• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Remote desktop issues

Joined
May 2, 2017
Messages
7,762 (3.08/day)
Location
Back in Norway
System Name Hotbox
Processor AMD Ryzen 7 5800X, 110/95/110, PBO +150Mhz, CO -7,-7,-20(x6),
Motherboard ASRock Phantom Gaming B550 ITX/ax
Cooling LOBO + Laing DDC 1T Plus PWM + Corsair XR5 280mm + 2x Arctic P14
Memory 32GB G.Skill FlareX 3200c14 @3800c15
Video Card(s) PowerColor Radeon 6900XT Liquid Devil Ultimate, UC@2250MHz max @~200W
Storage 2TB Adata SX8200 Pro
Display(s) Dell U2711 main, AOC 24P2C secondary
Case SSUPD Meshlicious
Audio Device(s) Optoma Nuforce μDAC 3
Power Supply Corsair SF750 Platinum
Mouse Logitech G603
Keyboard Keychron K3/Cooler Master MasterKeys Pro M w/DSA profile caps
Software Windows 10 Pro
So I'm away from home for a while and have (long ago) set up my HTPC/NAS to be accessible through Windows Remote Desktop and a dynamic DNS service. It's been on-and-off in terms of working previously, and now it's ... somewhere in the middle, oddly. I can connect to it, but the connection is ridiculously slow and drops out intermittently, with responsiveness and stability nowhere near what's necessary to do anything even remotely (pardon the pun) useful. Part of the time I don't even get a cursor, and at best it's "fast" enough to update the view in Task Manager every 2-3 seconds.

I'm trying to access the system from my laptop (also tried my phone through the RD Client app, both on WiFi and mobile data; same results). The laptop is connected through WiFi (of course didn't bring my Ethernet dongle ...), but it should be plenty fast - I'm sitting right next to the router and SpeedTest.net shows 190/10Mbps at 11ms ping to a local server. Connecting to a server in my home town results in 32ms ping and 170/10Mbps. My home connection is a lot slower at ~70/10, but it should be plenty for this use AFAIK. There are currently no other devices on the home network (WiFi is off, the PC is connected directly to the modem). While the PC is nothing fancy in terms of performance, it's not doing anything actively either, so it shouldn't be stressed enough for this to affect things.

Any ideas what might be causing this?
 

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,666 (2.30/day)
Location
Missoula, MT, USA
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
Honestly RDP over the Internet isn't something I'd suggest, its one of the most common intrusion points I see working for an MSP and responding to brute forced entries via good ol' port 3389 and remote desktop. Even with NAT rules using obscure ports, eventually it gets sniffed out. I'd block that method and go a different route if I were you.

Now if you have a road-warrior VPN, which is your device (laptop/cell phone) to your router, then RDP over that you're better off. Yes RDP can encrypt up to 128-bit, on best days or if you force it via registry. But AES256 encrypted VPN tunnel is what I'd go with, no less than that. This is what I do, using my pfSense as my OpenVPN server, works excellent. Maybe you are doing this already, you mention dynamic DNS which I'm assuming you're just using to point to your gateway with a port on the end to connect to RDP, example: fakedomain.dyndns.org:3389

Another option to look at is a piece of third party software like AnyDesk. I suggest that over the likes of TeamViewer and other free solutions I've tried. AnyDesk has free and pay solutions, but its fast, lightweight and relatively simple to setup and secure.

Could be that there's a lot of traffic hitting your WAN, in the form of potential attacks like brute force to get into that RDP session or DDoS to slow you down as a temporary target. You mention th ePC is connected directly to the modem, this is something I strongly suggest against unless you're running a very good and well maintained version of IPTables or similar on Linux. Windows Firewall and Windows Defender Firewall can't cut it as a gateway security service, you need to have a firewall in-place that is dedicated to sorting/filtering packets and sessions IMHO. This concerns me greatly and would be a focus point of recommending you remedy this sooner than later.

Have you rebooted the server or changed the RDP port?
 
Joined
May 2, 2017
Messages
7,762 (3.08/day)
Location
Back in Norway
System Name Hotbox
Processor AMD Ryzen 7 5800X, 110/95/110, PBO +150Mhz, CO -7,-7,-20(x6),
Motherboard ASRock Phantom Gaming B550 ITX/ax
Cooling LOBO + Laing DDC 1T Plus PWM + Corsair XR5 280mm + 2x Arctic P14
Memory 32GB G.Skill FlareX 3200c14 @3800c15
Video Card(s) PowerColor Radeon 6900XT Liquid Devil Ultimate, UC@2250MHz max @~200W
Storage 2TB Adata SX8200 Pro
Display(s) Dell U2711 main, AOC 24P2C secondary
Case SSUPD Meshlicious
Audio Device(s) Optoma Nuforce μDAC 3
Power Supply Corsair SF750 Platinum
Mouse Logitech G603
Keyboard Keychron K3/Cooler Master MasterKeys Pro M w/DSA profile caps
Software Windows 10 Pro
Honestly RDP over the Internet isn't something I'd suggest, its one of the most common intrusion points I see working for an MSP and responding to brute forced entries via good ol' port 3389 and remote desktop. Even with NAT rules using obscure ports, eventually it gets sniffed out. I'd block that method and go a different route if I were you.

