Oct 14 2022 05:08 AM
I have a problem with one of my networks. After upgrading to Windows 11 22H2, I'm having problems with RDP connections. The clients cannot connect to the machine.
However, there is a workaround that I found working.
The solution is to disable UDP and use only TCP for RDP connections. This should also be done for better security.
Open Windows Registry Editor and go to the following tree:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows NT \ Terminal Services \ Client
Look for fClientDisableUDP. If you can't find it, create a new DWORD entry and set its value to 1.
The RDP should start working fine.
Nov 15 2022 01:44 PM
Nov 16 2022 03:59 AM - edited Nov 16 2022 04:00 AM
That solved also my issue with Remote Desktop stuck at Loading Virtual Machine. Thanks
Dec 07 2022 01:38 PM
Thanks for this solution. I created a batch file and advised the users to run it from an elevated command prompt. The one line that does the work is this:
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client" /v fClientDisableUDP /t REG_DWORD /d 1 /f
Dec 12 2022 03:20 PM
@nanosani Why do you say that UDP should be disabled for better security?
Microsoft recommend that UDP should be used in these scenarios as the initial connections are made via TCP on port 1433 and all traffic is encrypted.
I have never seen anyone say that UDP should be disabled in this scenario for "better security" - in fact when using RDP over a WAN this actually slows down the connections so wherever possible it should be used as per Microsoft's recommendations.
Dec 12 2022 03:31 PM
@RichardDuffySMB Yes you're right for the most part. It should be reliability more than security. The security part really depends upon the circumstances. Forging UDP packets is easier than TCP packets. Can you point me to the link where Microsoft recommends UDP instead of TCP?
Jan 19 2023 04:21 PM
@nanosani I've had to enable this registry entry for a handful of users. They are complaining about being disconnected frequently since implementing this "fix". I really hope MS is putting some kind of priority on fixing this bug.
Jan 19 2023 04:56 PM
Jan 20 2023 10:23 AM
@Merrillie I have Win11 21H2 on VMware esx7, all was fine until I installed office and Visual Studio, then I am keep getting RDP disconnect. Disabled UDP but not much help, still disconnecting. Event log does not have anything useful to troubleshoot this. Really don't want to rebuilt another VM. Do you have any suggestion?
Jan 23 2023 06:21 AM
Sep 20 2023 09:48 PM - edited Sep 20 2023 09:49 PM
I can confirm disabling UDP can help with RDP connections at this point. There's definitely a bug in Windows affecting RDP over UDP right now. Hopefully they patch it soon.
Although, one thing that definitely should be cleared up (@nanosani), is it doesn't increase security by disabling UDP for RDP. The initial connection is negotiated with TCP first, then moved to UDP (over DTLS).
@RichardDuffySMB (Dec 12 2022 03:20 PM) - RDP is (default) port 3389. I'm sure it was a mistake, but wanted to be clear that up 🙂
@nanosani (Dec 12 2022 03:31 PM) - What you say is true, "Forging UDP packets is easier than TCP packets". Although, what you don't understand is it uses DTLS for UDP transmission. The mindset that you're just "forging UDP" is ridiculous on is face. Either way, any attack on this requires MITM to capture and deconstruct to even begin it. Meaning if an attacker is even good enough to succeed at doing that, then the destination has much bigger things to worry about.