Remote desktop connection blocked by cisco security agent

Similar Messages

• Remote Desktop Connection Security

  I have several computers in very geographically distributed areas of the world on their own networks behind substantial firewalls. Remote desktop connectivity is about the only really effective means to communicate with them however, short of VPN appliances
  BorderGuards, etc. I have been ask by my security officer if the remote desktop connections we've been using have been encrypted? I didn't know the answer myself, and research on the internet didn't provide definitive answers. Was there a chance or is
  there a chance that our session traffic could have been read by anyone along the way?
  VR/JW--Sunblock1960

  Hi,
  Remote desktop connection uses the highest possible security level encryption method between the source and destination.
  In Windows Vista or later versions of Windows, the remote desktop connection uses the SSL (TLS 1.0) Protocol and the encryption is Certificate-based.
  TS Gateway can also make the connection more secure, enhance security, see detailed information in this link
  http://technet.microsoft.com/en-us/library/cc731264(WS.10).aspx
  Don't forget some known offical antii-virus software, they can also protect the connetion from network attack.
  Yolanda Zhu
  TechNet Community Support

• I have an Ipad 2 and here is what I am trying to accomplish.  On my laptop I connect to a remote desktop connection to access a shared program we use for reporting.  How do I set up my Ipad to access this remote server?  Thanks for the help.

  I have an Ipad 2 and here is what I am trying to accomplish.  On my laptop I connect to a remote desktop connection to access a shared program we use for reporting.  How do I set up my Ipad to access this remote server?  Thanks for the help.

  Close ... before going for a specific Cisco app ... lets find out some details:
  Host we need more details:
  What is your server environment (Windows Server, or Mac OS X Server, or Linux)?
  What security is implemented in your environment - as what is restricted (RDP for all or specifc credentials on all machines? Are you part of local admin group to the server you wish to connect)?
  Does your environment Support CISCO IPSec connection? If so use Settings> VPN and IPSec tab to enter VPN details, if not then go with above suggestion. IF your restricted to RSA then either built in VPN settings or 3rd party app for RSA would suffice.
  Finally, there are many RDP applications out there I use "Mocha RDP Light" (free minimal ads when launched not when connecting).

