Forum Discussion
jhealeysrc
Mar 13, 2024Copper Contributor
W11 Remote desktop issue with W10 host and TLS 1.3 enabled
Our organization has a mixed deployment of Windows 11 (mostly laptops) and Windows 10 (mostly remote desktops). When 22H2 was released, Users with Windows 11 22H2 computers were not able to remo...
Monsey1305
Mar 18, 2024Copper Contributor
It appears that the newer versions of Remote Desktop in Windows 11 22H2/23H2 are not able to negotiate connections with Windows 10 remote desktops when TLS 1.3 server is enabled. This is likely due to the fact that the CipherSuite used by the newer versions is TLS 1.3 compatible only, and Windows 10 does not support that cipher.
Your workaround of disabling TLS 1.3 server on the Windows 10 computer is not ideal, as it reduces the security of the endpoint. It is possible that this issue is a bug in the newer Remote Desktop versions, and it would be wise to report this issue to Microsoft so that they can investigate and provide a fix.
To report this issue to Microsoft, you can open the Feedback Hub app on your Windows 11 computer and submit a new feedback item under the "Remote Desktop" category. In the feedback item, describe the issue you encountered and provide any relevant details, such as the version numbers of the mstsc.exe and mstscax.dll files, the Event Viewer logs, and your organization's security hardening settings. Microsoft should review your feedback and provide any necessary updates or fixes for Remote Desktop.
Your workaround of disabling TLS 1.3 server on the Windows 10 computer is not ideal, as it reduces the security of the endpoint. It is possible that this issue is a bug in the newer Remote Desktop versions, and it would be wise to report this issue to Microsoft so that they can investigate and provide a fix.
To report this issue to Microsoft, you can open the Feedback Hub app on your Windows 11 computer and submit a new feedback item under the "Remote Desktop" category. In the feedback item, describe the issue you encountered and provide any relevant details, such as the version numbers of the mstsc.exe and mstscax.dll files, the Event Viewer logs, and your organization's security hardening settings. Microsoft should review your feedback and provide any necessary updates or fixes for Remote Desktop.