i want to connect via RDP

Dear Gohar Ali Shahzad,

Thank you for giving your question to us.

Since the connection was functional prior to your system reset, the issue likely stems from local configuration changes, firewall state resets on the host, or a change in the network handshake.

1. Verify Basic Connectivity

Before adjusting RDP settings, ensure the server is reachable at the network layer. Open Command Prompt or PowerShell and execute:

ping [Your_Server_IP]

If it fails: Your server may be offline or the Windows Firewall is blocking ICMP packets. Log in via the Contabo VNC Web Console (found in your Contabo Customer Control Panel) to check the server status.

If it succeeds: The network route is clear, and the issue is specific to the RDP service or authentication.

2. Validate Remote Desktop Services (Host Side)

Access your server via the VNC Console and ensure the following settings were not reverted during your system reset:

Service Status: Ensure the "Remote Desktop Services" is running.

Allow Connections: Navigate to Settings > System > Remote Desktop and verify that "Enable Remote Desktop" is toggled On.

Network Level Authentication (NLA): If your local client has changed, try toggling "Require computers to use Network Level Authentication to connect" to Off temporarily to test compatibility.

3. Firewall and Port Configuration

The default RDP port is 3389. A system reset often restores default firewall rules that may block this traffic.

On the Server: Run the following command in PowerShell (Admin) to ensure the port is open:

New-NetFirewallRule -DisplayName "Allow RDP" -Direction Inbound -LocalPort 3389 -Protocol TCP -Action Allow

On your Local PC: Ensure your ISP or local router hasn't flagged the connection to a US-based IP as suspicious.

If you find the answer useful, please mark it as the "Accepted Answer" so other members can find the solution easily. Your help in supporting the community is much appreciated!
Best regards,
Scott Nguyen

Use the following checks and steps on the remote Windows system and on the local PC.

1. Verify the remote PC is reachable

• Make sure the remote server/VM is actually running (powered on and not in a failed state).
• Try to ping or otherwise reach the server by name and by IP. If name fails, try the IP directly in Remote Desktop.

2. Confirm Remote Desktop is enabled on the remote system On the remote Windows machine (via console/host panel if needed):

• Ensure “Allow remote connections to this computer” is enabled in System Properties.
• Confirm the user account is allowed to connect (member of Remote Desktop Users or Administrators).

3. Check that the RDP listener is running On the remote machine (local/console session):
4. Open Command Prompt as administrator and run:

      qwinsta
   

   • There should be a line like:

          rdp-tcp                    65536 Listen
     

   • If rdp-tcp is in Listen state, the RDP listener is working; then focus on network/firewall.
5. If rdp-tcp is missing or not in Listen:
   • Check registry values:
     • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp → fEnableWinStation = 1.
     • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server → fDenyTSConnections = 0.
     • If policies are used: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services → fDenyTSConnections = 0.
   • Ensure services are running:
     • Remote Desktop Services (TermService)
     • Remote Desktop Services UserMode Port Redirector (UmRdpService)
6. Verify the RDP port and listener status On the remote machine:
7. Check that the RDP port (default 3389) is listening:

      netstat -a
   

   • There should be a TCP entry on port 3389 in LISTENING state.
8. From another machine, test connectivity to port 3389:

      telnet <server-name-or-ip> 3389
   

   • If connection fails, there is a network/firewall issue.
9. Check firewall rules on the remote machine On the remote Windows server/PC:

• Open wf.msc → Inbound Rules → ensure these are enabled for all profiles:
  • Remote Desktop - User Mode (TCP-In)
  • Remote Desktop - User Mode (UDP-In)
• Or run in elevated PowerShell:

    Get-NetFirewallRule -DisplayGroup "Remote Desktop" | Set-NetFirewallRule -Enabled True
  

• For testing only (re-enable later), firewall can be disabled:

    Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False
  

6. Check network security / upstream firewall

• If the server is in a hosting provider or cloud:
  • Ensure any Network Security Group (NSG) or external firewall allows inbound TCP 3389 to the server’s IP.
  • Confirm the public IP and DNS records point to the correct server.

7. Validate the RDP certificate and RDS roles (if still failing) On the remote machine:
8. Open MMC → Certificates snap-in for Computer account → Remote Desktop → Certificates.
9. Delete the RDP self-signed certificate.
10. Restart the Remote Desktop Services (TermService) service.
11. Confirm a new self-signed certificate is created.
12. If Remote Desktop Services roles are installed, remove unnecessary roles (for example, Connection Broker) and restart.
13. Client-side checks after local system reset On the local Windows PC that was reset:

• Ensure internet connectivity is working.
• Confirm the Remote Desktop client is installed and updated.
• If connecting by name fails, try the server’s IP.
• If prompted, verify credentials are correct and not cached incorrectly.

If all these checks pass and the RDP listener is in Listen state, but connection still fails, contact the hosting provider’s support to verify there is no provider-side blocking of RDP or networking issues.

References:

• Remote Desktop can't connect to the remote computer
• Remote Desktop disconnected or can't connect to remote computer or Remote Desktop server (Terminal Server) that is running Windows Server 2003
• Frequently asked questions about the Remote Desktop clients