RDP between subnets not working using netbios or FQDN only IP

Alex Wells 21 Reputation points
2022-10-24T11:44:29.477+00:00

Hi

I have a subnet that I can only RDP into using IP, not NetBIOS or FQDN. The subnet has its own AD/DNS server and is in its own site.

Once I have RDP'ed into any server on the subnet , I can RDP jump from that server to any other server within the subnet using the NetBIOS or FQDN without issue. I can also RDP out from the subset out to any other subnet using FQDN without issue.

FQDN / NetBIOS are resolving to the correct IPs in all subnets.

I have flushed DNS, rebooted, recreated A records, I have modified hosts records - no difference.

repadmin /replsummary isn't showing errors , nor is dcdiag

This subnet has been working fine for 3 years and then suddenly not.

What is the difference between RDPing to NEtBIOS/FQDN and IP other then the resolving step? Could it be a certificate issue? as I notice when you RDP using IP there is cert warning.

My default reaction is it is DNS issue - but I can't see why it is a problem in only one direction and the FQDN to IPs are resolving correctly.

Any ideas appreciated

Alex

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,627 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,042 questions
{count} votes

4 answers

Sort by: Most helpful
  1. Simon Rae 6 Reputation points
    2022-10-24T18:14:00.41+00:00

    We're experiencing this exact same issue out of the blue as of today, but just in one site. In fact, just in one AD site. In our case the issue appears to be Kerberos related, as a packet capture shows KRB errors. If you run a packet capture on your client when you try to RDP onto an affected host, do you see KRB5KDC_ERR_TGT_REVOKED errors coming back from your DC? What OS is on the DC in the affected subnet?

    If you RDP using an IP address instead of a hostname it uses NTLM and not Kerberos. Another thing to check is that the time sync is all good on your servers / clients.


  2. DC 1 Reputation point
    2022-10-28T14:48:22.467+00:00

    Did you happen to resolve this? We are now facing the same issue and can't come up with a solution.


  3. Dirk Haex 81 Reputation points
    2022-10-29T13:21:03.19+00:00

    Can you check if your Domain Controllers have received the following updates:
    KB5018474/KB5018476

    There are known isues with this update causing problems with RDP on FQDN, but IP keeps working.
    https://community.spiceworks.com/topic/2467223-domain-controllers-refuse-to-authenticate-rdp-kb5018419?from_forum=4872

    0 comments No comments

  4. Alex Wells 21 Reputation points
    2022-10-31T11:34:46.877+00:00

    Hi

    I did fix it - but I cheated. I moved the servers into the same Site in AD Sites and Services. And that resolved the issue for me. Thankfully for me that was an option.

    Alex

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.