Share via

can't connect to the Remote Desktop Gateway server - An TLS 1.0 connection request was received from a remote client application

fborup 1 Reputation point
2020-09-01T04:55:25.79+00:00

I have a Win2008R2 fully patched (as possible)

We have been asked to enable only TLS 1.2, so we downloaded IISCrypt and i disabled all but TLS 1.2
But it´s clear to me that RemoteAPP gateway is using TLS 1.0:

RemoteApp Disconnected
Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance.

and

An TLS 1.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

So, how can I fullfill m y requirement, without breaking RemoteAPp?

When users see my Web Portal, it´s noticeable that we´re using TLS 1.0, so can we get rig of all but TLS 1.2 options and still, successfully use my TS Server?

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,538 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,756 Reputation points Microsoft Vendor
    2020-09-01T07:04:34.087+00:00

    Hi,

    What is your Remote Desktop Client's OS version? And what your RDP client's version?

    For OS version, you can run winver in CMD on your client computer. The OS information will display as below.

    21819-image.png

    For RDP client's version, open remote desktop client via mstsc and click the icon on the upper left corner, then "About".

    21825-image.png21854-image.png

    Thanks,
    Eleven

    0 comments
  2. fborup 1 Reputation point
    2020-09-02T20:49:27.253+00:00

    It´s the same error for all Windows7 and also Win10 version, 1903, 1907, 2004, all of them
    The problem stopped after i re-enabled TLS 1.0 on server side (NARTEC 3.2)
    RDP 10.8, no problem

    My TS Server is a WIn2008R2 and ALSO a RDP Host at the same machine (i know it´s not recommended, but it´s have been working pretty well in the last 10 years)

    I can´t check via NetMon3.4/Etherreal, because both systemas are on the same server, but the debugging is showing RDS gateway communication via TLS 1.0, as shown:

    An SSL client handshake completed successfully. The negotiated cryptographic parameters are as follows.

    Protocol: TLS 1.0
    CipherSuite: 0x35
    Exchange strength: 2048

  3. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,756 Reputation points Microsoft Vendor
    2020-09-03T05:25:27.12+00:00

    Hi,

    Please try to install below update to see if the issue could be resolved.

    Update to add RDS support for TLS 1.1 and TLS 1.2 in Windows 7 or Windows Server 2008 R2
    https://support.microsoft.com/en-us/help/3080079/update-to-add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-7-or-wind

    Or, if it is possible for you to select the security layer as "RDP Security Layer".

    administration tools -> remote desktop services -> remote desktop session host configuration -> properties on the RDP-tcp connection
    22375-image.png

    On Session host server, Local Group Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security -> Require use of specific security layer of remote connections -> Enabled -> RDP

    22345-image.png

    Thanks,
    Eleven

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.