Home Sitemap Feedback About... Print
Custom Search

TS + Citrix Troubleshooting

TS & Citrix FAQ - Connectivity

  1. How can I allow rdp connections from specific clients only?
  2. RDP connections from a Vista client freeze or disconnect after some minutes
  3. When I try to connect to a 2008 TS from my XP SP3 client via TS Web Access, I get an error: "ActiveX control not installed or not enabled."
  4. My Terminal Server does not respond after a reboot. How do I solve this?

Other FAQ sections: Installation | Server configuration | Client resources | User issues | Licensing | Printing | Connectivity | Profiles | Performance | Applications | Administration & Monitoring | More FAQS

Q: How can I allow rdp connections from specific clients only?
Last modified: October 28, 2007

A: You can limit the IP addresses from which rdp connections to your server are allowed in a couple of ways:

  1. your firewall device
    Most firewalls devices have the ability to only allow incoming traffic on port 3389 from specific IP addresses
  2. the Windows Firewall on your Terminal Server
    Modify the Remote Desktop Exception scope, to only include specific IP addresses
  3. IPSec
    You can use IPSec to limit which IP addresses can connect to your Terminal Server

Top of page | FAQ | Home

Q: RDP connections from a Vista client freeze or disconnect after some minutes
Last modified: October 6, 2007

A: The Next Generation TCP/IP stack in Windows Vista supports "Receive Window Auto-Tuning", which increases network throughput.
Some firewall devices don't handle this feature correctly. Check this article for a list of devices which are known to cause a problem and for methods to identify and solve the issue:

934430 - Network connectivity may fail when you try to use Windows Vista behind a firewall device

Top of page | FAQ | Home

Q: When I try to connect to a 2008 TS from my XP SP3 client via TS Web Access, I get an error: "ActiveX control not installed or not enabled."
Last modified: August 10, 2008

A: The rdp 6.1 client includes the ActiveX control which is required to connect through TS Web Access. Make sure that you have installed the rdp 6.1 client (version 60.6001.x).

On Windows Server 2008 and Vista SP1, you don't have to do anything else.
On Windows XP SP3, you have to enable the ActiveX control. Unfortunately, the ActiveX control will not appear in the "Manage Addons" list in IE7. As a workaround, you can enable it in the registry.
Start Regedit and delete the following keys: 

   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7390f3d8-0439-4c05-91e3-cf5cb290c3d0}
   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2}
The TS Web Access page should now load normally.

Top of page | FAQ | Home

Q: My Terminal Server does not respond after a reboot. How do I solve this?
Last modified: August 10, 2008

A: First of all, make sure that the server really performed a reboot (you can check this in the EventLog). If it didn't, and you tried to perform the reboot through a remote session, you are probably suffering of the issue described here:

930045 - A Windows Server 2003-based computer stops responding when you shut down the computer in a remote console session

But if the server did reboot, it could be that there is a race condition between the TermService service and TermDD. This happens sometimes when servers are patched or new software is installed and the startup sequence changes. When the TermService service starts up before TermDD, the listener seems to be working but it doesn't. The workaround for this is to add TermDD to the list of dependencies in 

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\DependOnService
so the list becomes RPCSS followed by TermDD.

You can remotely reboot the server from the command line with: 

   shutdown.exe /m \\RemoteServer /r /t 00 /f

Top of page | FAQ | Home

Copyright © 2002-2008 Vera Noest