• Remote Desktop Connection with WRT54G from Novice

  Well, I’m usually pretty good at using Google and forums to eventually figure out how to fix my problem but this one absolutely has me stumped and I’m hoping someone out there has an answer for me. For the record, I have probably a beginner/intermediate knowledge of computers so if you know the answer to my problem, try to explain it simply! ****TO ANYONE WHO TAKES THE TIME TO READ THIS THING AND CAN OFFER SOME ADVICE-THANK YOU!!!!***
  THE PROBLEM
  I would like to be able to use Remote Desktop to log into either of my home computers from basically any computer on the internet.
  THE SETUP
  I have two computers, whose names are LAPTOP and DESKTOP that are both running Windows Vista Ultimate. Both of the computers are connected to a Linksys WRt54G Router ; one wired, the other wirelessly. The Linksys router is then connected to a Westell DSL Modem that connects to AT&T’s internet service.
  SETTINGS
  My DSL service only provides me with a dynamic IP address so I signed up with no-ip.com. Through that site, I bought a domain name and downloaded their small program that runs in the background of my desktop computer. The program checks what my IP address is every couple of seconds and if it changes, it notifies their server so that anyone who types in my domain name is directed to the new IP address.
  ROUTER (Firmware 4.20.6)
  Basic Setup Page: The Router Name is just the model number, the Server Name is my DSL provider and the Domain Name is the name I chose and registered with No-IP.com. (www.mydomainname.com, for example.) DHCP Server is ENABLED. DDNS Service is DISABLED. Under Advanced  Routing, it is set in GATEWAY mode.
  Security Page: Firewall Protection is ENABLED. Block Anonymous Internet Requests is NOT checked. Filter Multicast, Filter Internet NAT Redirection and Filter IDENT ARE checked.
  Applications and Gaming Page: I chose two port numbers, one for each computer that I want to connect to. On the first line, I have Application: RDP, Port Range: 49200 to 49200, Protocol: Both, IP Address (The IP address of the computer I want to connect to) and the Enable box IS checked. [I did the same thing with the second line for the other computer, but with a different port number and that computer’s IP address)
  Administration Page: Access Server is HTTP, Wireless Access Web is ENABLED, Remote Management is ENABLED through Port 8080, and UPnP is ENABLED.
  WINDOWS VISTA SETTINGS
  First, I went to the Remote Desktop Settings of the target computer and ENABLED Remote Desktop Connection and allowed computers running any version of Windows. I also confirmed that the box labeled “Allow This Computer To Be Controlled Remotely” WAS checked. I then made sure that I had a user name, it had a password associated and that it had Administrator priveledges. I went back to the Remote Connections screen and added the user name as being allowed to connect. (I think this is redundant since it’s both the owner of the computer and has Administrator Status.)
  Next, per Randomly Googled Internet Advice, I went into the registry and changed the port number that Remote Desktop listens for incoming connections to Port 49200 to match the router settings. [Registry Entry that I modified was: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
  Finally, I went to the Windows Firewall and Added (opened) port 49200 for use as a Remote Connection. I kept the protocol as TCP and confirmed the scope was set for Any Computer.
  CURRENT STATUS
  If I go to Explorer and enter my IP address with a colon and the specify port 8080, I can get the login screen for the router. Same thing happens if I just enter my domain name and port 8080. However, if I switch the 8080 port and use one of the ports I chose (49200), it cannot connect, either using the Public IP address or the domain name. (I’m trying to connect using a wireless card and not connected to my local network so I know it’s the same as if I was anywhere else.)
  I’m not sure why it won’t let me connect; it feels like the router will not allow the connection to pass through it to the port I’m asking it to forward to. I’m guessing someone out there who took the time to read it is shaking their head at all the information I provided and knows the one dumb thing I missed!
  Thanks again!

  I'm attempting to do the same thing with my home network. the only differences are that i have cable internet from comcast and i'm running vista business. my router is the wrt54gs. i'm assuming that the web page is similar for adjustmants. To be honest i cannot figure out how to do a remote destop too. so i went to www.logmein.com and installed the program. once installed to to every computer you want to have access too and log into the website. then click on the add computer icom. full control app sharing etc... even better when you connect you have the option to deactivate the local host mouse and screen to prevent anyone seeing what your doing.
  If you resolve the router issue would you let me know. plz thanks
  Forest

• Remote desktop connection from windows computer to TC

  hi all,
  what I have: I have a TC 2TB, bought it three months ago.
  what I did: I have set it up at home. Using as base station for all my devices, iphone 4, ipad 2, macbook air and also other laptop. My TC is connected to ADSL modem with an ethernet cable (as expected). with port forwarding option of ADSL modem (in NAT Properties), I managed to forward any connection to TC. I have a static IP by the way.
  what I can do: from work or anywhere else other than my home network, I can connect to my static IP (via "Connect to Server" option in any mac device), it pops up a user name and password window, I login with my TC user name and decive password. In an instant my TC disk is mounted on my desktop, and I can reach all my files in it as if it is an external hard disk.
  what I cannot do: from a windows computer outside my network, I cannot connect to TC. I try to do this through "Remote Desktop Connection". Is this possible? If so how? Is this a problem related to network connection or TC settings?
  aakibar

  You cannot remote desktop into a TC..
  In fact you cannot remote access a TC from windows.. sorry.. but SMB protocol is blocked on the internet.. there are work arounds but no security.. don't do it.
  The only other protocol the TC offers is AFP.. there is no AFP file access software available for windows. You need to use a Mac.
  The best alternative is vpn.. replace your current adsl modem router with a vpn one.. eg draytek.. then you can access your home network. Since I presume when you say you have static ip you mean public IP then vpn is easy (well once setup it is).. reliable and secure.

