supercereal – 2011-01-26T22:25:36.540

Thanks, but I don't think my Windows installation is broken. Is it possible I'm just not configured to use certs for RD auth? I ask because I've never done any cert exchange, and I enter the Windows password of my account on the remote machine when connecting remotely. Or are the certs used by my local machine to auth the remote machine and prevent MITM attacks? – rfrankel – 2011-01-26T23:19:44.367

I searched my registry, and there is only one key named "Certificate", at HKLM\SOFTWARE\Wow6432Node\Microsoft\Cryptography\Providers\Trust\Certificate. There are a number of subfolders of this, each of which is presumably a cert. I could delete this, I suppose...do you think there's any chance that doing so would help? – rfrankel – 2011-01-26T23:42:01.653

Hmm @rfrankel I don't think it would help as I do not think those certs are tied to your RPD. RDP doesn't use "certs" per say it is like you add the computer to your trusted list of computers. It is that message you see about the computer being unknown when you connect for the first time. When you click "do not show again" it adds it as a trusted computer. these are saved in my the reg key I provided in my update. I have a term server farm on my network and have tried to reproduce this error to no avail. I suggested the repair because it will replace the dll's and reg keys connected to MSTSC. – Supercereal – 2011-01-27T02:20:30.857

I feel like this is a corruption error, Then again I could be wrong. But since there is nothing we can find online a repair to restore default settings in essential system files would be a good idea. My next step for you would be to narrow it down to either the host or the client. Try connecting to other pcs (or VMs) with the client and make sure you can keep a session alive for an extended period of time. If the client is fine try connecting a VM or a different client to the host win 7 machine and see if they are able to keep a connection alive for an extended period. – Supercereal – 2011-01-27T02:24:30.760

Thanks - I don't have immediate access to other Windows boxes, but I can try that eventually. I'm actually starting to wonder if my ISP is to blame, since I've been seeing download corruption on at least two machines at home. – rfrankel – 2011-01-27T03:43:07.007

RDP in your case is using your LAN connection so it should not be effected by your ISP. you should try bringing up a VM to test what I said before. You can get free vm player from VMware. – Supercereal – 2011-01-27T13:17:46.443

I had the same problem connectring Windows 7 to Windows 2008R2 server over rdp. I just did a clean install of my computer and it is simply not possible to connect over rdp. After removing Microsoft Sequrity Essesials and instead installing Symantec Endpoint Protection 12.1.2015 everything works just fine.

Ola

Posted 2011-01-26T21:03:07.563

Reputation: 11

Had the same issue on my desktop, so: on the client side. For me the following solved the problem:

Removed the Citrix DNE Lightweight Filter
Removed the Virtual Machine Network Services
Removed the Virtual PC Network Filter service

user249193

Posted 2011-01-26T21:03:07.563

Reputation: 11

Welcome to Super User! I don't know why someone downvoted, but maybe it was because the first sentence made them feel it was a "I have the same problem" post—I expected that too after reading that. I reshuffled a bit, though I cannot validate removing all these things is indeed a solution. – Arjan – 2013-08-28T11:32:08.330

On my system it was the issue.... and to be exact it was the Citrix DNE Filter... there is an update for the Citrix DNE driver... after applying it fixed the issue. So if anyone has the same Driver under network adapter... try updating it. http://www.citrix.com/lang/English/lp/lp_1680845.asp

– user249193 – 2013-08-30T05:04:02.473

I had this issue, I gave up and I Re-Installed W7 on my Dell and RDP worked, only after copying my documents back did it fail again,

What I found was that I had copied the default.rdp file from the old PC and replaced the one on the new PC with it.

I Re-Installed W7 again and then this time didn't copy the default.rdp file over and the PC and RDP works perfectly. (I suppose system restore to a time when it was working could also work,)

After weeks of hunting this was the problem. 1 small file change.

johncfc4life

Posted 2011-01-26T21:03:07.563

Reputation: 1