Remote Desktop (RDP) Troubleshooting Guide for VPS Clients

Basic Pre-Checks

• Use the correct public IP address of your VPS.

• Confirm the RDP port (default is 3389)—check if it's custom.

• Use valid username/password (e.g., Administrator).

• Ensure the VPS is running (try ping or check provider dashboard).

Common RDP Errors & Fixes

"Remote Desktop can't connect to the remote computer"

• VPS may be offline or RDP service not running.

• RDP port might be blocked by a firewall.

• Fix:

  • Restart VPS via dashboard.

  • Enable RDP: System Properties > Remote.

  • Open RDP port in firewall:

  • netsh advfirewall firewall add rule name="RDP" protocol=TCP dir=in localport=3389 action=allow

Multiple Login Attempts Failed / IP Blocked – Troubleshooting

 Common Symptoms

• "Too many failed login attempts"

• "Your IP has been blocked"

• RDP session closes immediately after connecting

• VPS unreachable after brute-force or failed logins

Possible Causes

• VPS firewall or security software (like Windows Defender, Fail2Ban, CSF) blocked your IP

• Account lockout due to repeated failed password attempts

• RDP brute-force protection tools auto-banned your IP

Fixes & Recovery Steps

1. Unblock Your IP

• Log in via VPS web console (from your hosting provider panel)

• Use PowerShell or CMD to unblock IP:

  powershell:

   

  netsh advfirewall firewall delete rule name="BlockIP" remoteip=<your_ip>

• If using 3rd-party tools (e.g., Fail2Ban, CSF), remove your IP from their ban list:

  • CSF: csf -dr <your_ip> or csf -tr <your_ip>

  • Fail2Ban: fail2ban-client set <jailname> unbanip <your_ip>

2. Reset Account Lockout

• Log into the VPS via console

• Open lusrmgr.msc (Local Users and Groups)

• Check user account status (unlock if locked)

• Use PowerShell:

  powershell:

   

  Unlock-ADAccount -Identity "Administrator"

3. Review Security Software Logs

• Check Windows Event Viewer → Security for failed login audit logs

• Look for automated blocks by:

  • Windows Firewall

  • Defender ATP

  • Third-party security tools

Prevent Future Lockouts

• Use Strong Passwords and avoid reusing credentials.

• Whitelist Trusted IPs in Windows Firewall:

  powershell:

   

  New-NetFirewallRule -DisplayName "Allow RDP from Office" -Direction Inbound -Protocol TCP -LocalPort 3389 -RemoteAddress <your_ip> -Action Allow

• Change RDP port to reduce brute-force attacks (e.g., 3390, 5500)

• Enable Account Lockout Policy with a delay to prevent brute-forcing:

  • secpol.msc → Account Lockout Policy

• Optional: Use RDP Gateway or VPN for secure access

"Authentication Error" or "Credentials didn’t work"

• Double-check login credentials (case-sensitive).

• Reset the VPS password via your provider.

• Ensure user account is not locked or expired.

"RDP Port not accessible"

• Test port with: telnet <IP> 3389 or use CanYouSeeMe.org

• Open port 3389 in both Windows Firewall and VPS provider’s firewall rules.

"No Remote Desktop client access licenses available"

• Restart "Remote Desktop Licensing" service.

• Contact provider to verify CAL (Client Access License) availability.

VPS-Side Troubleshooting

• Use Web Console or SSH to access VPS if RDP fails.

• Check RDP service via services.msc, restart "Remote Desktop Services".

• Enable RDP via PowerShell:

• Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 0
  Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Platform-Specific Tips

Windows

• Use mstsc.

• Save .RDP files for easy access.

• Enable clipboard and drive sharing under "Local Resources".

macOS

• Use Microsoft Remote Desktop (App Store).

• Login format: username@ipaddress.

Android/iOS

• Use Microsoft Remote Desktop app.

• Ensure mobile network or Wi-Fi allows port 3389.

 Advanced Options

• Change default RDP port in the registry:

• HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

• Enable Network Level Authentication (NLA) for added security.

• Use firewall rules to restrict IP access to RDP.

Disable Windows Defender (Microsoft Defender Antivirus)

Method 1: Using PowerShell (Temporary Disable)

• This turns off real-time protection.

• Defender will re-enable after a reboot unless permanently disabled.

Method 2: Using Group Policy (Permanent)

Only available on Windows Server or Windows Pro editions

1. Run gpedit.msc

2. Navigate to:
   Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus

3. Double-click “Turn off Microsoft Defender Antivirus”

4. Select Enabled → Click OK

5. Restart the VPS

Method 3: Registry Editor (Permanent Disable)

Backup the registry before making changes

1. Run regedit

2. Navigate to:
   HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

3. Create or modify a DWORD (32-bit) value:

   • Name: DisableAntiSpyware

   • Value: 1

4. Reboot the server

Optional: Disable Defender Services (Advanced)

powershell:

Important Notes

• Disabling Defender exposes your VPS to malware/ransomware.

• Use only if you have another antivirus or firewall protection in place.