• Remote Desktop Connection ok on work wireless but not from home

  I've succesfully logged into the Win 2003 SBS (Terminal Services) from within the wireless connection at work using Mircrosoft's "Remote Desktop Connection". However when I try to do this from home I get the following error message "Either remote connections are not enabled, the computer is too busy to accept new connections, or network problems are preventing your connection. Try connecting again later or contact your administrator."
  I've got the firewall on the mac on.
  Now what I can't work out is why it works when at work and not from home. I have been searching for ages and can't work this out - annoying as I am sure it is very simple!
  One thing I can think of is that the first time others connect via PCs they have to download the connection manager from the company web site which installs a security certificate. However this is an .exe file so cannae work on the Mac.
  Do all I need to do is ask the IT administrator to email me the certificate and drop it into the keychain?
  Thanks in advance.

  "Now what I can't work out is why it works when at work and not from home."
  Probably because, if your work is smart, they have a firewall in place, blocking external access to the ports needed for use with RDC.

• Cisco Security Agent unable to close tcp/135 port on Windows hosts

  Hello
  I've encountered with problem that Cisco Security Agent unable to close port TCP/135 on windows PC (XP or Win7).
  I've configured rule module Network Access Control to prevent all client/server connections to port tcp/135.
  I've checked my policy using nmap, so this port (TCP/135) during 20 minutes shows as filtered and i can see log in monitor event on CSA MC, during next 20 minutes it show as opened and no log shows. (time not exact, so it maybe 30 minutes or 5,it varies)
  Can anyone explain how TCP/135 works and is it possible to close it using CSA?
  Thanks in advance

  There is another question for the same issue on the forums (see: CSA 6.0.2.145 problem with windows 7 firewall). I wrote:-
  "I went ahead and tested this in the lab with winXP and CSA 602-149 (latest). I defined a rule with DENY tcp/135 and ran the nmap and it reports opened (wireshark shows syn-ack to the syn). I changed it to a PRIORITY DENY and now the nmap reports closed (wireshark shows reset to the syn). Via the cli, netstat -an shows the pc listening on tcp/135 & disabling CSA the syn gets the syn-ack response. To me this implies a couple of defect. 1: The DENY should block syn to tcp135 & 2: CSA should not send reset (it should be reset). Is it possible to open a TAC case and put my name (mwinnett) in it and I will open a defect."
  Matthew

• Remote Desktop Connection to Windows 8 PC from other computers crashing

  Hi all.
  Was hoping someone would be able to help me with an issue I'm having.
  I'm trying to get a LAN remote desktop connection established to my Windows 8 laptop. It's an HP ENVY 17t-2100 CTO 3D Edition Notebook PC. Note that I'm running Windows 8 Pro only - not 8.1 as HP haven't released 8.1 graphics drivers for this laptop and probably
  never will. The computer has a single user profile that has full administrator rights.
  I have followed numerous web tutorials on how to turn on Remote Desktop. I've gone into Advanced System Settings > System Properties > Remote > checked "Allow Remote connections to this computer". All seems ok to me. 
  The problem comes when I try to establish a connection. When the connection is made, it almost instantaneously crashes the session on the computer or device trying to connect. The RDP client on my Windows 7 laptop, Mac OSX or Mac running Windows 8.1 Pro just
  crashes, while the RDP iPhone or iPad app simply flickers for a few seconds then goes back to the main screen. Meanwhile, the HP ENVY loads the lock screen and displays a message saying XXX device is connected remotely and it won't let me log back in to kill
  the connection or do anything. I have to restart the computer from then to be able to use it again.
  I'm convinced there's not a problem with my local network as the HP ENVY can RDP into the Windows 7 laptop or Mac running Windows 8.1 without any problems. All computers are connected via Ethernet to a Linksys/Cisco wireless ADSL modem router which supports
  Gigabit. The iPhone and iPad of course connect to the wifi network from the Cisco/Linksys modem router
  I've also had a brief look at the RDP local connection logs. From what I can make out, they confirm that a user has successfully logged in, but they don't provide a crash log or a log of the user ever disconnecting, probably because I have to restart the computer
  to continue using it. Dead end there, it seems.
  The HP ENVY is connected to 3 external HP LED monitors. I've disconnected them and tried all devices with no luck. I've also played round with the RDP client settings to not mount drives or printers and the HP ENVY has no printers connected anyway, though I've
  done all I can to remove any printer drivers as I've read elsewhere that they are what could cause the problem, but I've had no luck. 
  If anyone can suggest anything more that I can try, I would be unbelievably grateful! I'm more than happy to provide screenshots or videos of what happens when I try connecting. I'm not sure what you experts would find immediately helpful so just ask away if
  you think I can provide anything.
  Thanks in advance!
  rugbyreff

