Description
Describe the problem
Some users cannot connect to RDS, or have sporadic issues connecting.
RDS uses a gateway connection over port 443/tcp and establishes connections to brokers on the backend for an RDP connection.
To Reproduce
Steps to reproduce the behavior:
- Connect to Netbird
- Click on RDP connection
- Enter authentication
- RDP Client immediately reports "There was a problem connecting to the remote resource. Ask your network administrator for help."
Expected behavior
- Connect to Netbird
- Open RDP connection
- Enter authentication
- RDP client negotiates connection and opens desktop.
Are you using NetBird Cloud?
No, self-hosted docker instance.
NetBird version
0.26.2 across the board
(this issue was present in previous versions)
NetBird status -d output:
Everything is connected when checking status -d.
The traceroute to the resource works as expected. It hops through the netbird peer we have setup to route this network exactly as it should.
Even the RDWeb webpage at the same address as the RDS gateway will load just fine for the user. The issue happens when attempting to connect with the RDP client.
The RDP connection file is identical and distributed to the users so there is no variance there.
All users have no problem accessing websites over the same NB connection.
If the users connect to Wireguard the RDP connection works flawlessly every time.
Does netbird do anything special with connections on port 443?
The really weird thing is that it does work for some users (but sometimes not).
I have tested this registry change #730 on some users laptops and it seems to resolve the problem some of the time. I'm uncertain if that is a red herring because it didn't fix it 100% of the time.
I also tried changing some options in the /etc/sysconfig/netbird file on the router peer. Right now I've settled on these options:
NB_ICE_KEEP_ALIVE_INTERVAL_SEC=15
NB_ICE_DISCONNECTED_TIMEOUT_SEC=45
NB_ICE_FORCE_RELAY_CONN=false
Grasping at straws at this point.