Now if you have a road-warrior VPN, which is your device (laptop/cell phone) to your router, then RDP over that you're better off. Yes RDP can encrypt up to 128-bit, on best days or if you force it via registry. But AES256 encrypted VPN tunnel is what I'd go with, no less than that. This is what I do, using my pfSense as my OpenVPN server, works excellent. Maybe you are doing this already, you mention dynamic DNS which I'm assuming you're just using to point to your gateway with a port on the end to connect to RDP, example: fakedomain.dyndns.org:3389

Another option to look at is a piece of third party software like AnyDesk. I suggest that over the likes of TeamViewer and other free solutions I've tried. AnyDesk has free and pay solutions, but its fast, lightweight and relatively simple to setup and secure.

Could be that there's a lot of traffic hitting your WAN, in the form of potential attacks like brute force to get into that RDP session or DDoS to slow you down as a temporary target. You mention th ePC is connected directly to the modem, this is something I strongly suggest against unless you're running a very good and well maintained version of IPTables or similar on Linux. Windows Firewall and Windows Defender Firewall can't cut it as a gateway security service, you need to have a firewall in-place that is dedicated to sorting/filtering packets and sessions IMHO. This concerns me greatly and would be a focus point of recommending you remedy this sooner than later.

Have you rebooted the server or changed the RDP port?
The port hasn't been changed in a while. The external port is obviously not the standard (I'm no networking expert, but I'm not that dumb, thankfully), but otherwise the setup is (very) basic. I haven't tried rebooting yet, I'm treating that as a last resort given the relatively high likelihood that I'll then lose any chance of connecting to the PC until I return home and can access it physically.

I guess what I should do when I get home is move to a third party service (or try setting one up remotely if I can get a stable enough connection), as it seems that would be the best and easiest solution.

As for security - I get that this isn't the safest practice, but it's only ever active when I'm away from home for extended periods of time, and quite frankly there's not that much of value on the PC to begin with (no personal accounts or anything like that). But still, I guess I should move to something slightly better :)
 
Joined
Oct 24, 2004
Messages
1,294 (0.18/day)
To further confirm / infirm the hypothesis of some brute force tentatives on the RDP service, i would suggest OP to go in the Control Panel \ administrative tools \ Even log viewer.

Then go to "Applications and services logs \ Microsoft \ Windows \ TerminalServices-RemoteConnectionManager \ Admin" branch.

You are looking for some potentially unwanted remote connections and failed logins attempts, those can be easily cornered if you look for event ID 1006

Product:Windows Operating System
ID:1006
Source:Microsoft-Windows-TerminalServices-RemoteConnectionManager
Version:6.1Symbolic
Name:EVENT_TOO_MANY_CONNECTIONS

Message:The terminal server received large number of incomplete connections. The system may be under attack
 
Joined
May 2, 2017
Messages
7,762 (3.08/day)
Location
Back in Norway
System Name Hotbox
Processor AMD Ryzen 7 5800X, 110/95/110, PBO +150Mhz, CO -7,-7,-20(x6),
Motherboard ASRock Phantom Gaming B550 ITX/ax
Cooling LOBO + Laing DDC 1T Plus PWM + Corsair XR5 280mm + 2x Arctic P14
Memory 32GB G.Skill FlareX 3200c14 @3800c15
Video Card(s) PowerColor Radeon 6900XT Liquid Devil Ultimate, UC@2250MHz max @~200W
Storage 2TB Adata SX8200 Pro
Display(s) Dell U2711 main, AOC 24P2C secondary
Case SSUPD Meshlicious
Audio Device(s) Optoma Nuforce μDAC 3
Power Supply Corsair SF750 Platinum
Mouse Logitech G603
Keyboard Keychron K3/Cooler Master MasterKeys Pro M w/DSA profile caps
Software Windows 10 Pro
To further confirm / infirm the hypothesis of some brute force tentatives on the RDP service, i would suggest OP to go in the Control Panel \ administrative tools \ Even log viewer.

Then go to "Applications and services logs \ Microsoft \ Windows \ TerminalServices-RemoteConnectionManager \ Admin" branch.