  The first thing that I would try is to uncheck all of the boxes for local resources on computer running the RDP client. It is possible that a device, such as a printer or other redirected device, is causing the crash. You can also look under Event Viewer
  in the event logs of both systems and see if anything unusual appears when you attempt the remote connection.
  Brandon
  Windows Outreach Team- IT Pro
  The Springboard Series on TechNet
  Hi Brandon
  Many thanks for your suggestions. There's nothing in the logs that I could find, like I said in the original post. I've also tried connecting with bare minimum settings on all devices (FYI the iPad and iPhone version don't support the use of printers) and
  this still hasn't helped.
  If you have any other ideas I'd be very glad to hear them!
  rrugbyreff
  "If it's worth doing, it's worth overdoing" -- MythBusters

• HP LaserJet Pro MFP M127fn and Remote Desktop Connection

  So, my pc operates on Win7-64bit.  I use Remote Desktop Connection to log in to the company server, running on MS Server 2008.  I purchased the HP MFP M127fn today after confirming that it is compatible with both OS listed above.  I  successfully installed it directly to the server via usb cord - to make sure the correct drivers downloaded to the server.  I was able to test-print and print from an app while physically connected to the server.  I then disconnected the printer from the server and successfully connected it to my local pc.  I can test-print and print from an app on my desktop.  When connect to the server via RDC, it recognizes the MFP M127fn as my default printer, and sends a print job to my local pc.  I can see the job in the server print queue, I can see the print job in queue on my desktop....it spools, then says it prints, however no actual print job ever materializes.
  If I select to print to the MFP M127fn fax from the server, it will open the fax window on my desktop, allow me to enter a phone number, and will dial out and send the fax.  So, that driver is functioning properly.
  So, my question is this:  If the printer and fax claim to be successfully installed, why do I not get the print job that is sent via the server and appears in my local print queue?  I get no error, either on the server side or the local desktop.  They both truly think the job has printed.....but no paper ever comes out.   
  Our company has used several other HP printers over the years with this same set-up and have never had a problem until now.  The last one was also an HP MFP - the CM1312.  So, I am now completely stumped by this.  I called HP support and was routed through 4 different areas before I was told that no one had a clue what the problem might be.  I then called the Easy-Tech desk at Staples, where I bought the printer, and was told that it was most-likely a hardware issue and I should return the printer to swap it out for another one.  If nothing would print at all, I would agree it's hardware.  But, as I can print locally, I'm more-inclined to think it's driver-related......any suggestions? 

  Hi,
  The M127fn uses the PCLmS printing language which is a lightweight printing language, a such is not supported for RDP printing.
  As a reference you may find the following socument about Citrix, Terminal Services and RDP Printing, as you may find listed the M127 is not supported for a such:
  http://h20195.www2.hp.com/v2/GetDocument.aspx?docn​ame=4aa0-8465enw&404m=secure-erc
  That is clearly not an harware issue, however I suggest returning the printer and replacing it with a different model which better feet such a task.
  The M225dn as an example uses a PCL 6 print driver and should provide a better feet for RDP printing using HP UPD.
  Regards,
  Shlomi
  Say thanks by clicking the Kudos thumb up in the post.
  If my post resolve your problem please mark it as an Accepted Solution

