SOLVED

Reverse Connect failed

New Contributor

Hey,

 

I have deployed two RDS Session Hosts and they are reported as being available. The vNet has a site-to-site vpn connection to my on-prem network. Firewall rules to allow outbound traffic to "rdgateway-c001-weu-r1.wvd.microsoft.com" for both the vNet and my client are configured. However I can't connect to a session using the webclient. These are the error details:

 

ActivityId 8ff6a237-a452-471a-b56b-e7a404620000

ErrorSource : RDStack
ErrorOperation : SendReverseConnectRequestToStack
ErrorCode : -2147001841
ErrorCodeSymbolic : ConnectionFailedReverseConnectStackTransportError
ErrorMessage : Reverse Connect to 'rdgateway-c001-weu-r1.wvd.microsoft.com' failed with error 0x80075A0F 2147965455. Make sure it is reachable from your network. 'Unknown error (0x80075a0f)'
ErrorInternal : True
ReportedBy : RDGateway
Time : 15.10.2019 12:13:59

ErrorSource : RDStack
ErrorOperation : TransportConnecting
ErrorCode : 40
ErrorCodeSymbolic : ReverseConnectTimeout
ErrorMessage : Reverse connect to the gateway has timed out.
ErrorInternal : False
ReportedBy : RDStack
Time : 15.10.2019 12:14:00

 

What inbound / outbound traffic do I have to allow for both the client and vNet with the session hosts?

 

Best regards

Jonathan

5 Replies
best response confirmed by Eva Seydl (Microsoft)
Solution

@jonathan-b your firewall rules should allow TLS connections over TCP port 443 to the hosts with url matching the wildcard *.wvd.microsoft.com. We don't recommend whitelisting just individual hosts that are resolved by DNS because their names and IPs are dynamic.

 

Alternatively, you can enable Service Endpoint for Microsoft.Web service on the VM subnet

@fdwl thanks for the clarification, unfortunately this did not resolve the issue.

 

What I did:

  • Added a Service endpoint for Microsoft.Web to the vNet
  • Turned off the first Session Host, in order to eliminate the host as error source

The error message was the same, but the error details are different now:

 

ActivityId 123f1cab-6112-4159-baab-a5da77d70000

 

ErrorSource : RDStack
ErrorOperation : SendReverseConnectRequestToStack
ErrorCode : -2147001841
ErrorCodeSymbolic : ConnectionFailedReverseConnectStackServerUnreachable
ErrorMessage : Reverse Connect to 'rdgateway-c001-weu-r1.wvd.microsoft.com' failed with error 0x80075A0F 2147965455. Make sure it is reachable from your network. 'Unknown error (0x80075a0f)'
ErrorInternal : False
ReportedBy : RDGateway
Time : 28.10.2019 15:09:32

 

ErrorSource : RDGateway
ErrorOperation : GatewayConnectionActive
ErrorCode : -2146233083
ErrorCodeSymbolic : ConnectionFailedClientDidNotConnect
ErrorMessage : Client did not start websocket connection
ErrorInternal : False
ReportedBy : RDGateway
Time : 28.10.2019 15:14:52

 

ErrorSource : RDStack
ErrorOperation : TransportConnecting
ErrorCode : 40
ErrorCodeSymbolic : ReverseConnectTimeout
ErrorMessage : Reverse connect to the gateway has timed out.
ErrorInternal : False
ReportedBy : RDStack
Time : 28.10.2019 15:09:34

 

I don't see why there should be any connection problems. There is no Firewall in the vNet and the Windows Firewall on the machines is turned off.

Try to open https://rdgateway.wvd.microsoft.com from the vm. You should get error 404. If it times out, then something is wrong with routing.
I get the expected error 404 and no timeout

@jonathan-b Please open a support ticket to investigate this issue