You are looking for some potentially unwanted remote connections and failed logins attempts, those can be easily cornered if you look for event ID 1006
No trace of that; 6 events in that category, all ID 20521, which seems to indicate a successful login with a local account (i.e. what I'm doing from here, even if "successful" might be a stretch). Thanks though!
 

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,666 (2.30/day)
Location
Missoula, MT, USA
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
Are you closing RDP (clicking X on session window) or logging off from the start menu when you disconnect?

If doing the former, you may remote on and try to do the latter so that the logged on profile gets refreshed. I'd also suggest checking system/admin event logs for other issues locally to the server since your RDP doesn't appear to be getting brute forced at this point in time.

Do you have a different profile on that system you can login to?
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
40,435 (6.61/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
So I'm away from home for a while and have (long ago) set up my HTPC/NAS to be accessible through Windows Remote Desktop and a dynamic DNS service. It's been on-and-off in terms of working previously, and now it's ... somewhere in the middle, oddly. I can connect to it, but the connection is ridiculously slow and drops out intermittently, with responsiveness and stability nowhere near what's necessary to do anything even remotely (pardon the pun) useful. Part of the time I don't even get a cursor, and at best it's "fast" enough to update the view in Task Manager every 2-3 seconds.

I'm trying to access the system from my laptop (also tried my phone through the RD Client app, both on WiFi and mobile data; same results). The laptop is connected through WiFi (of course didn't bring my Ethernet dongle ...), but it should be plenty fast - I'm sitting right next to the router and SpeedTest.net shows 190/10Mbps at 11ms ping to a local server. Connecting to a server in my home town results in 32ms ping and 170/10Mbps. My home connection is a lot slower at ~70/10, but it should be plenty for this use AFAIK. There are currently no other devices on the home network (WiFi is off, the PC is connected directly to the modem). While the PC is nothing fancy in terms of performance, it's not doing anything actively either, so it shouldn't be stressed enough for this to affect things.

Any ideas what might be causing this?

Clean the pins on the connectors and jacks, take caution to not bend them, also verify cable terminal ends are on tight (no wires loose)
 
Joined
May 2, 2017
Messages
7,762 (3.08/day)
Location
Back in Norway
System Name Hotbox
Processor AMD Ryzen 7 5800X, 110/95/110, PBO +150Mhz, CO -7,-7,-20(x6),
Motherboard ASRock Phantom Gaming B550 ITX/ax
Cooling LOBO + Laing DDC 1T Plus PWM + Corsair XR5 280mm + 2x Arctic P14
Memory 32GB G.Skill FlareX 3200c14 @3800c15
Video Card(s) PowerColor Radeon 6900XT Liquid Devil Ultimate, UC@2250MHz max @~200W
Storage 2TB Adata SX8200 Pro
Display(s) Dell U2711 main, AOC 24P2C secondary
Case SSUPD Meshlicious
Audio Device(s) Optoma Nuforce μDAC 3
Power Supply Corsair SF750 Platinum
Mouse Logitech G603
Keyboard Keychron K3/Cooler Master MasterKeys Pro M w/DSA profile caps
Software Windows 10 Pro
Clean the pins on the connectors and jacks, take caution to not bend them, also verify cable terminal ends are on tight (no wires loose)
Did you mean to respond to another thread? This does not have anything to do with any physical network connection. My home connection is fine, as is the connection here.
 

newtekie1

Semi-Retired Folder
Joined
Nov 22, 2005
Messages
28,472 (4.25/day)
Location
Indiana, USA
Processor Intel Core i7 10850K@5.2GHz
Motherboard AsRock Z470 Taichi
Cooling Corsair H115i Pro w/ Noctua NF-A14 Fans
Memory 32GB DDR4-3600
Video Card(s) RTX 2070 Super
Storage 500GB SX8200 Pro + 8TB with 1TB SSD Cache
Display(s) Acer Nitro VG280K 4K 28"
Case Fractal Design Define S
Audio Device(s) Onboard is good enough for me
Power Supply eVGA SuperNOVA 1000w G3
Software Windows 10 Pro x64
The first thing I would try is to change the quality settings in the RDP client to "Modem 56K" and change the color option to the lowest possible(15-bit I think is the lowest on the Windows RDP client). That will reduce the bandwidth requirements to as low as possible.

You also have to realize that ISPs might be prioritizing or throttling speeds differently based on ports. So you can run a speedtest at home and get 10Mb/s upload because the speedtest is using the standard 80 or 443 ports. But if you run RDP on port 5670, the ISP might only allow 128Kbps on that port because it's not a commonly used port and there really shouldn't be that much traffic on it.
 
Last edited:
Top