• Remote Desktop Connection stopped working

  I made a change to my Verizon TV and Internet package, downgrading from Ultimate HD to Extreme HD and from 35/35 to 25/25.  This morning, when I ran a speed test it showed the new speed.  I went out for a few hours, and when I returned, my internet connection was not working at all.
  I called Verizon's support number and, after talking to two different people, one who wanted to swap out my router, and one who wanted to send a tech to check out my ONT, they finally figured out the problem was with their configuration, not any of the hardware in my house, and got me running again at the correct speed.
  During the trouble shooting process, they had me do multiple soft and hard reboots of my router, they remotely rebooted it, and had me push the recessed reset button once, restoring it to factory defaults.  This led to problems with my wireless devices, so I loaded a configuration file to the router that I had thankfully saved some time prior to this problem, and everything seemed to be working properly.
  Then, I tried to open a remote desktop connection from one of my machines to another one, both on my internal home network, a connection that had worked flawlessly up until now, and it would not work.  Moreover, trying to ping the "remote" machine from the one trying to initiate the connection gets no reply, but pings are replied to in the other direction.  And, both machines can see and access each other's shared folders and files, and both can see each other in the network map in the networking and sharing control panel app.
  I never made any configuration changes to either machine during the trouble shooting process, but to be sure, I used system restore on both machines and took them back to restore points made yesterday, when everything was working.
  I am at a loss to understand what has gone wrong, and would appreciate any constructive and helpful suggestions as to how to remedy this situation.
  ps
  I am running two different web servers on the target machine, and am running stunnel on it to provide secure nntp connections to a news client that doesn't have that capability built in, and none of these servers are available from other machines.  Nothing seems to be getting through to the target pc except windows network sharing! 

  dslr595148 wrote:
  #1 In the router go to Advanced -> Universal Plug and Play OR to Advacned -> UPnP (what ever exist in your router).
  #2 If you do not have at least two special computers that support Universal Plug and Play (UPnP) where you can not define the ports that they use, turn off UPnP.
  A perfect example. At least two game consoles. Any two (Two Xboxes, two Playstations, One Xbox and one Playstation).
  #3 If you have at least two special computers that support UPnP where you can not define the ports that they use....
  Do you only use one at time or are there times when at least two are on?
  #4 In the router go to Advanced -> IP Address Distribution Or to Advanced -> Private LAN
  #5 What is the Starting and Ending IP Address, that is listed in there?
  We have two Xboxes and a Logitech Revue.  I have Windows Media Sharing enabled on three computers, and am also running a beta of Logitech Media Server on one.   It is possible that there are times when two or more streaming clients are in operation, but that is a very rare occasion.  Two of the computers, the ones I mention in my original post, are on almost continuously.
  In Advanced -> Universal Plug and Play, both Allow Other Network Users to Control Wireless Broadband Router's Network Features and Enable Automatic Cleanup of Old Unused UPnP Services are checked, and WAN Connection Publication: is set to Publish Only the Main WAN Connection.
  In Advanced -> IP Address Distribution, under Dynamic IP Range it says192.168.1.2 - 192.168.1.254.  However, in Advanced -> IP Address Distribution -> Connection List I have set all the lease types to Static, because I was having problems using the Verizon web page to access my set top boxes, particularly the MRDVR.  The Static IP addresses for the computers, game consoles, Bluray player etc. are in the range 192.168.1.2 - 192.168.1.12, and the set top boxes are at 192.168.1.100 & 192.168.1.101.
  One thing I did not mention in my original post is that I have two unmanaged gigabit ethernet switches in my home network.  There are two computers, the ones I mention in my original post, and the Logitech Revue plugged into one switch.  That switch plugs into another switch which also has one pc, an Xbox, and a Bluray player plugged into it, and that switch then plugs into one of the ports on my Verizon supplied Actiontec MI424-WR Rev C, firmware version 4.0.16.1.56.0.10.14.4.  All of the other ethernet ports on the router are unused.  In addition, we have a laptop, a notebook, another Xbox, and a Wii that connect through the Actiontec's wireless.
  I don't know if media streaming is still working and I don't really care if it is because we use it so seldomly.  It never worked consistently or to our satisfaction.  When we want to watch or listen to media from one computer on another, we copy it over the network from shared folders.  We have a Homegroup, to which all of the computers belong.  If we want to watch or listen to media on one of the game consoles, we copy it to a flash drive.  The Bluray player is only connected to the network for firmware updates and for discs with network enabled content.
  This same setup was operating before the problem developed, and I can't figure out what has changed to create the problem.  The router configuration file that I am using is from June of 2011, and I'm pretty sure that everything was working fine then, and don't recall making any changes to the router's configuration since then.

