RDP Encryption (only Enhanced - TLS)
Posted: 27. Jan 2012, 20:52
I am having trouble with RDP encryption when settings Security/Method to TLS (only allow Enhanced RDP Security). I am currently running Virtualbox 4.1.8 on a Windows 7 host with an Ubuntu 11.10 guest. I have setup RDP Simple authentication which works without any problems but when I set the security method to TLS I cannot connect with Remote Desktop Connection on another computer running Windows 7.
I receive the following error from the client:
The following is the log when I have Security/Method set to negotiate:
I receive the following error from the client:
The virtualbox log shows the following:The remote computer requires that authentication be enabled to connect.
The connection cannot proceed because authentication is not enabled.
I believe that the VM settings are correct but here they are listed:00:00:31.086 VRDP: New connection:
00:00:31.086 VRDP: Enhanced RDP Security.
00:00:31.086 VRDP: Connection closed:
00:00:31.086 VRDP: Logoff: <NULL> (<NULL>) build 0. User: [<NULL>] Domain: [<NULL>] Reason 0x0001.
The certificates are self-signed but I have used them elsewhere without problems and they are in ASCII PEM format.<RemoteDisplay enabled="true" authType="External" authTimeout="5000">
<VRDEProperties>
<Property name="Security/CACertificate" value="F:/vm/certs/ca.crt"/>
<Property name="Security/Method" value="TLS"/>
<Property name="Security/ServerCertificate" value="F:/vm/certs/cert.crt"/>
<Property name="Security/ServerPrivateKey" value="F:/vm/certs/key.key"/>
<Property name="TCP/Ports" value="3389"/>
</VRDEProperties>
</RemoteDisplay>
The following is the log when I have Security/Method set to negotiate:
Does anyone know what the problem might be?00:01:07.882 VRDP: New connection:
00:01:07.883 VRDP: Negotiating security method with the client.
00:01:15.170 VRDP: Methods 0x0000001b
00:01:15.170 VRDP: Channel: [rdpdr] [1004]. Accepted.
00:01:15.170 VRDP: Channel: [rdpsnd] [1005]. Accepted.
00:01:15.170 VRDP: Channel: [drdynvc] [1006]. Accepted.
00:01:15.170 VRDP: Channel: [cliprdr] [1007]. Accepted.
00:01:15.253 VRDP: Client seems to be MSFT.
00:01:15.253 VRDP: Logon: *machine name* (*ip address*) build 7601. User: [josh] Domain: [] Screen: 0
00:01:15.254 AUTH: User: [josh]. Domain: []. Authentication type: [External]
00:01:15.255 AUTH: external authentication module returned 'access granted'
00:01:15.255 AUTH: Access granted.