Forum Discussion

jonathan-b's avatar
jonathan-b
Copper Contributor
Oct 15, 2019
Solved

Reverse Connect failed

Hey,   I have deployed two RDS Session Hosts and they are reported as being available. The vNet has a site-to-site vpn connection to my on-prem network. Firewall rules to allow outbound traffic to ...
  • fdwl's avatar
    fdwl
    Oct 25, 2019

    jonathan-b your firewall rules should allow TLS connections over TCP port 443 to the hosts with url matching the wildcard *.wvd.microsoft.com. We don't recommend whitelisting just individual hosts that are resolved by DNS because their names and IPs are dynamic.

     

    Alternatively, you can enable Service Endpoint for Microsoft.Web service on the VM subnet

fdwl's avatar
fdwl
Iron Contributor
Oct 25, 2019

jonathan-b your firewall rules should allow TLS connections over TCP port 443 to the hosts with url matching the wildcard *.wvd.microsoft.com. We don't recommend whitelisting just individual hosts that are resolved by DNS because their names and IPs are dynamic.

 

Alternatively, you can enable Service Endpoint for Microsoft.Web service on the VM subnet

  • jonathan-b's avatar
    jonathan-b
    Copper Contributor
    Oct 28, 2019

    fdwl thanks for the clarification, unfortunately this did not resolve the issue.

     

    What I did:

    • Added a Service endpoint for Microsoft.Web to the vNet
    • Turned off the first Session Host, in order to eliminate the host as error source

    The error message was the same, but the error details are different now:

     

    ActivityId 123f1cab-6112-4159-baab-a5da77d70000

     

    ErrorSource : RDStack
    ErrorOperation : SendReverseConnectRequestToStack
    ErrorCode : -2147001841
    ErrorCodeSymbolic : ConnectionFailedReverseConnectStackServerUnreachable
    ErrorMessage : Reverse Connect to 'rdgateway-c001-weu-r1.wvd.microsoft.com' failed with error 0x80075A0F 2147965455. Make sure it is reachable from your network. 'Unknown error (0x80075a0f)'
    ErrorInternal : False
    ReportedBy : RDGateway
    Time : 28.10.2019 15:09:32

     

    ErrorSource : RDGateway
    ErrorOperation : GatewayConnectionActive
    ErrorCode : -2146233083
    ErrorCodeSymbolic : ConnectionFailedClientDidNotConnect
    ErrorMessage : Client did not start websocket connection
    ErrorInternal : False
    ReportedBy : RDGateway
    Time : 28.10.2019 15:14:52

     

    ErrorSource : RDStack
    ErrorOperation : TransportConnecting
    ErrorCode : 40
    ErrorCodeSymbolic : ReverseConnectTimeout
    ErrorMessage : Reverse connect to the gateway has timed out.
    ErrorInternal : False
    ReportedBy : RDStack
    Time : 28.10.2019 15:09:34

     

    I don't see why there should be any connection problems. There is no Firewall in the vNet and the Windows Firewall on the machines is turned off.

    • fdwl's avatar
      fdwl
      Iron Contributor
      Oct 28, 2019
      Try to open https://rdgateway.wvd.microsoft.com from the vm. You should get error 404. If it times out, then something is wrong with routing.
      • jonathan-b's avatar
        jonathan-b
        Copper Contributor
        Oct 29, 2019
        I get the expected error 404 and no timeout

Resources