Microsoft RDP problems Windows 11 22H2

Copper Contributor

I have a problem with one of my networks. After upgrading to Windows 11 22H2, I'm having problems with RDP connections. The clients cannot connect to the machine.

 

However, there is a workaround that I found working.

 

The solution is to disable UDP and use only TCP for RDP connections. This should also be done for better security.

 

Open Windows Registry Editor and go to the following tree:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows NT \ Terminal Services \ Client

 

Look for fClientDisableUDP. If you can't find it, create a new DWORD entry and set its value to 1.

 

The RDP should start working fine.

 

 

 

11 Replies
That solved my issue with Remote Desktop stuck at Loading Virtual Machine.
Thank you.

That solved also my issue with Remote Desktop stuck at Loading Virtual Machine. Thanks

@nanosani 

Thanks for this solution. I created a batch file and advised the users to run it from an elevated command prompt. The one line that does the work is this:

 

REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client" /v fClientDisableUDP /t REG_DWORD /d 1 /f

@nanosani Why do you say that UDP should be disabled for better security?

 

Microsoft recommend that UDP should be used in these scenarios as the initial connections are made via TCP on port 1433 and all traffic is encrypted.

 

I have never seen anyone say that UDP should be disabled in this scenario for "better security" - in fact when using RDP over a WAN this actually slows down the connections so wherever possible it should be used as per Microsoft's recommendations.

@RichardDuffySMB Yes you're right for the most part. It should be reliability more than security. The security part really depends upon the circumstances. Forging UDP packets is easier than TCP packets. Can you point me to the link where Microsoft recommends UDP instead of TCP?

@nanosani I've had to enable this registry entry for a handful of users. They are complaining about being disconnected frequently since implementing this "fix". I really hope MS is putting some kind of priority on fixing this bug. 

I haven't had any issues since disabling the UDP however the company I do some work for are moving the Australian users to a new server and I might have to undo this and see if I have any issues. ps. I am the only one who made this change the others are still having issues.

@Merrillie I have Win11 21H2 on VMware esx7, all was fine until I installed office and Visual Studio, then I am keep getting RDP disconnect. Disabled UDP but not much help, still disconnecting. Event log does not have anything useful to troubleshoot this. Really don't want to rebuilt another VM. Do you have any suggestion?

UPDATE: I removed Office, Azure CLI, Linux subsystem then the problem went away. Simply using TCP did not completely fix it.

Perfect!!@nanosani 

I can confirm disabling UDP can help with RDP connections at this point. There's definitely a bug in Windows affecting RDP over UDP right now. Hopefully they patch it soon.

 

Although, one thing that definitely should be cleared up (@nanosani), is it doesn't increase security by disabling UDP for RDP. The initial connection is negotiated with TCP first, then moved to UDP (over DTLS).

 

@RichardDuffySMB (Dec 12 2022 03:20 PM) - RDP is (default) port 3389. I'm sure it was a mistake, but wanted to be clear that up 🙂

@nanosani (Dec 12 2022 03:31 PM) - What you say is true, "Forging UDP packets is easier than TCP packets". Although, what you don't understand is it uses DTLS for UDP transmission. The mindset that you're just "forging UDP" is ridiculous on is face. Either way, any attack on this requires MITM to capture and deconstruct to even begin it. Meaning if an attacker is even good enough to succeed at doing that, then the destination has much bigger things to worry about.