• Remote Desktop Connection using the WRT54GC

  I replaced a wired router with a Linksys WRT54GC wireless router. Connected to the wired router was a wireless router configured as an access point. I have 2 laptops and I successfully connected to the Internet from both. I was also able to connect to one of the laptops through the wireless access point using Remote Desktop Connection. The only difference between the configuration with the previous router and the Linksys is that the laptop with the Remote Desktop software (the host) was hard wired. Using the Linksys I can successfully access the Internet from both laptops. I can also get to the host computer over the LAN using Remote Desktop Connection. I CANNOT however access the host computer outside the LAN. I configured the router correctly using port forwarding and a 3389 port. I checked "enabled" and entered the IP Address of the host laptop (the one with the Remote Desktop Function). I disabled all security in the router. I have a dynamic address through dyndns.org and have setup the DNS portion of the router accordingly. Can you explain why I can no longer access my home computer remotely using Remote Desktop with the Linksys.

  Are you able to access Remote Desktop Connection directly connecting to the modem.

• Remote Desktop Connection on EA6500

  Very simple requirement.
   New EA6500
   Server (Win7Pro) on LAN
   PC (Win8Pro) on LAN
   Need to use Remote Desktop Connection to connect from PC to Server.
  The old LinkSys WRT54G worked fine.
  Also tried searching the web and speaking to support for a couple of hours....Support made me fiddle with the Security settings:
   Uncheck the Internet Filter options
   Added a record on the Port Range Forwarding with Port 3389 to the Server IP address. 
  I have spent hours trying to make this work but no luck.
  Solved!
  Go to Solution.

  I finally resolved this. Problem was with the firewall on the server I was trying to remote desktop to.
  At first I disabled the firewall and could then remote desktop to the server.
  Then turned it back on, tweaked it (not sure exactly what I did) and it now works with the firewall working.
  Thanks for the assistance.

• Remote Desktop Connection - Authentication error

  Hello,
  I wish to connect to my work PC from my laptop. The remote desktop connection was working fine till yesterday, but today i receive the following error when i try to connect - 
  "An authentication error has occurred. The Local Security Authority cannot be contacted. Remote Computer: <name>."
  I have Win 7 ultimate installed on my 32 bit system, and have tried solutions proposed in the other threads. I do not require a NLA check for connection, i have always used the remote desktop with this option unchecked. Could anyone help me with this please?
  Is this a error on my Laptop, or do i need to contact the network administrators for this?

  Hi!
  It could be as easy as you need to change your password on your domain accout.
  Are both computers connected to the same domian or is your work computer connected to a domain and your laptop connected to a workgroup?
  If your password has expired, this error can occur, so I would start to check that since it stoped working over night.
  Best regards
  Andreas Molin

• Remote Desktop Connection has stopped working

  Using Build 10041. Occurs on 2 separate systems I have when trying to use Remote Desktop Connection through a 2012 R2 RDS Gateway. I am able to connect to the remote systems and access the environment for a short period prior to MSTSC.EXE
  crashing. "A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available."
  Eventlog has the following:
  Log Name:      Application
  Source:        Application Error
  Date:          3/25/2015 2:50:21 PM
  Event ID:      1000
  Task Category: (100)
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Description:
  Faulting application name: mstsc.exe, version: 10.0.10041.0, time stamp: 0x5503b1a7
  Faulting module name: mstscax.dll, version: 10.0.10041.0, time stamp: 0x5503b315
  Exception code: 0xc0000005
  Fault offset: 0x000000000046d78c
  Faulting process id: 0x2164
  Faulting application start time: 0x01d06734abf028a0
  Faulting application path: C:\WINDOWS\system32\mstsc.exe
  Faulting module path: C:\WINDOWS\system32\mstscax.dll
  Report Id: 2b084e37-d328-11e4-ab40-7c7a9191e005
  Faulting package full name:
  Faulting package-relative application ID:
  JW

