Where is the client IP address stored in RDP?
In RDP 8.0, the client IP address is stored in a WTS_SOCKADDR structure. This differs from RDP 7.0 (the default RDP version in Windows 7 and Windows Server 2008 R2). In Windows 8 and Windows Server 2012 (and later versions of Windows), the code logic for logging this event is rewritten based on the new design.
Why is my client's IP address not showing up in RDP?
This issue occurs because of a code change in RDP 8.0. In RDP 8.0, the client IP address is stored in a WTS_SOCKADDR structure. This differs from RDP 7.0 (the default RDP version in Windows 7 and Windows Server 2008 R2).
What ports do I need for remote access?
Transmission Control Protocol (TCP) destination port 443, and TCP source port 443 outbound. When the Remote Access server has a single network adapter, and the network location server is on the Remote Access server, then TCP port 62000 is also required. Apply these exemptions only for the address to which the external name of the server resolves.
What ports are required for IP IP-HTTPS traffic?
IP-HTTPS traffic Transmission Control Protocol (TCP) destination port 443, and TCP source port 443 outbound. When the Remote Access server has a single network adapter, and the network location server is on the Remote Access server, then TCP port 62000 is also required.
message: remote access client IP address and port were changed
So far only one user has been complaining about this error. She is running Windows7 64-bit with Endpoint Connect R73. My GateWay is ClusterXL R70.20, Check Point UTM-1 appliance, active/standby config. Other users with Endpoint Connect R73 for 64 bit havent complained. She is a home worker using Verizon Fios.
Re: message: remote access client IP address and port were changed
So far no success on this, however Check Point support suggests an issue with the user's router, where its disconnecting and connecting back using a different port and hence the firewall drops the connection. I am waiting for the user to call back to bypass the router and test connectivity.
How to join a remote server to a domain?
To join the Remote Access server to a domain. In Server Manager, click Local Server. In the details pane, click the link next to Computer name. In the System Properties dialog box, click the Computer Name tab, and then click Change.
What happens when you configure a website on a remote server?
If the network location server website is located on the Remote Access server, a website will be created automatically when you configure Remote Access and it is bound to the server certificate that you provide. There are two certificate options for the network location server certificate: Private. Note.
What are DirectAccess settings?
The DirectAccess settings that are contained in the client computer Group Policy Object are applied only to computers that are members of the security groups that you specify when configuring Remote Access.
How many Group Policy Objects are required for remote access?
To deploy Remote Access, you require a minimum of two Group Policy Objects. One Group Policy Object contains settings for the Remote Access server, and one contains settings for DirectAccess client computers. When you configure Remote Access, the wizard automatically creates the required Group Policy Objects.
What domain is Remote Access Server?
The Remote Access server and all DirectAccess client computers must be joined to an Active Directory domain . DirectAccess client computers must be a member of one of the following domain types:
How to change the name of my computer?
On the Start screen, type explorer.exe, and then press ENTER. Right-click the Computer icon, and then click Properties. On the System page, click Advanced system settings. In the System Properties dialog box, on the Computer Name tab, click Change.
What port is TCP port 443?
Transmission Control Protocol (TCP) destination port 443, and TCP source port 443 outbound. When the Remote Access server has a single network adapter, and the network location server is on the Remote Access server, then TCP port 62000 is also required.
Symptoms
Assume that the Remote Desktop Protocol (RDP) 8.0 update for Windows 7 and Windows Server 2008 R2 (KB2592687) is installed and enabled through policy settings. When a user's remote desktop logs on to that computer, security event ID 4624 is logged and shows an invalid client IP address and port number, as follows:
Cause
This issue occurs because of a code change in RDP 8.0. In RDP 8.0, the client IP address is stored in a WTS_SOCKADDR structure. This differs from RDP 7.0 (the default RDP version in Windows 7 and Windows Server 2008 R2).
Resolution
To resolve this issue, upgrade the RDP target computer to Windows 8 or Windows Server 2012 (or later). Or, disable RDP 8.0 in Windows 7 or Windows Server 2008 R2.
More information
You may also encounter this issue if you're using a third-party RDP component to log on to Windows 7 or Windows Server 2008 R2 when that third-party component uses the same WTS_SOCKADDR structure. In this situation, consider upgrading the OS, or contact the component provider for assistance.
