Unable to RDP from one Azure VM to another Azure VM using Private IP

Chopda, Mithunkumar 0 Reputation points
2024-05-04T18:11:40.9766667+00:00

I have two Azure VMs in two different VNets. I have VNet peering configured. I have verified the connection between two virtual machines is successful using Test-NetConnection powershell command.

I am able to RDP into VM2 from VM1 and vice-versa using Public IP addresses. However, when I try RDP using Private IP addresses, after the login screen, I run into "Because of a protocol error, this session will be disconnected. Please try connecting to the remote computer again." error.

Both VNets are attached to a NSG that has the default rule + RDP enabled rule.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,284 questions
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
664 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Sina Salam 4,056 Reputation points
    2024-05-05T10:42:47.96+00:00

    Hello Chopda, Mithunkumar,

    Welcome to the Microsoft Q&A and thank you for posting your questions here.

    Problem

    Sequel to your questions, I understand that you can't connect two Azure Virtual Machines (VMs) using Remote Desktop Protocol (RDP) on a local network. These VMs are in different Virtual Networks (VNets) in Azure. Even though you have set up VNet peering and checked connectivity with a PowerShell command called Test-NetConnection, whenever you tried to RDP using the VMs' private IP addresses, you get a protocol error message after logging in.

    Scenario

    Chopda is an Azure cloud administrator responsible for overseeing the infrastructure of a company's Azure environment. The company has set up two Azure VMs, named VM1 and VM2, and placed them in separate Virtual Networks (VNets) within Azure. To allow these VMs to communicate using their private IP addresses, VNet peering has been established between the two VNets.

    Among many tasks, Chopda's current task is to ensure smooth connectivity between VM1 and VM2 for various administrative activities. Although he can easily access each VM using their public IP addresses via Remote Desktop Protocol (RDP), he encounters an issue when trying to establish an RDP connection using the VMs' private IP addresses. After logging in, Chopda faces an error message stating, "Because of a protocol error, this session will be disconnected. Please try connecting to the remote computer again."

    Solution

    This prescribed solution was based on the scenario given and your questions, while focusing on the problem statement. Based on the information provided and the error mentioned, the error can have multiple potential causes. The solution provided here covers the most common troubleshooting steps based on the experience.

    Network

    • Confirm that VNet peering is correctly configured between the two VNets.
    • Check the Network Security Group (NSG) associated with each VNet to ensure that RDP traffic is allowed from the peered VNet's address space

    Firewall

    • Log in to each Azure VM (VM1 and VM2).
    • Open Windows Defender Firewall settings.
    • Create an inbound rule to allow RDP traffic from the private IP address range of the peered VNet.
    # Example PowerShell command to allow RDP traffic from a specific IP range
    New-NetFirewallRule -DisplayName "Allow RDP from Peered VNet" -Direction Inbound -LocalPort 3389 -Protocol TCP -Action Allow -RemoteAddress <PeeredVNetPrivateIPAddressRange>
    
    

    RDP Setting

    • Ensure that Remote Desktop connections are enabled on both VMs.
    • Go to Control Panel > System and Security > System > Remote settings and verify that "Allow remote connections to this computer" is checked.
    • If there are any issues with Remote Desktop Services, restarting them may resolve the problem.
        # Restart Remote Desktop Services on both VMs
        Restart-Service TermService
        # From VM1, initiate an RDP connection to VM2 using its private IP address.
        mstsc /v <VM2PrivateIPAddress>
      

    Finally

    With your said configuration, above steps should work. But if the problem still persists. To specify the exact underlying problem causing the "Because of a protocol error, this session will be disconnected" error during RDP connections between Azure VMs, you'll need to gather more detailed information through systematic troubleshooting and diagnostic steps. These are the steps on how you can approach it:

    • Check the Windows Event Viewer logs on both the clients.
    • Use network monitoring tools like Wireshark or Azure Network Watcher to capture and analyze network traffic during RDP connection attempts.
    • Enable detailed logging for Remote Desktop Services (RDS) on both the clients.
    • Verify that the RDP versions supported by the clients.
    • Double-check all configuration settings related to RDP, including encryption, authentication, session limits, and any custom settings.

    If you carefully follow the above and have a specific error code or find anything that can help further to troubleshoot the issues, kindly post that in the comment. We are here to help.

    References

    Kindly use the additional resources provided by the right side of this page for more information and reading.

    Accept Answer

    I hope this is helpful! Do not hesitate to let me know if you have any other questions.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    Best Regards,

    Sina Salam

    0 comments No comments