Remote Desktop Protocol (RDP) version 8.0 has been released in Windows 8 and Windows Server 2012. When the UDP Connection Track is on timeout, the Firewall Connection Track blocks the client application communication over RDP 8.0 or higher.
By default, Deep Security Agent's network engine has a UDP timeout value of 10 seconds. Changing the timeout value to 20 seconds can resolve the issue.
To change the timeout value:
- On the affected Deep Security Agent or policy, go to Settings > Network Engine tab.
- Untick the Inherited checkbox.
- Set the UDP Timeout value to 20 seconds.
To prevent blocking the UPD traffic, add the following firewall rule:
- On the Deep Security Manager console, go to Policies or Computers tab.
- Navigate to Rules > Firewall Rules.
- Click New and select New Firewall Rule.
- Configure the firewall rule as follows:
- Name: RDP Protocol UDP Incoming
- Action Type: Force Allow
- Priority: 0 - Lowest
- Direction: Incoming
- Frame Type: IP
- Protocol: UDP
- Source IP: Any
- Source Port: 3389
- Destination IP: Any
- Destination Port: Any
Below are additional recommended settings that users may configure:
- Turn on the Tap mode to monitor if any RDP-related traffic is still blocked after applying the firewall rule above.
- On the Deep Security console, go to Computers.
- Navigate to Settings > Advanced.
- Under Network Engine Mode, select Tap.
- Log the UDP incoming traffic by activating the Enable stateful UDP logging option.