  Tried this with no luck.  I have the same issue as the OP.  It was failing on 10041 and is still failing with an AV on 10049.  See below event log entry after registering mstscax.dll and rebooting.  Still failing.
  Log Name:      Application
  Source:        Application Error
  Date:          4/11/2015 12:18:21
  Event ID:      1000
  Task Category: (100)
  Level:         Error
  Keywords:      Classic
  User:          N/A
  Computer:      Chuck1
  Description:
  Faulting application name: mstsc.exe, version: 10.0.10049.0, time stamp: 0x55137bff
  Faulting module name: mstscax.dll, version: 10.0.10049.0, time stamp: 0x55137d3f
  Exception code: 0xc0000005
  Fault offset: 0x000000000046d74c
  Faulting process id: 0x1870
  Faulting application start time: 0x01d0748c29e55e06
  Faulting application path: C:\WINDOWS\system32\mstsc.exe
  Faulting module path: C:\WINDOWS\system32\mstscax.dll
  Report Id: 83921b7c-e07f-11e4-960f-40f02f7ad3a4
  Faulting package full name:
  Faulting package-relative application ID:
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Application Error" />
      <EventID Qualifiers="0">1000</EventID>
      <Level>2</Level>
      <Task>100</Task>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2015-04-11T19:18:21.000000000Z" />
      <EventRecordID>73626</EventRecordID>
      <Channel>Application</Channel>
      <Computer>Chuck1</Computer>
      <Security />
    </System>
    <EventData>
      <Data>mstsc.exe</Data>
      <Data>10.0.10049.0</Data>
      <Data>55137bff</Data>
      <Data>mstscax.dll</Data>
      <Data>10.0.10049.0</Data>
      <Data>55137d3f</Data>
      <Data>c0000005</Data>
      <Data>000000000046d74c</Data>
      <Data>1870</Data>
      <Data>01d0748c29e55e06</Data>
      <Data>C:\WINDOWS\system32\mstsc.exe</Data>
      <Data>C:\WINDOWS\system32\mstscax.dll</Data>
      <Data>83921b7c-e07f-11e4-960f-40f02f7ad3a4</Data>
      <Data>
      </Data>
      <Data>
      </Data>
    </EventData>
  </Event>

• Remote Desktop Connection With Custom Certificate on Windows 8.1 fails

  I'm trying to establish a secured remote desktop connection without success.
  The setting
  There are some local pcs with windows 8.1 Pro and windows 7 Pro, no server-edition. I've created a self signed ca-certificate with openssl for Windows. I used this to sign custom certs for the local windows-pcs, which are installed at mmc -> certificate
  snap-in for local computer -> My Certificates -> Certificates. The networkdriver has the right to read the key. The sha1-fingerprint of the custom signed certs are registered at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  -> SSLCertificateSHA1Hash = sha-1 hash of the custom local cert. Additionally the revocation-list is restrained to the local list by setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp -> UseCachedCRLOnlyAndIgnoreRevocationUnknownErrors
  = 1.
  The results
  The connection form win 8.1 to win 7 works. The connection info confirms that it is a veryfied connection. The connection to windows 8.1 fails after entering the credentials with error: No connection possible. Network Level Authentication is set, but other
  level don't work as well. The log (Event Views -> Applications and Services Logs -> Microsoft -> Windows -> TerminalServices-RemoteConnectionManager -> Admin) says "Remote Desktop Services has taken too long to load the user configuration
  from server" and "The Local Security Authority Cannot Be Contacted" (error 0x80090304)
  Aditional information
  The connection via linux (remmina) works for win 7 and win 8.1, but I have no information about the encryption. It is the same with the Microsoft Remote Desktop Tool for Android.
  Maybe it is accociatet with a different cert handling by Windows 8.1 but I couldn't find further information or a solution in the internet.
  Best regards
  abditus

  I solved the problem!
  The default openssl certificate signature algorithm is md5RSA but it doesn't work with windows 8.1.
  It is at least sha1RSA needed.
  By adding "default_md = sha1" to the openssl.cnf you create certs with sha1RSA and it works fine.
  Beste Gegards
  abditus